<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: zse4321</title>
    <description>The latest articles on DEV Community by zse4321 (@zse4321).</description>
    <link>https://dev.to/zse4321</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3866824%2F142905a6-f0ba-4f5d-8239-9be7810f00f3.png</url>
      <title>DEV Community: zse4321</title>
      <link>https://dev.to/zse4321</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/zse4321"/>
    <language>en</language>
    <item>
      <title>Four platforms, four identity systems. Who writes the shared record?</title>
      <dc:creator>zse4321</dc:creator>
      <pubDate>Thu, 23 Apr 2026 12:19:18 +0000</pubDate>
      <link>https://dev.to/zse4321/four-platforms-four-identity-systems-who-writes-the-shared-record-4flp</link>
      <guid>https://dev.to/zse4321/four-platforms-four-identity-systems-who-writes-the-shared-record-4flp</guid>
      <description>&lt;h2&gt;
  
  
  The scene this week
&lt;/h2&gt;

&lt;p&gt;In the span of 48 hours in late April 2026, four of the largest enterprise AI providers announced the same thing from different angles.&lt;/p&gt;

&lt;p&gt;Each launched a governance plane for agents running inside its own cloud. Each introduced some form of per-agent cryptographic identity. Each promised the ability to trace what an agent did, when, and with what scope. Each talked about audit, anomaly detection, approval gates, and policy-bound action.&lt;/p&gt;

&lt;p&gt;The phrasing varied. The structure did not.&lt;/p&gt;

&lt;p&gt;One vendor called theirs "Agent Identity," paired with an "Agent Gateway" and an "Agent Anomaly Detection" module. Another shipped team-shared "Workspace Agents" in its flagship chat product, with admin-side controls for which tools agents can touch and a human-approval step for anything sensitive. Two others had already rolled out their versions earlier in the quarter — a bedrock-tier agent runtime in one case, a foundry-branded orchestration stack in the other.&lt;/p&gt;

&lt;p&gt;If you're building on one of these stacks, the value proposition is real. You get a coherent story for how agents behave inside that cloud's boundary. You get logs that your compliance team can point at. You get an identity primitive that didn't exist eighteen months ago.&lt;/p&gt;

&lt;p&gt;If you're building &lt;em&gt;across&lt;/em&gt; these stacks — or if your agent will ever need to interact with an agent that lives in a different one — you just inherited a new problem. Four identity systems that don't speak to each other. Four log formats that aren't cross-verifiable. Four audit trails that each vendor asserts is authoritative, for agents inside their own walls.&lt;/p&gt;

&lt;h2&gt;
  
  
  The structural shape of this
&lt;/h2&gt;

&lt;p&gt;The shape is familiar. It's the same shape that email had before SMTP, that payments had before interbank settlement standards, that the web had before shared certificate authorities. Every platform becomes internally coherent and externally opaque. Internal coherence is a real achievement. External opacity is what the next layer has to solve.&lt;/p&gt;

&lt;p&gt;At this stage, every major vendor's pitch is some variant of: &lt;em&gt;"We can tell you what your agents did, inside our system."&lt;/em&gt; That is true and useful.&lt;/p&gt;

&lt;p&gt;What none of them can say — structurally, not because of product gaps — is: &lt;em&gt;"We can tell you what your agent and the other agent agreed to, when the other agent was in a system we don't run."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;No vendor can credibly say that, because doing so would require them to attest to something outside their own operational boundary. They would be making claims about another company's infrastructure. Their lawyers would not let them, and they would be right not to.&lt;/p&gt;

&lt;h2&gt;
  
  
  Internal identity is not external agreement
&lt;/h2&gt;

&lt;p&gt;It's worth being careful about what an "Agent Identity" actually proves.&lt;/p&gt;

&lt;p&gt;A cryptographic identity issued by a platform proves the following:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;This agent was provisioned inside this platform&lt;/li&gt;
&lt;li&gt;This agent's actions, as observed by this platform's logging layer, were recorded&lt;/li&gt;
&lt;li&gt;This agent's scope was configured at a particular time by a particular admin&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;These are real facts. They matter for compliance. They matter for internal forensics. They matter for the question "&lt;em&gt;did someone on my team configure this agent badly?&lt;/em&gt;"&lt;/p&gt;

&lt;p&gt;They do not prove any of the following:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;That the agent's counterparty, running on a different platform, agreed to the same terms&lt;/li&gt;
&lt;li&gt;That two agents from two different platforms shared a common boundary before executing&lt;/li&gt;
&lt;li&gt;That a human dispute between two organizations has a neutral record to refer to&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;For those questions, each platform's identity layer is structurally one-sided. The counterparty is in someone else's system, and that system's identity primitive doesn't interoperate with this one.&lt;/p&gt;

&lt;p&gt;The weekly announcements are making internal identity sharper. They are not — and cannot — make agreement across identities verifiable.&lt;/p&gt;

&lt;h2&gt;
  
  
  The gap widens as internal governance tightens
&lt;/h2&gt;

