Ai Governance WeekUpdated 2026-03-26

Every Governance Decision, Provable

Deep dive into proof chains — SHA-256 hash-linked, Ed25519 signed audit trails that make every AI governance decision tamper-evident and verifiable.

Every Governance Decision, Provable

AI Governance Week — Day 3

Your AI agent just accessed a production database. Who approved it? When? Based on what trust score? And can you prove that record hasn't been altered since?

If you can't answer all four questions with cryptographic certainty, you don't have governance — you have logging.

What Is a Proof Chain?

A proof chain is a sequence of governance records where each entry is:

SHA-256 hashed — the full record (action, decision, timestamp, trust score, metadata) is hashed into a fixed-length digest
Hash-linked — each record includes the hash of the previous record, creating a chain where tampering with any single entry breaks every subsequent hash
Ed25519 signed — each record is digitally signed, proving it was created by an authorized governance engine and hasn't been modified

This is the same integrity model used in certificate transparency logs and blockchain systems, applied specifically to AI governance decisions.

  Record N-1              Record N                Record N+1
  +-----------+           +-----------+           +-----------+
  | action    |           | action    |           | action    |
  | decision  |           | decision  |           | decision  |
  | timestamp |           | timestamp |           | timestamp |
  | score     |           | score     |           | score     |
  | prevHash ----+   +--> | prevHash ----+   +--> | prevHash  |
  | hash      |  |   |   | hash      |  |   |   | hash      |
  | signature |  +---+   | signature |  +---+   | signature |
  +-----------+           +-----------+           +-----------+

Change a single byte in Record N — the decision, the trust score, even a timestamp — and Record N+1's prevHash no longer matches. The chain breaks. The tampering is detected.

Why Tamper-Evidence Matters for AI Agents

Traditional software runs deterministically. AI agents don't. They make decisions based on probabilistic models, shifting context, and evolving trust profiles. This creates three problems that tamper-evident proof chains solve:

1. Regulatory Accountability

The EU AI Act (Article 12) and NIST AI RMF (Govern 1.2) both require audit trails for high-risk AI systems. A standard log file doesn't cut it — logs can be silently edited. A proof chain provides cryptographic evidence that records are complete and unmodified.

2. Incident Forensics

When an AI agent causes an incident, you need to reconstruct the exact sequence of governance decisions that led to it. Proof chains guarantee that the forensic record is the same record that existed at the time of the incident, not a post-hoc revision.

3. Cross-Organization Trust

When agents from different organizations interact, neither party can trust the other's logs. A signed proof chain provides independently verifiable evidence of governance decisions — no mutual trust required.

How Proof Chains Work in Vorion

Every governance decision in the Vorion stack — whether made by the local ATSF trust engine or the Cognigate enforcement API — produces a proof record that is chained and signed.

Recording a Proof Event

import { ProofPlane } from '@vorionsys/proof-plane';

const proof = new ProofPlane({ enableSignatures: true });
await proof.recordEvent({
  entityId: 'agent-001',
  action: 'access:production-db',
  decision: 'ALLOWED',
  trustScore: 782,
  tier: 'T4',
});
// Every entry hash-linked to the previous. Tamper one → chain breaks.

The ProofPlane handles hashing, linking, and signing automatically. Each call to recordEvent produces a record that includes:

The full event payload (entity, action, decision, score, tier)
A SHA-256 hash of the record contents
The hash of the previous record in the chain
An Ed25519 signature over the complete record

Verifying Chain Integrity

// Verify the entire chain for an entity
const verification = await proof.verifyChain('agent-001');

console.log('Chain valid:', verification.valid);
console.log('Records verified:', verification.recordCount);
console.log('First record:', verification.firstTimestamp);
console.log('Last record:', verification.lastTimestamp);

if (!verification.valid) {
  console.log('Broken at record:', verification.brokenAtIndex);
  console.log('Expected hash:', verification.expectedHash);
  console.log('Actual hash:', verification.actualHash);
}

Querying Proof Records

// Query proof records with filters
const records = await proof.query({
  entityId: 'agent-001',
  fromDate: new Date('2026-03-01'),
  toDate: new Date('2026-03-26'),
  decisions: ['ALLOWED', 'DENIED'],
  minTrustScore: 500,
  pageSize: 100,
});

for (const record of records.items) {
  console.log(
    `${record.timestamp} | ${record.action} | ${record.decision} | ` +
    `Score: ${record.trustScore} | Hash: ${record.hash.slice(0, 12)}...`
  );
}

Using the Cognigate API

If you're using the Cognigate cloud service, proof records are created automatically for every governance decision:

import { Cognigate } from '@vorionsys/cognigate';

const client = new Cognigate({ apiKey: process.env.COGNIGATE_API_KEY! });

// Every evaluate() call automatically creates a proof record
const { result } = await client.governance.evaluate(
  'agent-001',
  'Read customer data from the sales database'
);

// Query proof records via the API
const proofs = await client.proofs.list('agent-001', {
  from: new Date('2026-03-01'),
  pageSize: 50,
});

// Verify chain integrity via the API
const verification = await client.proofs.verify('agent-001');
console.log('Chain valid:', verification.valid);

The Proof Record Schema

Every proof record contains these fields:

| Field | Type | Description | |-------|------|-------------| | id | string | Unique record identifier (UUID v4) | | entityId | string | The agent that triggered the governance decision | | action | string | The action that was evaluated | | decision | enum | ALLOWED, DENIED, ESCALATED, or DEGRADED | | trustScore | number | Agent's trust score at decision time (0--1000) | | tier | string | Agent's trust tier at decision time (T0--T7) | | reasoning | string | Why the decision was made | | timestamp | ISO 8601 | When the decision occurred | | prevHash | string | SHA-256 hash of the previous record | | hash | string | SHA-256 hash of this record | | signature | string | Ed25519 signature over the record |

Try It Live

See proof chains in action with an interactive demo that lets you create governance events, tamper with records, and watch the chain detect the modification in real time.

Launch the Proof Chain Demo →

Next Steps

SDK Quickstart — Install the trust engine and start recording proof events
Governance Pipeline — Understand the full CAR > INTENT > ENFORCE > PROOF flow
From Zero to Governed Agent in 60 Seconds — Drop governance into your existing agent stack

All Documentation