When an agent makes a decision — classifies an email, posts an invoice, sends an outreach message — we write a row to the audit log. Each row contains the actor, tenant, action, inputs, outputs, and timestamp.
Then we compute row_hash = SHA256(prev_hash + row_content). Each row's hash depends on the row before it. To rewrite history, you'd have to recompute every hash forward in the chain — and our verify endpoint walks the whole chain looking for the first broken link.
This isn't novel cryptography. It's how git works. It's how blockchains work. It's how serious audit systems work. What's novel is that no other agentic AI platform ships it today.
# Row 1: agent decision
{
id: "evt_8a3f...",
actor: "agent.recruiter",
tenant: "cust_482",
action: "intro_sent",
prev_hash: "0000...0000",
row_hash: "f8b4...c91e" # SHA256(prev + content)
}
# Row 2: customer outcome
{
id: "evt_9b1c...",
actor: "outcome.ledger",
tenant: "cust_482",
action: "intro_accepted",
prev_hash: "f8b4...c91e", # ↑ row 1's hash
row_hash: "2e1a...883d"
}
# verify():
# 1. recompute SHA256 for each row
# 2. compare to stored row_hash
# 3. return first index where mismatch
# 4. if no mismatch → chain valid