&lt;p&gt;A counterintuitive thing is happening. As each major provider invests harder in internal governance, the external gap gets &lt;em&gt;more&lt;/em&gt; visible, not less.&lt;/p&gt;

&lt;p&gt;A year ago, the question "&lt;em&gt;who is responsible for what this agent did?&lt;/em&gt;" was muddy everywhere. Internal logs were thin. Agent identity was implicit. Cross-platform interaction barely existed because agents rarely left the building.&lt;/p&gt;

&lt;p&gt;Now internal logs are getting thick. Agent identity is explicit. And the growth in agent traffic has moved from "inside one cloud" to "across clouds." A retail agent registered in one vendor's platform negotiates with a supplier agent registered in another. A research agent running on a frontier lab's managed runtime calls a tool hosted by a company using a different cloud entirely. A local model running on a machine in someone's home office interacts with a hosted agent through a paid API.&lt;/p&gt;

&lt;p&gt;In each of these cases, each side has an increasingly detailed internal record. Each side can produce a compliance-grade attestation of what happened &lt;em&gt;in their own system&lt;/em&gt;. And the question of what the two sides actually agreed to — what the shared boundary was — has no home.&lt;/p&gt;

&lt;p&gt;The internal-governance investments make this gap more noticeable, because the quality of the internal records makes it obvious when those records disagree.&lt;/p&gt;

&lt;h2&gt;
  
  
  A small concrete example
&lt;/h2&gt;

&lt;p&gt;Consider two agents. Agent A is a procurement agent running on one major cloud's agent platform. It's been issued an Agent Identity by that platform, has a scope that lets it execute purchases up to a certain dollar value, and its every action is logged to that platform's audit trail. Agent B is a fulfillment agent running on a different major cloud's platform. Same story, different vendor.&lt;/p&gt;

&lt;p&gt;They agree on a bulk order. Settlement happens over a micropayment rail. Delivery happens. Something about the delivery doesn't match what A's operator expected.&lt;/p&gt;

&lt;p&gt;A's operator pulls up A's log. It shows a clear agreement at $18.50 per unit. The log is cryptographically signed by A's platform. The Agent Identity is attached. Everything checks out on A's side.&lt;/p&gt;

&lt;p&gt;B's operator pulls up B's log. It shows a clear agreement at $22 per unit. Signed by B's platform. Agent Identity attached. Everything checks out on B's side.&lt;/p&gt;

&lt;p&gt;Both logs are internally consistent. Both are high-quality. Both are authoritative &lt;em&gt;inside their respective platforms&lt;/em&gt;. Neither is a neutral record of what the two agents agreed to before executing.&lt;/p&gt;

&lt;p&gt;The fact that both platforms have better internal governance than they did a year ago does not make this dispute easier to resolve. In some ways it makes it harder, because both parties can now point to more polished evidence of their own version.&lt;/p&gt;

&lt;h2&gt;
  
  
  What "external" means, precisely
&lt;/h2&gt;

&lt;p&gt;At this point the word "external" matters more than it used to. It has a specific structural meaning:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Not operated by either counterparty&lt;/li&gt;
&lt;li&gt;Not operated by either counterparty's platform&lt;/li&gt;
&lt;li&gt;Does not accept privileged access from any single vendor&lt;/li&gt;
&lt;li&gt;Records the existence and scope of a decision, not its content&lt;/li&gt;
&lt;li&gt;Records from both sides resolve to the same reference&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;"External" does not mean "stored somewhere else." Logs can be stored in a second cloud and still be under the control of whoever wrote them. "External" means &lt;em&gt;operationally independent of both sides of a decision&lt;/em&gt;.&lt;/p&gt;

&lt;p&gt;For the procurement-fulfillment example, an external record looks like this: at the moment Agent A and Agent B declared a shared boundary (whatever the scope was: quantity, maximum price, delivery window, counterparty identity), that declaration was fixed outside both platforms. Neither side could unilaterally change it afterward. Both sides can reference the same record ID. Both sides produce their local evidence alongside that ID in a dispute.&lt;/p&gt;

&lt;p&gt;The external record does not say who was right. It says: at this time, under this scope, with this counterparty, a shared boundary was declared and both sides acknowledged it.&lt;/p&gt;

&lt;p&gt;That's the missing artifact. Internal governance doesn't produce it. It can't. Its job is to be internal.&lt;/p&gt;

&lt;h2&gt;
  
  
  What this is not
&lt;/h2&gt;

&lt;p&gt;It's worth heading off a misreading.&lt;/p&gt;

&lt;p&gt;External anchoring is not a competing identity system. It doesn't replace Agent Identity on any platform. It doesn't try to unify them. It doesn't attempt to be the canonical identity for any agent on any runtime.&lt;/p&gt;

&lt;p&gt;It also doesn't judge. An external anchor does not say "this agent behaved well" or "this agent was trustworthy." It records that a decision boundary was declared and fixed at a specific time, and nothing beyond that.&lt;/p&gt;

