Every action your AI agent takes,
gets a tamper-proof receipt.
A receipt nobody can fake, edit, or delete. Anyone can check the receipts on their own laptop, without an account and without trusting us.
EU AI Act, Article 12
High-risk AI systems
must keep tamper-proof records.
Enforcement begins August 2, 2026.
Article 12 says every high-risk AI system has to keep a record of what it did, automatically, for the whole time it is in use. Fines for getting it wrong go up to 15 million EUR or 3% of global revenue, whichever is higher.
A plain log file is not enough. The record has to hold up when a regulator picks it apart, when opposing counsel reads it in court, or when an insurer is looking for a reason to deny a claim. It has to be checkable by them, not by us.
- Hospital AI scribes. HIPAA event integrity, malpractice discovery.
- Bank voice loan agents. OCC and CFPB review of what the model told the borrower.
- Insurance FNOL bots. Caller disputes the words. Replay the signed chain.
- EU enterprise risk, government. NIST AI RMF, Article 12, internal audit.
until Article 12 enforcement, 2026-08-02 UTC
Three steps.
One file.
Drop Provedex in next to your agent. It writes a receipt for every action. Hand the file to anyone who asks. They check it themselves, on their own machine, without calling us.
- 01
Record
Every time your agent says, does, or decides something, Provedex writes a receipt for it. Each receipt is locked to the one before it, in order.
- 02
Share
Send the file of receipts to anyone: a regulator, a customer, a lawyer, an auditor. They do not need an account with us to open it.
- 03
Check
They open the file on a laptop. If anything was changed after the fact, every receipt after the change lights up red. Ten thousand receipts check in about a second.
Fast enough to leave on.
Writing a receipt has to be cheap enough that you keep it on for every single action. Checking has to be fast enough that a regulator can run it on a laptop in the room. Measured on an ordinary machine, no tricks.
- time to write a receipt
- 3.8 ms
- receipts per second
- 261 /sec
- time to check 10,000 receipts
- 1 ms
- size of one receipt
- 320 bytes
added to each agent action
per signer, single machine
on a laptop, no network
plain text file, no database
Tamper with one receipt.
Watch every receipt after it break.
Real receipts, written live in your browser. Click any past action to change the words. Every receipt that came after lights up red. There is no way to hide a single edit.
Click any past event to flip its body. The verifier re-hashes the chain and the break cascades to every event after it.
for engineers
The plain-English page
without the analogies.
Sealing
Every event is canonicalized (JCS), signed with Ed25519, and linked to the previous event by a SHA-256 hash of its canonical form. The output is a JSONL file. Append-only. About 3.8 ms per event on a commodity CPU.
Verifying
Ship the JSONL ledger and the Ed25519 public key. The standalone verifier walks the chain, re-hashes each event, and checks every signature. About 1 ms per 10,000 events on a single thread. Runs offline.
SDK
Rust core, with bindings for Python and TypeScript. One call:
ledger.seal(event). Stateless from the agent's point of
view, the ledger is the only state. Apache-2.0.
// every event is signed at emission
await ledger.seal({
kind: "utterance",
agent: "intake-bot",
body: caller.lastTurn,
});
// later, anyone can verify offline
$ provedex verify ledger.jsonl --key pub.key
ok 9,124 events chain intact signatures valid
Check it yourself.
No account. No trust required.
Provedex is open source. Try the demo with a sample file of receipts, or drop the SDK in next to your agent in an afternoon. If you ship AI into a regulated industry, we want to talk before Article 12 starts.
- License
- Apache-2.0
- SDK
- Rust, Python, TypeScript
- Verifier
- standalone CLI, 4.1 MB