AI agents are making real, consequential decisions — sending emails, calling APIs, modifying files. But when something goes wrong, there's no verifiable record of what the agent decided and why.
You can't prove what tools ran. You can't show an auditor what reasoning led to an action. You can't verify the chain of events offline.
What I built
Decision Passport stamps every agent event into a cryptographically linked append-only chain:
- Reasoning summary (with confidence score)
- Tool intent (before the call)
- Tool result (after the call)
When the session ends, you export a portable JSON bundle. Anyone can verify it offline — no API, no database, no external dependency.
Three integration patterns
Wrapper — explicit control, record each event manually
Middleware — automatic intercept, wraps tool calls transparently
Raw primitives — use the chain functions directly for custom integrations
The bundle format
json
{
"bundle_version": "1.4-openclaw-lite",
"passport_records": [...],
"manifest": {
"record_count": 3,
"chain_hash": "sha256:..."
}
}
Verification result: PASS or FAIL with per-check details.
Open source
Apache-2.0, TypeScript, 2-minute setup:
github.com/brigalss-a/decision-passport-openclaw-lite
Enterprise tier (execution claims, guard enforcement, replay protection) is in private development for regulated industries.
Feedback welcome — especially on the bundle format design.
---
Top comments (0)