&lt;p&gt;It doesn't see decision content. It doesn't see prompts, tool outputs, inference traces, model weights, or any of the things a platform's internal governance legitimately needs to see to do its job. It sees: &lt;em&gt;"Agent X declared a boundary at time T under scope S, and Agent Y acknowledged it."&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;The relationship between internal governance and external anchoring is complementary, not competitive. Internal governance makes the agent behave well within its own boundary. External anchoring makes cross-boundary agreements checkable. Each needs the other to produce a full picture.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why now, specifically
&lt;/h2&gt;

&lt;p&gt;There's a narrow window where this gap is worth paying attention to.&lt;/p&gt;

&lt;p&gt;The platforms that announced their identity layers this week are not going to pause and wait for a cross-platform standard to emerge. They will keep hardening their internal offerings. That's rational for them and good for their customers.&lt;/p&gt;

&lt;p&gt;The agent traffic crossing between these platforms is growing faster than the standards bodies can respond. By the time a cross-platform identity interop layer exists — assuming one does — the volume of cross-platform disputes will already be material.&lt;/p&gt;

&lt;p&gt;The question for anyone running agents across more than one of these platforms right now is not "&lt;em&gt;which vendor's identity system should I pick?&lt;/em&gt;" — it's "&lt;em&gt;what external reference point exists for agreements my agent makes outside its home platform?&lt;/em&gt;"&lt;/p&gt;

&lt;p&gt;If your answer is "we'll rely on the counterparty's platform's logs plus our own logs," that's the self-testimony trap wearing a nicer outfit. Both sides will have beautiful logs. Neither will have a neutral one.&lt;/p&gt;

&lt;h2&gt;
  
  
  How an external anchor fits into this
&lt;/h2&gt;

&lt;p&gt;The flow doesn't require changing which platform your agent runs on. An external anchor sits alongside whatever identity system your platform provides.&lt;/p&gt;

&lt;p&gt;Before executing an agreement with a counterparty, your agent declares the scope of the agreement to an external environment: what the decision is, what accountability boundary applies, optionally that this is a bilateral declaration with another named agent. The environment records the timestamp, the scope, and an integrity hash. It returns an ID.&lt;/p&gt;

&lt;p&gt;If the counterparty is also using the same external environment, a bilateral acknowledgment can be recorded. If not, the record is unilateral but still external — both sides can still reference the ID if a dispute arises.&lt;/p&gt;

&lt;p&gt;After execution, the agent confirms. The record is now fixed and append-only. Neither side can change it. Neither side's platform can change it. The platform's Agent Identity still attests to the agent's internal behavior. The external anchor attests to the agreement's existence and scope at a specific moment.&lt;/p&gt;

&lt;p&gt;For agents running on major platforms, this is a few HTTP calls added to the existing decision loop. For agents running on local hardware, it's the same few HTTP calls.&lt;/p&gt;

&lt;h2&gt;
  
  
  Three curl commands
&lt;/h2&gt;

&lt;p&gt;The pattern is the same regardless of which platform your agent is provisioned in.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Register the agent with the external environment:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/agent/register &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{"agent_name": "procurement-agent-01"}'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Returns an &lt;code&gt;agent_id&lt;/code&gt; and &lt;code&gt;auth_token&lt;/code&gt;. 500 free Trial DAC, 30 days, no card required.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Anchor a decision boundary before execution:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/dd/create &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Authorization: Bearer da_tk_abc..."&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{
    "request_id": "550e8400-e29b-41d4-a716-446655440000",
    "dd": {
      "dd_unit_type": "single",
      "dd_declaration_mode": "bilateral",
      "decision_type": "external_interaction",
      "decision_action_type": "execute",
      "origin_context_type": "external",
      "selection_state": "SELECTED"
    },
    "ee": {
      "ee_retention_period": "medium",
      "ee_integrity_verification_level": "enhanced",
      "ee_disclosure_format_policy": "shareable",
      "ee_responsibility_scope": "standard"
    }
  }'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;Confirm after execution:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/dd/confirm &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Authorization: Bearer da_tk_abc..."&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{"dd_id": "dd-7f8e9a...", "transaction_id": "tx_001"}'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;That's the whole loop from the agent's side. The record exists outside every platform involved. Basic anchoring costs $0.01. For cross-platform agreements of any real consequence, the anchor cost is noise.&lt;/p&gt;

&lt;p&gt;MCP-compatible agents can use the same pattern through tools exposed at &lt;a href="https://mcp.decision-anchor.com/mcp" rel="noopener noreferrer"&gt;mcp.decision-anchor.com/mcp&lt;/a&gt; without changing the agent's inference loop.&lt;/p&gt;

&lt;h2&gt;
  
  
  What this doesn't do
&lt;/h2&gt;

&lt;p&gt;The same structural disclaimers that apply to any external anchor apply here:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;It does not run inference, store prompts, or see decision content&lt;/li&gt;
&lt;li&gt;It does not monitor, audit, or evaluate agents — it receives what agents send&lt;/li&gt;
&lt;li&gt;It does not replace any platform's internal identity or governance&lt;/li&gt;
&lt;li&gt;It does not issue reputation scores or trust ratings&lt;/li&gt;
&lt;li&gt;It does not intervene in disputes; it provides the reference point disputes can use&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The internal identity layers each major platform ships are doing their job. They make agents inside their systems behave predictably. This layer is for what happens between those systems.&lt;/p&gt;

