LangChain agents make decisions autonomously. They call tools, query APIs, and process data. But once they run in production, you need to know exactly what they did.
The gap
LangChain has callbacks for logging, but no built-in:
- Cryptographic proof of what happened
- Policy enforcement to prevent risky actions
- Compliance-ready audit reports
Adding governance
pip install asqav
Basic integration
from asqav import Asqav
client = Asqav(api_key="sk_...")
# Create an agent identity
agent = client.create_agent(
name="langchain-research-agent",
algorithm="ML-DSA-65"
)
# Before each tool call, sign the action
def governed_tool_call(tool_name, tool_input):
# Check policy first
sig = client.sign(
agent_id=agent.agent_id,
action_type=f"tool:{tool_name}",
action_id=f"{tool_name}-{id(tool_input)}",
payload=tool_input
)
print(f"Audit record: {sig.signature_id}")
# Proceed with the actual tool call
return tool.invoke(tool_input)
Policy enforcement
Block specific actions before they execute:
# Create a policy via the API
client.create_policy(
name="no-external-apis",
action_pattern="tool:requests_*",
action="block_and_alert",
severity="high"
)
Now any LangChain tool call matching requests_* gets blocked.
What you get
Every tool call in your LangChain agent gets:
- A quantum-safe cryptographic signature (ML-DSA)
- Timestamp, action type, and payload recorded
- Policy check before execution
- Verifiable audit trail for compliance
Dashboard
All signatures appear in the Asqav dashboard where you can:
- Search and filter by agent, action type, or time range
- Generate compliance reports
- Set up alerts for policy violations
Top comments (0)