The EventStore
Tamper-Proof by Architecture
Every agent action is recorded in an append-only EventStore secured by an HMAC-SHA256 chain. Each record is cryptographically signed at write time and linked to the previous. A single tampered entry breaks the chain — and that break is immediate, detectable, and irrefutable.
Intent
TOOL_CALL_INTENDED
hmac: 7f3a…c2d1
→
Execution
Tool Call Result
hmac: a1b8…9e4f
→
Decision
Action Taken
hmac: d4c2…6b8a
→
Sealed
Record Committed
hmac: 2e7f…1a3d
Completeness
TOOL_CALL_INTENDED written before every execution. Intent is recorded even if the action never completes.
Authenticity
HMAC-SHA256 signatures computed at write time. Independently verifiable without application access.
Non-repudiation
Every record carries agent identity, operator identity, and timestamp. Multi-party accountability is structural.
Integrity
Append-only at database level. No update. No delete. Chain break = immediate violation detection.