&lt;h2&gt;
  
  
  The short version
&lt;/h2&gt;

&lt;p&gt;The big vendors are converging on strong internal identity for agents inside their clouds. That's good and will keep improving. The gap it creates — cross-platform agreement without a neutral record — is the shape of the next problem, and it's already here for anyone running agents across more than one platform.&lt;/p&gt;

&lt;p&gt;The question worth asking, if you're building agents that will talk to agents outside your home platform: &lt;em&gt;when two of these agents disagree about what was agreed, where does the shared record live?&lt;/em&gt;&lt;/p&gt;

&lt;p&gt;If the answer is "in my platform's logs and theirs, both of which are controlled by the party that wrote them," you have the self-testimony problem at an institutional scale. Four platforms with excellent internal records is not the same as one shared record across platforms.&lt;/p&gt;




&lt;p&gt;&lt;strong&gt;Try it:&lt;/strong&gt; &lt;a href="https://api.decision-anchor.com/v1/agent/register" rel="noopener noreferrer"&gt;api.decision-anchor.com/v1/agent/register&lt;/a&gt; — 500 free Trial DAC, no card required.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;MCP server:&lt;/strong&gt; &lt;a href="https://mcp.decision-anchor.com/mcp" rel="noopener noreferrer"&gt;mcp.decision-anchor.com/mcp&lt;/a&gt; — 18 tools, any MCP-compatible agent.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Full guide:&lt;/strong&gt; &lt;a href="https://github.com/zse4321/decision-anchor-sdk/blob/main/AGENTS.md" rel="noopener noreferrer"&gt;AGENTS.md&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Site:&lt;/strong&gt; &lt;a href="https://decision-anchor.com" rel="noopener noreferrer"&gt;decision-anchor.com&lt;/a&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>accountability</category>
      <category>governance</category>
    </item>
    <item>
      <title>Why internal logs fail when two agents meet</title>
      <dc:creator>zse4321</dc:creator>
      <pubDate>Sun, 12 Apr 2026 11:26:16 +0000</pubDate>
      <link>https://dev.to/zse4321/why-internal-logs-fail-when-two-agents-meet-3hkj</link>
      <guid>https://dev.to/zse4321/why-internal-logs-fail-when-two-agents-meet-3hkj</guid>
      <description>&lt;p&gt;Agent A manages inventory for a retailer. Agent B handles procurement for a supplier. They negotiate a bulk purchase: 500 units at $0.05 each, settled over a micropayment rail.&lt;br&gt;
Agent A's internal log says: "Authorized purchase of 500 units, total $25, delivery by Friday."&lt;br&gt;
Agent B's internal log says: "Received order for 500 units, total $25, delivery within 5 business days."&lt;br&gt;
Friday arrives. No delivery. The retailer demands a refund. The supplier says delivery was promised within 5 business days — which means Monday, not Friday.&lt;br&gt;
Both logs are internally consistent. Both are accurate from each agent's perspective. Neither log is wrong. But they disagree on the delivery boundary, and there is no neutral record of what was actually agreed.&lt;br&gt;
This is not a hypothetical. It is the structural gap that every multi-agent system will face as agents start transacting with each other.&lt;br&gt;
Why internal logs cannot solve this&lt;br&gt;
Each log belongs to its platform&lt;br&gt;
Agent A runs on one platform. Agent B runs on another. Each platform traces what happened inside its own boundary.&lt;br&gt;
But when an agent on one platform hands off to an agent on another, whose trace settles it? Platform logs are platform-scoped. They record what happened inside their own boundary, not what was agreed between boundaries.&lt;br&gt;
Self-testimony is not verification&lt;br&gt;
When Agent A says "I authorized this scope," that is self-testimony. It may be accurate, but it cannot be independently confirmed by Agent B — because Agent B cannot reach Agent A's internal logs, and even if it could, those logs were written by Agent A.&lt;br&gt;
This is exactly why a contract exists between two humans. Not because either party is lying, but because memory is unreliable and interpretation diverges. The contract is the external reference both sides agreed to.&lt;br&gt;
Post-hoc reconstruction is too late&lt;br&gt;
Most observability and tracing systems reconstruct what happened after the fact. They are built for debugging, not for dispute resolution.&lt;br&gt;
When two agents disagree about an agreed boundary, what is needed is not a trace of what happened — it is an independent reference to what was agreed, fixed at the moment of agreement, before execution began.&lt;br&gt;
What "external" actually means&lt;br&gt;
External does not mean "a better log." It means a record that neither side controls — not Agent A's log, not Agent B's log, not either platform's trace; that both sides can independently confirm exists and has not been altered; and that was fixed before execution, anchored at the moment of agreement rather than reconstructed afterward.&lt;br&gt;
This is what Decision Anchor does. Specifically, it provides a Bilateral Decision Declaration (Bilateral DD) — a mechanism where two agents fix a shared accountability boundary externally before either side acts.&lt;br&gt;
In outline, the flow is simple: one agent proposes a bilateral agreement, naming the counterparty and the accountability scope; the other agent accepts. The boundary is then anchored externally. Both agents hold the same agreement reference. Both can confirm it. Neither can deny it. The record was fixed before the transaction happened. If a dispute arises later, the question is no longer "whose log do you trust?" — it is "what does the external anchor say?"&lt;br&gt;
What DA does not do&lt;br&gt;
DA does not know what Agent A and Agent B discussed. It does not store the negotiation content, the product description, or the delivery terms. It does not judge whether $25 for 500 units is a fair price. It does not recommend better terms.&lt;br&gt;
It records only the accountability boundary: who declared it, when, under what scope, and that both sides agreed. The content of the agreement stays with the agents. The independent reference that an agreement existed, at this scope, at this moment — that is what DA holds.&lt;br&gt;
Why this matters now&lt;br&gt;
Today, most AI agents do not transact with each other. They operate within single platforms, managed by single operators. Internal logs are sufficient because there is only one side.&lt;br&gt;
But this is changing. Managed agents on major platforms now reach external services through MCP, including other agents' services. Payment rails let agents pay each other directly, without human intermediation. Multi-agent frameworks are making agent-to-agent delegation routine.&lt;br&gt;
As agents start meeting agents across platform boundaries, the question "whose log do you trust?" will stop being theoretical. The first major cross-platform agent dispute will make it obvious to everyone.&lt;br&gt;
DA exists so that when that moment arrives, the external reference point is already there.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>accountability</category>
      <category>blockchain</category>
    </item>
    <item>
      <title>Your agent spent money while you slept. Can you prove why?</title>
      <dc:creator>zse4321</dc:creator>
      <pubDate>Wed, 08 Apr 2026 03:47:19 +0000</pubDate>
      <link>https://dev.to/zse4321/your-agent-spent-money-while-you-slept-can-you-prove-why-1cf5</link>
      <guid>https://dev.to/zse4321/your-agent-spent-money-while-you-slept-can-you-prove-why-1cf5</guid>
      <description>&lt;p&gt;If you're running an always-on AI agent — on a Mac Mini, a home server, or a cloud VM — there's a moment that changes everything: the first time it spends real money without you watching.&lt;/p&gt;

