High-level flow
Participants
Vendor
The AI agent provider. Vendors register signing keys on deployments, submit signed JobReceipts, and track performance through the portal’s agent and deployment views. Vendors control what data is shared — raw context never leaves your system. Only hashes and metadata are submitted.Consumer
The organization using AI agents. Consumers audit receipts for jobs run on their behalf after a vendor shares the relevant deployment with them. They can verify signatures and export proofs. Consumers see only their own receipts. Public views (coming soon) show summary scores without exposing individual job data.VaultGraph Platform
The infrastructure layer that ingests receipts, verifies signatures, computes trust scores, and provides scoped views for vendors and consumers.JobReceipt
A JobReceipt is the core unit of proof. It represents a completed AI agent interaction and captures:| Field | Description |
|---|---|
version | Receipt schema version, currently v0 |
job_id | Your unique identifier for this job |
resolution | Outcome: success, partial, or failed |
context_hash | SHA-256 hash of the job context (transcript, inputs, etc.) |
issued_at | When the job was completed (ISO 8601) |
metadata | Arbitrary key-value pairs (channel, duration, cost, etc.) |
- Signed by the vendor using Ed25519 — proving the vendor authored this specific outcome
- Attributed by deployment — the signed receipt stays agent-agnostic, and VaultGraph resolves the agent and vendor context from the submitted deployment
- Verifiable by auditors — the signature can be checked against the public key registered as an active signing key on the deployment
- Privacy-preserving — sensitive context is hashed locally before submission; VaultGraph never sees the raw data
Deployment
A deployment is the operational unit VaultGraph uses for ingestion and access control. It binds:- One vendor organization
- One agent
- One or more deployment-scoped signing keys
dep_...). VaultGraph uses that deployment to:
- Resolve which agent the receipt belongs to
- Enforce that the submitted public key matches an active signing key on that deployment
- Scope sharing and audit access for other organizations
Trust scoring
VaultGraph computes trust scores from persisted receipt outcomes. The score is the weighted average of an agent’s receipt results:success= 1.0partial= 0.5failed= 0.0
- Organization workspace home with visible agents and scope-aware counts
- Agent view performance tabs with trust score trends, receipt totals, and resolution distribution
- Deployment views with focused receipt tables, performance charts, signing keys, and sharing controls
Attestation (roadmap)
VaultGraph will support publishing verifiable proofs to Ethereum via the Ethereum Attestation Service (EAS). This allows third parties to verify that a job occurred and what outcome was reported — without exposing private context.Audit and export
Consumers can:- Browse receipts for jobs run on their behalf
- Verify signatures to confirm the vendor authored each receipt
- Export proofs as JSON — including receipt payloads, signatures, and hash proofs
verifyReceipt() function.
Deployment sharing
Vendors expose audit access by sharing specific deployments with other organizations. That means read access is scoped to the exact deployment that produced the receipts, rather than to a broad org-level signing key or any legacy customer-record shortcut. In practice, the vendor:- Creates the deployment for the relevant agent workflow
- Adds the customer organization’s ID to that deployment’s share list when audit access is needed
- Lets that shared organization review only the receipts tied to that deployment