When would I use this?
Use this pipeline to investigate:
Unauthorized data access by an AI agent
Mis-approved financial actions taken autonomously
Anomalous tool calls outside an agent's declared policy
Every decision is cryptographically recorded — you can reconstruct exactly what happened, when, under which policy, and prove the record was not altered after the fact.
Unauthorized data access by an AI agent
Mis-approved financial actions taken autonomously
Anomalous tool calls outside an agent's declared policy
Every decision is cryptographically recorded — you can reconstruct exactly what happened, when, under which policy, and prove the record was not altered after the fact.
Section 1
From Request to Evidence (Gateway → Audit Chain)
Every agent request flows through the gateway and becomes a cryptographically chained, tamper-proof evidence record. Click any stage to see what data is captured at that point in the pipeline.
AI Agent
SDK / API client
click to inspect
Gateway
:8002
click to inspect
Policy Engine
ALLOW / DENY
click to inspect
Upstream API
e.g. OpenAI
click to inspect
Audit Writer
async worker
click to inspect
PostgreSQL
append-only + RLS
click to inspect
HMAC Chain
entry_hash = HMAC-SHA256
click to inspect
Decision
DENY / ERROR
click to inspect
ℹ️ Select a stage above to inspect its data
agent_id
endpoint
method
decision
entry_hash
prev_hash
latency_ms
cost_estimate_usd
Section 2
AuditLog Schema — Evidence Record
Each row is a forensic evidence record used for incident reconstruction and regulatory response. Every field below is captured on every enforcement decision — allow, deny, or error.
Identity
agent_id
uuid · NOT NULL
agt_8f2c1...
user_id
uuid · nullable
usr_3a4d9...
agent_name
text
"billing-agent-v2"
Request
endpoint
text · NOT NULL
"/v1/chat/completions"
method
text
POST
created_at
timestamptz · DEFAULT now()
2026-04-08T14:23:07Z
Decision
decision
enum · NOT NULL
ALLOW
deny_reason
text · nullable
"rate_limit_exceeded"
status_code
int
200 / 403
Performance
latency_ms
int · not null
12
upstream_latency_ms
int · metadata
847
Cost
cost_estimate_usd
numeric(10,6)
0.002340
token_count
int
1847
Chain Integrity
entry_hash
text · NOT NULL
a3f9b2c...
prev_hash
text · nullable
d84e1fa...
Policy
policy_version
int · Policy snapshot ID at decision time
3
deny_rule_id
text · Exact rule that denied access
"rate_limit_exceeded"
Section 3
Chain Integrity Verification (How Auditors Prove No Tampering)
Each audit entry includes its own HMAC-SHA256 hash computed over the full payload plus the previous entry's hash — forming an immutable linked chain. Tampering with any entry breaks all subsequent hashes. Any auditor can independently recompute the chain and confirm it has not been altered.
#001
GENESIS
prev_hash
0000000000000000
entry_hash
a3f9b2c4d1e8...
→
#002
ALLOW
prev_hash
a3f9b2c4d1e8...
entry_hash
d84e1fa7b5c2...
→
#003
DENY
prev_hash
d84e1fa7b5c2...
entry_hash
9e2c6f3a8b41...
→
#004
ALLOW
prev_hash
9e2c6f3a8b41...
entry_hash
c17d4e9f2a5b...
→
#005
ALLOW
prev_hash
c17d4e9f2a5b...
entry_hash
7b3a8f1d9c6e...
📄 Chain-of-Custody Certificate
Every exported report (JSON and CSV) includes a chain-of-custody certificate that proves the forensic data came from AI Identity and has not been altered after export. The gateway signs a compact summary — report ID, generation timestamp, chain verification status, and entry counts — with the same HMAC key used for the audit chain, producing a report_signature that travels with the export. Any recipient can independently recompute that summary and verify the signature, confirming both the integrity of the underlying hash chain and the authenticity of the export itself.
# Verify a forensics report export hasn't been tampered with import hmac, hashlib, json def verify_report_signature( secret_key: bytes, report_id: str, generated_at: str, # ISO 8601 UTC chain_valid: bool, total_entries: int, entries_verified: int, signature_hex: str, ) -> bool: payload = { "entries_verified": entries_verified, "chain_valid": chain_valid, "generated_at": generated_at, "report_id": report_id, "total_entries": total_entries, } msg = json.dumps(payload, sort_keys=True, separators=(",", ":")) expected = hmac.new(secret_key, msg.encode(), hashlib.sha256).hexdigest() return hmac.compare_digest(expected, signature_hex)
Section 4
Competitive Comparison — Forensics Capabilities
Most IAM and AI governance tools stop at "logs." AI Identity adds cryptographic identity, tamper-evident chains, and signed chain-of-custody exports — capabilities no competing platform ships today.
| Capability | AI Identity | Opal | Valence | Cognition |
|---|---|---|---|---|
| Cryptographic agent identity | ✅ | ✗ | ✗ | ✗ |
| Tamper-evident audit chain | ✅ | ✗ | ✗ | ✗ |
| Fail-closed proxy gateway | ✅ | ✗ | ✗ | ✗ |
| Independent chain verification | ✅ | ✗ | ✗ | ✗ |
| Decision replay / audit query | ⚠ partial (timeline & policy-aware filters) | ✗ | ✗ | ✗ |
| Policy snapshot per entry | ✅ | ✗ | ✗ | ✗ |
| Signed export certificate | ✅ | ✗ | ✗ | ✗ |
See it live in under 5 minutes
Sign up, register an agent, and watch every decision appear in your tamper-proof audit trail — free tier included.
1
Sign Up
Create your account and get your organization API key — no credit card required.
→
2
Register an Agent
Create an agent identity and point your AI traffic through the gateway proxy.
→
3
See Your Audit Trail
Every decision is cryptographically chained. Verify, export, and prove what happened.