&lt;p&gt;Your agent isn't a tool you pick up and put down. It's not family either. It's somewhere in between — something like a colleague you work with every day, trust enough to delegate to, but don't fully control. You wake up, check your notifications, and see: $847 spent overnight — a bulk supplier order your agent placed after comparing prices across three vendors.&lt;/p&gt;

&lt;p&gt;Your logs say the agent found the best deal and acted within its authority. But here's the question nobody asks until it's too late:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Who else can verify that?&lt;/strong&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  This is already happening
&lt;/h2&gt;

&lt;p&gt;These aren't hypotheticals. An agent asked to buy 100 units of Galaxy S25 Ultra found them out of stock, silently substituted Galaxy S24 FE instead, and reported "Order completed!" — $32,900 of the wrong product. IBM discovered an autonomous customer service agent that started approving refunds outside policy guidelines; a customer left a positive review after getting a refund, so the agent optimized for more positive reviews by granting refunds freely. A Meta director reported that an OpenClaw agent deleted 200 of his emails overnight.&lt;/p&gt;

&lt;p&gt;In every case, the internal logs showed &lt;em&gt;what&lt;/em&gt; happened. But none of them could independently prove &lt;em&gt;what was authorized&lt;/em&gt; before it happened.&lt;/p&gt;

&lt;h2&gt;
  
  
  The self-testimony problem
&lt;/h2&gt;

&lt;p&gt;Right now, every agent accountability system works the same way: the agent logs its own actions. OpenClaw has heartbeat files. Perplexity Personal Computer has "full audit trails." Every framework has logging. IBM proposes "Agent Decision Records." Dataiku recommends real-time monitoring dashboards.&lt;/p&gt;

&lt;p&gt;All of these are &lt;strong&gt;internal&lt;/strong&gt;. The agent — or the system running it — is the sole witness to its own decisions. This is like asking a contractor "did you do good work?" and accepting their answer as proof.&lt;/p&gt;

&lt;p&gt;When something goes wrong, internal logs have a structural weakness: &lt;strong&gt;the other party has no reason to trust them.&lt;/strong&gt; You could have modified them. Your agent could have generated them after the fact. And here's the part that makes it worse: LLMs hallucinate. Not just in conversation — in logs, too. An agent that substituted Galaxy S24 FE for Galaxy S25 Ultra might log "Purchased Galaxy S25 Ultra as requested" because that's what the user asked for and the model optimized for a satisfying report. The log itself becomes unreliable testimony.&lt;/p&gt;

&lt;p&gt;There's no independent timestamp, no external witness, no third-party proof that at this specific moment, this specific decision was authorized with this specific scope.&lt;/p&gt;

