I'm a solo founder building compliance infrastructure for AI agents.
This is the core problem I'm solving.
If you're building AI agents, you have a logging problem
you probably haven't thought about yet.
Not application logs. Compliance logs — cryptographically
signed, tamper-proof records of what your agent decided,
when, and why. The kind that hold up in a regulatory audit.
The EU AI Act (Article 12) mandates exactly this for
high-risk AI systems. And most agent frameworks produce
nothing close to it.
I built Rubric Protocol to fix that.
What it does
Every agent action gets:
- A post-quantum signature (ML-DSA-65)
- A Merkle-aggregated attestation bundle
- An anchor written to Hedera Consensus Service mainnet
- A W3C Verifiable Credential you can export
That's a tamper-proof, court-admissible audit trail for
every decision your agent makes.
Install
pip install autogen-rubric
Instrument your agent in one line
import rubric
rubric.instrument()
That's it. Works with:
- LangChain
- LangGraph
- CrewAI
- AutoGen
- OpenAI Agents SDK
- Google ADK
- Haystack
- Semantic Kernel
- Pydantic AI
- DSPy
- LlamaIndex
- Strands / Bedrock AgentCore
- and more
Why post-quantum?
Current ECDSA signatures will be breakable by quantum
computers within the decade. If your audit trail gets
subpoenaed in 2031, you want signatures that still hold.
ML-DSA-65 (CRYSTALS-Dilithium) is NIST-standardized.
We implemented it natively via a C++ N-API addon — 52x
faster than pure JS equivalents.
Architecture in 30 seconds
- Agent action fires
- Rubric signs it with ML-DSA-65
- Actions batch into a Merkle tree (1,000,000:1 compression)
- Root hash anchors to Hedera mainnet via HCS
- W3C VC issued against that anchor
Load tested at 3,247 RPS, 0.13% error rate.
First mainnet VC issued April 3, 2026.
Try it
pip install autogen-rubric
Docs + free developer key: rubric-protocol.com
Happy to answer questions on the ZK layer, the Merkle
architecture, or the EU AI Act compliance angle.
Top comments (0)