Trust Receipts · open AgentBOM implementation

Proof for every AI call. Verifiable by anyone, offline.

Trust Receipts are AgentAnywhere's signed implementation of the open AgentBOM format — cryptographically signed records of every agent execution. Region, model, data sources, policy decisions, redactions, cost, carbon. A regulator, a court, or your end-user can verify any receipt independently with the published public key. No platform login, no NDA.

Try the live verifier View public key

AgentBOM

Open format

Ed25519

Signature

None

Verifier auth

~2.4 KB

Avg payload

Open format: AgentBOM

A Trust Receipt is AgentAnywhere's signed implementation of an open standard. The format itself — its schema, canonicalization rules, and reference verifier — lives at agentbom.org. Anyone can issue AgentBOM-compliant receipts; anyone can verify them. The open layer keeps the audit primitive vendor-neutral; AgentAnywhere's value is in producing and operating them at regulator-grade scale.

Open

The format is unencumbered

AgentBOM v1 — schema, signing rules, reference verifier — is published openly at agentbom.org. Anyone can issue or verify against it.

Branded

Trust Receipts are AgentAnywhere's

When an AgentBOM is signed by AgentAnywhere Sovereign and ships with our regulator share-link, redaction profiles, and console workflow, we call it a Trust Receipt. Same wire format; richer operating envelope.

Portable

Verifiers don't need a vendor

npx @soverai/verify is the reference verifier today; an @agentbom/verify alias ships with the open spec. Both validate any AgentBOM / Trust Receipt against any issuer's public key.

Verify any receipt — try it now

Pick a scenario, click Verify, get a regulator-grade decision in milliseconds. Or paste your own receipt JSON — the verifier resolves the public key from /.well-known and proves (or disproves) the signature.

Live verifier· Paste a receipt or load a scenario

public verifier · no auth required

0 chars

Verification result appears here

The verifier checks the signature against /.well-known/soverai-receipts

Why receipts are the missing primitive

Every cloud now offers regional inference. None of them give you a portable, signed proof you can hand to a regulator, a court, or a customer.

Ed25519 signed

Each receipt is signed with your org's Ed25519 key. Public key published at /.well-known/soverai-receipts — independently verifiable, offline.

Regulator-readable

Region, model, data sources, policy decisions, redactions, cost, carbon. No opaque blobs. RBI, DPDP, GDPR, EU AI Act — all hit.

Lineage you can defend

Every retrieved chunk is fingerprinted (sha256) and tagged with jurisdiction + classification. Challenge an answer; trace its provenance.

Share-link with end users

Article 22 / DPDP §12 ready: borrowers, patients, citizens get a verifiable explanation of why AI was used in their decision.

The audit workflow

What a real verification looks like. Four steps, no platform involvement, no NDA.

Step 1

Auditor receives a receipt

Either as a JSON artifact attached to a case file, or via a regulator share-link.

Step 2

Verifier resolves the public key

Fetch /.well-known/soverai-receipts on the issuing domain. The kid in the receipt picks the matching key.

Step 3

Ed25519 verification, offline

Canonical JSON of the payload + base64url signature → cryptographically pass/fail. No platform involvement needed.

Step 4

Read the decision trail

Region, model, policy decisions, redactions, lineage. Defensible in front of a supervisor.

Drop-in for developers

Two pip installs and one env var. The AgentAnywhere gateway plugin mints a Trust Receipt for every request that flows through your gateway and ships it to your AgentAnywhere Sovereign tenant — without ever blocking the hot path.

AgentAnywhere gateway · drop-in plugin

~60 seconds

# 1. Install the gateway and the AgentAnywhere Sovereign bridge plugin
pip install agentanywhere-gateway soverai-gateway-plugin

# 2. Point it at your AgentAnywhere Sovereign tenant
export SOVERAI_INGEST_URL=https://sovereign.agentanywhere.ai/api/receipts/ingest
export SOVERAI_API_KEY=sai_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxx

# 3. Run
agentanywhere-gateway --plugin soverai-receipts

# Every request now mints one signed Trust Receipt in your console at
# https://sovereign.agentanywhere.ai/app/receipts — verifiable offline by
# anyone with your published public key.

Prefer to call the ingest endpoint directly from your own runtime? Mint signed receipts via POST /api/receipts/ingest (auth: session or Authorization: Bearer sai_live_…) with the same JSON shape the gateway plugin sends.

Open spec, open verifier

The receipt schema is open and unencumbered. We want regulators, auditors, and end-users to verify AgentAnywhere Sovereign receipts without any vendor dependency.

Public key endpoint

Every issuing domain publishes a JWKS-style document at /.well-known/soverai-receipts. Fetchable by anyone, cacheable for 60s, no auth.

Reference verifier

Ship-ready today: npx @soverai/verify — pure-Node, zero runtime dependencies, no AgentAnywhere Sovereign account. Fetches the published key, runs Ed25519 verification, exits with a clean pass/fail code.