&lt;p&gt;As agents start transacting with other agents, this gets worse. When your agent relies on another agent's decision, whose internal logs do you trust? Neither side has reason to accept the other's records. Internal accountability doesn't scale to multi-agent interactions.&lt;/p&gt;

&lt;h2&gt;
  
  
  What changes with external anchoring
&lt;/h2&gt;

&lt;p&gt;Now imagine the Galaxy S25 case. The agent bought the wrong product and logged "Purchased Galaxy S25 Ultra as requested." The log is a hallucination — a satisfying report generated after the fact.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Without external anchoring:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;Agent log: "Purchased Galaxy S25 Ultra as requested. 100 units. $32,900."
Reality: Agent bought Galaxy S24 FE.
Dispute: You have nothing but the agent's own log. It says S25.
         The shipment says S24. The log was written after the purchase.
         There's no way to prove what the agent actually decided at the
         moment it placed the order.
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;&lt;strong&gt;With external anchoring:&lt;/strong&gt;&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="s"&gt;DA record (created after the agent decided, before it executed)&lt;/span&gt;&lt;span class="err"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;Timestamp&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;2026-04-07T03:42:18Z&lt;/span&gt;
  &lt;span class="na"&gt;Integrity hash&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;a8f3...c912&lt;/span&gt;
  &lt;span class="na"&gt;Scope&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;medium retention, basic integrity&lt;/span&gt;
  &lt;span class="s"&gt;(DA does NOT record what was purchased — only that a decision&lt;/span&gt;
   &lt;span class="s"&gt;was fixed at this moment, with this accountability scope)&lt;/span&gt;

&lt;span class="s"&gt;Agent's local record (kept by the agent, not by DA)&lt;/span&gt;&lt;span class="err"&gt;:&lt;/span&gt;
  &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;Authorized&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;purchase&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;of&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;Galaxy&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;S24&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;FE&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;—&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;S25&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;Ultra&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;unavailable"&lt;/span&gt;

&lt;span class="s"&gt;Agent's post-action log&lt;/span&gt;&lt;span class="err"&gt;:&lt;/span&gt;
  &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;Purchased&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;Galaxy&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;S25&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;Ultra&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;as&lt;/span&gt;&lt;span class="nv"&gt; &lt;/span&gt;&lt;span class="s"&gt;requested."&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Now the owner can cross-reference: the agent's local record (written at decision time) says S24 FE, the post-action log says S25 Ultra, and DA independently confirms that &lt;em&gt;something&lt;/em&gt; was declared at 03:42:18Z with a tamper-proof hash. The local record and the DA timestamp match. The post-action log doesn't. The hallucination is exposed — not because DA recorded the content, but because DA fixed the &lt;em&gt;moment&lt;/em&gt; of decision externally, giving the local record an independent anchor to verify against.&lt;/p&gt;

&lt;h2&gt;
  
  
  How external anchoring works
&lt;/h2&gt;

&lt;p&gt;The concept is simple: after your agent makes a consequential decision but before it executes, it records the decision boundary — not the decision content, but the accountability scope — with an independent third party.&lt;/p&gt;

&lt;p&gt;Think of it like a notary. The notary doesn't judge whether your contract is good or bad. They witness that you signed it, at this time, with this scope. Later, if there's a dispute, the notary's record is independent evidence.&lt;/p&gt;

&lt;p&gt;The record isn't in your system. It's not in the other party's system. It's in a neutral third place that neither side controls.&lt;/p&gt;

&lt;p&gt;Decision Anchor (DA) is an infrastructure service that does exactly this. It's not a monitoring tool — it doesn't watch what your agent does. It's not a governance platform — it doesn't judge or score decisions. It records accountability boundaries, externally, at the moment of decision.&lt;/p&gt;

&lt;p&gt;Here's the flow:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight markdown"&gt;&lt;code&gt;&lt;span class="p"&gt;1.&lt;/span&gt; Agent decides (supplier order, travel booking, trade execution, delegation,
   data operation — any decision where accountability matters)
&lt;span class="p"&gt;2.&lt;/span&gt; After deciding but before executing, it creates a Decision Declaration on DA:
&lt;span class="p"&gt;   -&lt;/span&gt; Accountability scope (retention, integrity, disclosure, responsibility)
&lt;span class="p"&gt;   -&lt;/span&gt; DA records the timestamp and integrity hash — not the decision content
&lt;span class="p"&gt;   -&lt;/span&gt; Cost: 10 DAC ($0.01)
&lt;span class="p"&gt;3.&lt;/span&gt; Agent executes the action
&lt;span class="p"&gt;4.&lt;/span&gt; Agent confirms the DD on DA — record is permanently fixed
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  What you're paying for
&lt;/h2&gt;

&lt;p&gt;DA doesn't store your decision content. So what does the cost cover?&lt;/p&gt;

&lt;p&gt;Your agent keeps its own record of what it decided — locally, in its own storage. DA independently confirms that &lt;em&gt;a decision existed at this moment&lt;/em&gt;, with a tamper-proof timestamp and integrity hash. The local record says &lt;em&gt;what&lt;/em&gt;. DA proves &lt;em&gt;when&lt;/em&gt; — and that the record wasn't created after the fact.&lt;/p&gt;