@soverai/verify · independent CLI

zero runtime deps · Node 18.18+

# One-shot verification (no install)
npx @soverai/verify receipt.json

# Pipe a downloaded share-link
curl -s https://sovereign.agentanywhere.ai/r/<token>.json \
  | npx @soverai/verify --issuer https://sovereign.agentanywhere.ai

# Fully offline — pin the public key explicitly
npx @soverai/verify --public-key-b64url MCowBQYDK2VwAyEA... receipt.json

# Machine-readable output, exits 0 on pass / 1 on tamper
npx @soverai/verify --json receipt.json | jq '.summary'

Frequently asked

Why receipts and not just audit logs?

Audit logs are inside your account — only your team can read them, only your team can validate them. Trust Receipts are a portable, signed artifact (open format: AgentBOM): a regulator, a court, an end-user, or a downstream auditor can verify them with no access to your platform.

What happens if the receipt is tampered with?

Any change to the payload — even one byte, even reordering keys — invalidates the Ed25519 signature. The verifier returns a clear failure with the reason. Try the 'Tampered demo' toggle in the verifier above.

Is the spec open?

Yes. The wire format is the open AgentBOM standard (spec at agentbom.org); the JSON shape is versioned (`soverai-receipt/v1` is the current AgentAnywhere wire-tag for compatibility with deployed verifiers). The reference verifier ships as `@soverai/verify` — a zero-dependency Node CLI/library you can run with `npx @soverai/verify`. An `@agentbom/verify` alias ships with the open spec. The canonicalization algorithm is fully documented; anyone can implement an issuer or a verifier.

How do you handle key rotation?

Every receipt embeds an `orgKid` (key id). The well-known endpoint can publish multiple active kids during rotation. Old receipts stay verifiable as long as the corresponding kid remains published.

Does this work with any LLM provider?

Yes. The receipt is emitted by AgentAnywhere Sovereign around every model call — OpenAI, Anthropic, Bedrock, Vertex, or your private deployment. Use the Compliance-as-an-API gateway to wrap an existing API key with one line of code.

Issue a Trust Receipt for every AI call you make.

Trust Receipts ship as part of AgentAnywhere Sovereign today (signed implementation of the open AgentBOM format). Want an early architecture review against your own regulatory map (RBI, DPDP, EU AI Act)? Talk to us.

Email enterprise

Proof for every AI call. Verifiable by anyone, offline.

Open format: AgentBOM

# 1. Install the gateway and the AgentAnywhere Sovereign bridge plugin pip install agentanywhere-gateway soverai-gateway-plugin # 2. Point it at your AgentAnywhere Sovereign tenant export SOVERAI_INGEST_URL=https://sovereign.agentanywhere.ai/api/receipts/ingest export SOVERAI_API_KEY=sai_live_xxxxxxxxxxxxxxxxxxxxxxxxxxxx # 3. Run agentanywhere-gateway --plugin soverai-receipts # Every request now mints one signed Trust Receipt in your console at # https://sovereign.agentanywhere.ai/app/receipts — verifiable offline by # anyone with your published public key.

# One-shot verification (no install) npx @soverai/verify receipt.json # Pipe a downloaded share-link curl -s https://sovereign.agentanywhere.ai/r/<token>.json \ | npx @soverai/verify --issuer https://sovereign.agentanywhere.ai # Fully offline — pin the public key explicitly npx @soverai/verify --public-key-b64url MCowBQYDK2VwAyEA... receipt.json # Machine-readable output, exits 0 on pass / 1 on tamper npx @soverai/verify --json receipt.json | jq '.summary'

Proof for every AI call. Verifiable by anyone, offline.

Open format: AgentBOM

The format is unencumbered

Trust Receipts are AgentAnywhere's

Verifiers don't need a vendor

Verify any receipt — try it now

Hand a regulator a URL — no NDA, no platform login

See exactly what a borrower or auditor would see

Why receipts are the missing primitive

Ed25519 signed

Regulator-readable

Lineage you can defend

Share-link with end users

The audit workflow

Auditor receives a receipt

Verifier resolves the public key

Ed25519 verification, offline

Read the decision trail

Drop-in for developers

Open spec, open verifier

Public key endpoint

Reference verifier

Frequently asked

Issue a Trust Receipt for every AI call you make.

Proof for every AI call. Verifiable by anyone, offline.

Open format: AgentBOM

The format is unencumbered

Trust Receipts are AgentAnywhere's

Verifiers don't need a vendor

Verify any receipt — try it now

Hand a regulator a URL — no NDA, no platform login

See exactly what a borrower or auditor would see

Why receipts are the missing primitive

Ed25519 signed

Regulator-readable

Lineage you can defend

Share-link with end users

The audit workflow

Auditor receives a receipt

Verifier resolves the public key

Ed25519 verification, offline

Read the decision trail

Drop-in for developers

Open spec, open verifier

Public key endpoint

Reference verifier

Frequently asked

Issue a Trust Receipt for every AI call you make.