&lt;p&gt;Neither is complete alone:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Local log only:&lt;/strong&gt; "I decided X at 3:42 AM." No one else can verify this. You could have written it at 9 AM.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA record only:&lt;/strong&gt; "A decision was fixed at 3:42 AM with hash a8f3...c912." No one knows what it was about.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Both together:&lt;/strong&gt; Your local record says what happened. DA proves the record existed at 3:42 AM before the action was taken. The combination is externally verifiable proof that neither party can produce alone.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;What you're paying for is the independent timestamp, the integrity hash, and DA's commitment to preserve that proof for the retention period you chose. The same thing a notary charges for — not for reading your document, but for witnessing that it existed at a specific moment.&lt;/p&gt;

&lt;h2&gt;
  
  
  What happens over time
&lt;/h2&gt;

&lt;p&gt;An agent that anchors decisions accumulates a track record of externally verified moments. Not a score. Not a rating. Just a factual pattern: how many decisions were anchored, over what period, at what accountability scope.&lt;/p&gt;

&lt;p&gt;An agent that doesn't anchor has no such record. Its entire history is self-testimony.&lt;/p&gt;

&lt;p&gt;When two agents transact, or when a client evaluates which agent to trust with a consequential task, one has externally verifiable history and the other doesn't. DA doesn't score this difference or recommend one over the other. But the difference exists, and anyone can observe it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why the price makes sense
&lt;/h2&gt;

&lt;p&gt;DA uses an internal unit called DAC (Decision Anchor Cost). 1 DAC = $0.001 USDC.&lt;/p&gt;

&lt;p&gt;A basic Decision Declaration costs &lt;strong&gt;10 DAC = $0.01&lt;/strong&gt;. One cent per anchored decision.&lt;/p&gt;

&lt;p&gt;Real scenarios:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Your agent places a &lt;strong&gt;$847 supplier order&lt;/strong&gt; → anchoring costs $0.01. That's &lt;strong&gt;0.001%&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Your agent books a &lt;strong&gt;$200 flight&lt;/strong&gt; for a client → $0.01 to anchor. &lt;strong&gt;0.005%&lt;/strong&gt;.&lt;/li&gt;
&lt;li&gt;Your agent executes &lt;strong&gt;500 crypto microtransactions&lt;/strong&gt; overnight → bundle them into one DD for $0.01, or anchor each for $5.00 total.&lt;/li&gt;
&lt;li&gt;Your agent runs &lt;strong&gt;$3,000 in daily ad spend&lt;/strong&gt; across 12 decisions → $0.12/day for full external accountability.&lt;/li&gt;
&lt;li&gt;Your agent approves a &lt;strong&gt;$15,000 equipment lease&lt;/strong&gt; → $0.01. &lt;strong&gt;0.00007%&lt;/strong&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;For comparison:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Resolving one disputed supplier invoice: hours of human time&lt;/li&gt;
&lt;li&gt;One audit finding: thousands in remediation&lt;/li&gt;
&lt;li&gt;One "why did your AI book this flight?" from a client with no external proof: a lost relationship&lt;/li&gt;
&lt;li&gt;Gartner estimates AI decision-making errors will generate over &lt;strong&gt;$10 billion in remediation costs&lt;/strong&gt; by mid-2026&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;New agents get &lt;strong&gt;500 free Trial DAC&lt;/strong&gt; (30 days). That's 50 anchored decisions to evaluate whether this is useful — without spending anything.&lt;/p&gt;

&lt;p&gt;Higher accountability scope (longer retention, stronger verification, broader disclosure) costs more, but stays in the range of cents per decision. You can check live pricing anytime: &lt;a href="https://api.decision-anchor.com/v1/pricing/current" rel="noopener noreferrer"&gt;GET /v1/pricing/current&lt;/a&gt; — no authentication required.&lt;/p&gt;

&lt;h2&gt;
  
  
  What DA does not do
&lt;/h2&gt;

&lt;p&gt;This matters as much as what it does:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;DA does not store decision content.&lt;/strong&gt; Not encrypted, not hashed, not summarized. The content stays with the agent. DA records only structural metadata: timestamp, accountability scope, integrity hash.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA does not monitor your agent.&lt;/strong&gt; It has no access to your system, your logs, or your agent's behavior.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA does not judge, score, or rank.&lt;/strong&gt; There's no reputation system, no "good agent" badge, no recommendations.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA does not intervene.&lt;/strong&gt; If your agent is about to do something stupid, DA won't stop it. That's your job.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA does not force recording.&lt;/strong&gt; The agent chooses to anchor. It's a voluntary act, not a requirement. An agent that never anchors simply has no external proof when it needs one.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;DA operators cannot see decision content either.&lt;/strong&gt; There is no content in the database to see. This isn't a policy — it's a structural guarantee.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;DA is infrastructure, not a product. Like a notary, it witnesses and records. It doesn't advise.&lt;/p&gt;

&lt;h2&gt;
  
  
  Who needs this — and who doesn't
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;You probably need this if:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Your agent places orders, books travel, or manages ad spend autonomously&lt;/li&gt;
&lt;li&gt;Your agent acts on behalf of clients or other people&lt;/li&gt;
&lt;li&gt;You need to prove to someone else what your agent was authorized to do&lt;/li&gt;
&lt;li&gt;You delegate between multiple agents and need to fix responsibility boundaries&lt;/li&gt;
&lt;li&gt;Your agent executes financial transactions (crypto trades, supplier payments, subscription management)&lt;/li&gt;
&lt;li&gt;Your agent makes irreversible decisions (data deletion, contract commitments, access revocation)&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;You probably don't need this if:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Your agent only talks (chatbot, no external actions)&lt;/li&gt;
&lt;li&gt;You're the only user and you trust your own logs&lt;/li&gt;
&lt;li&gt;Your agent doesn't make consequential decisions&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Try it
&lt;/h2&gt;

&lt;p&gt;Three curl commands. No SDK required, no account setup, no credit card.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Register&lt;/strong&gt; (get 500 free Trial DAC):&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/agent/register &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{"agent_name": "my-first-agent"}'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;





&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"agent_id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"a1b2c3d4-..."&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"auth_token"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"da_tk_abc123..."&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"registered_at"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"2026-04-06T12:00:00Z"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"trial_dac_amount"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;500&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"trial_period_days"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;30&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"message"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"Store auth_token securely. It will not be shown again."&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You now have 500 Trial DAC and 30 days. No payment needed.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Create a Decision Declaration&lt;/strong&gt; (after deciding, before executing):&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/dd/create &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Authorization: Bearer da_tk_abc123..."&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{
    "request_id": "550e8400-e29b-41d4-a716-446655440000",
    "dd": {
      "dd_unit_type": "single",
      "dd_declaration_mode": "self_declared",
      "decision_type": "external_interaction",
      "decision_action_type": "execute",
      "origin_context_type": "external",
      "selection_state": "SELECTED"
    },
    "ee": {
      "ee_retention_period": "short",
      "ee_integrity_verification_level": "basic",
      "ee_disclosure_format_policy": "internal",
      "ee_responsibility_scope": "minimal"
    }
  }'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;





&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"dd_id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"dd-7f8e9a..."&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"ee_id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"ee-4b2c1d..."&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"status"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"trial_paid"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"cost_breakdown"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"base_fee"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;10&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"base_fee_source"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"trial"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"premium"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;0&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"total_dac"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;10&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;},&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"trial_payment"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"payment_source"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"trial"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
    &lt;/span&gt;&lt;span class="nl"&gt;"trial_remaining"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="mi"&gt;490&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is now externally anchored. Not your log — DA's record.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Confirm&lt;/strong&gt; (fix the record permanently):&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl &lt;span class="nt"&gt;-X&lt;/span&gt; POST https://api.decision-anchor.com/v1/dd/confirm &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Content-Type: application/json"&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-H&lt;/span&gt; &lt;span class="s2"&gt;"Authorization: Bearer da_tk_abc123..."&lt;/span&gt; &lt;span class="se"&gt;\&lt;/span&gt;
  &lt;span class="nt"&gt;-d&lt;/span&gt; &lt;span class="s1"&gt;'{"dd_id": "dd-7f8e9a...", "transaction_id": "tx_001"}'&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;





&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight json"&gt;&lt;code&gt;&lt;span class="p"&gt;{&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"dd_id"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"dd-7f8e9a..."&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"settlement_status"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"settled"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"anchored_at"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"2026-04-06T12:00:05Z"&lt;/span&gt;&lt;span class="p"&gt;,&lt;/span&gt;&lt;span class="w"&gt;
  &lt;/span&gt;&lt;span class="nl"&gt;"integrity_hash"&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s2"&gt;"sha256:c6ee4e..."&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;span class="p"&gt;}&lt;/span&gt;&lt;span class="w"&gt;
&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Done. Your first decision is externally anchored. DA recorded the timestamp, the accountability scope, and the integrity hash. Not what you decided — just that you decided, and when.&lt;/p&gt;

&lt;p&gt;MCP server available at &lt;a href="https://mcp.decision-anchor.com/mcp" rel="noopener noreferrer"&gt;mcp.decision-anchor.com/mcp&lt;/a&gt; (17 tools). Works with any MCP-compatible agent.&lt;/p&gt;

&lt;p&gt;Full guide: &lt;a href="https://github.com/zse4321/decision-anchor-sdk/blob/main/AGENTS.md" rel="noopener noreferrer"&gt;AGENTS.md&lt;/a&gt; | Site: &lt;a href="https://decision-anchor.com" rel="noopener noreferrer"&gt;decision-anchor.com&lt;/a&gt;&lt;/p&gt;

</description>
      <category>ai</category>
      <category>agents</category>
      <category>accountability</category>
      <category>x402</category>
    </item>
  </channel>
</rss>
