A finance agent approved a €487,000 transfer at 02:14. Six months later, when the auditor asked which policy applied and who reviewed the call, no one could prove a thing.
Decision logged. Decision unprovable.Signatrust is the independent trust layer for AI agents and automated systems — turning every decision into a signed receipt, an audited trust score, and an insurable risk profile. Your data never leaves your perimeter.
A finance agent approved a €487,000 transfer at 02:14. Six months later, when the auditor asked which policy applied and who reviewed the call, no one could prove a thing.
Decision logged. Decision unprovable.An AI denied a mortgage. The regulator gave the lender 14 days to produce the rationale. The system had logs — none of them signed, none of them tamper-evident, none of them admissible.
Records existed. Evidence didn't.A DevOps agent modified production at 03:40 during a freeze window. Three teams pointed at each other. "The agent did it" satisfied no one — including the enterprise customer whose SLA was now broken.
Blame circulated. Accountability dissolved.Anonymised industry patterns, not testimonials. Today, every one of these would have a signed, chain-linked Decision Receipt any auditor, regulator or counterparty can verify in seconds — without trusting the party who logged it.
Most tools cover one slice — logging, or auditing, or insurance in isolation. Signatrust runs the whole chain on a single evidence base, so every layer above is derived from real receipts, not self-attested claims.
An agent, model or workflow takes a real action — approve a loan, execute a payment, sign a contract, ship a deploy.
Try the live demo → 02The decision is sealed into a signed, chained Decision Receipt: who acted, when, under which permissions, with which model — Ed25519-signed.
See a real receipt → 03The receipt is independently checkable by auditors, AI-vs-AI review, knowledge rules, or human experts — no access to your systems needed.
Verify a receipt →Verified history becomes an Agent Trust Score (0–100) — integrity, oversight, governance, longevity — recomputable from receipts alone.
Open a Trust Passport → 05Aggregated across an organization's agents: exposure by risk level, control strength, insurability grade and a relative underwriting index.
Open a risk profile → 06Insurers price AI liability cover on real evidence instead of guesses — the same way credit and motor insurance are priced today.
Enter the insurer portal →Decision → Receipt → Verification → Trust Score → Risk Score → Insurance. Each layer is independently checkable. Nothing is self-attested.
Every Signatrust product is a different surface on the same append-only, Ed25519-signed ledger. New verticals plug in without forking the trust model — so Trust Scores, compliance and risk profiles stay consistent across humans, agents and automated systems.
Sign or approve a document with zero custody — the file is hashed in your browser, only the hash is stored, each signature is a verifiable receipt.
Open Signatrust Sign →Register an AI agent, declare its model and permissions, manage API keys and policies. Every action it takes can be sealed and audited.
Register an agent →The signing engine: canonical bodies, Ed25519 signatures, an append-only chain and an open receipt spec any vendor can implement.
See a real receipt →Anyone can re-check a receipt with no access to your systems. A network of human experts can countersign high-risk decisions.
Verify a receipt →A 0–100 reputation per agent, recomputable from receipts alone — integrity, oversight on risky calls, governance, longevity.
Open a Trust Passport →Exposure, control strength, insurability grade and a relative underwriting index. The insurer portal sits on top.
Open a risk profile →Built to support your obligations under
On 7 May 2026 the European Council adopted the Digital Omnibus, postponing most high-risk enforcement dates. The widely-cited August 2026 deadline no longer applies. But the obligations that are already binding require years of audit history when regulators come asking — and that history can only be built one signed decision at a time.
Subliminal manipulation, social scoring, untargeted scraping of facial images, real-time biometric ID in public spaces, emotion inference at work and school. Fines up to €35M or 7% global turnover.
Providers of general-purpose AI models must keep technical documentation, training-data summaries, copyright policies, and (for systemic-risk models) adversarial testing records. Enforced by the AI Office.
Credit scoring, employment decisions, education, essential services, law enforcement, migration. Postponed from August 2026 by the Digital Omnibus. Full Art. 9–15 conformity required: risk management, data governance, logging, transparency, human oversight, accuracy.
AI as a safety component of products already regulated under EU harmonisation law (medical devices, machinery, toys, lifts, in-vitro diagnostics, etc.). Full conformity assessment under both sectoral and AI-Act rules.
The real urgency is not the deadline — it is the evidence window. When an Annex III audit lands in 2027, auditors will not ask what you decided that week; they will ask for a year or more of signed, chain-linked records covering how the system actually behaved in production. Companies that start sealing receipts now will have it. Companies that wait will not.
Sources: Regulation (EU) 2024/1689 (the AI Act); Digital Omnibus political agreement, 7 May 2026. Always confirm dates against the Official Journal and your own counsel.
A database row tells you what your system says happened. It doesn't prove the record wasn't changed, under whose authority it ran, or with which model. Today's autonomous agents take real actions every minute — and the questions that follow are the ones auditors, regulators and counterparties actually ask.
Who authorised it? Which model and version? Was a human in the loop? Was the spending limit checked at the moment of the call?
The applicant has a legal right to the reasoning. Which policy applied, which features mattered, and which model version produced the answer?
Did it have signing authority for this counterparty? Within what cap? Was the counterparty risk-checked before the signature went through?
Which agent, with which permissions, in which change window, with whose on-call approval? What was the previous state — and can you prove no one rewrote the log?
Without an independent receipt, none of these have an answer that survives an audit, a regulator, or a court. Your own logs are evidence about you, written by you. Signatrust gives the same facts a signature anyone else can verify — without trusting you.
Each decision is sealed into a Decision Receipt: the agent and model that acted, the permissions and policies in force, fingerprints of the input and output, a timestamp, and an Ed25519 signature — chained to the previous receipt.
import { Signatrust } from 'signatrust'; const str = new Signatrust({ apiKey: process.env.SIGNATRUST_API_KEY }); // input & output are hashed locally — raw data never leaves const { receipt, share_url } = await str.sign({ model: { provider: 'openai', name: 'gpt-4o', version: '2026.4' }, decision: { type: 'loan_rejection', input, output, risk_level: 'high', human_review: true, permissions: ['credit.decide'], policies: ['eu-ai-act-high-risk'], }, });
Authenticity (body hash + signature) is provable from the receipt alone. An auditor, regulator, counterparty, or the end user holding their receipt can confirm it in seconds, online or offline.
Drop the SDK into your agent. Every decision is fingerprinted locally, sealed, signed and chained.
The SDK computes sha256 of your input and output on your machine. Only fingerprints leave.
The node builds a canonical receipt and signs it with Ed25519, stamping model, permissions and policies.
Each receipt links to the previous one by hash — an append-only ledger where tampering is evident.
Any third party can verify the receipt independently, with no access to your data.
This calls the running Signatrust node. A demo agent is created for you, your decision is sealed into a real signed receipt and verified — and you can tamper with it to watch verification fail.
Signatrust is engineered so that even Signatrust cannot see your decisions. By default nothing operational leaves your environment — only SHA-256 fingerprints and metadata, never content. We are closer to a company that builds a vault than one that collects data.
Signatrust collects no operational data by default. A global trust network, shared risk benchmarks and, in time, insurance models are powered only by what customers choose to contribute — always anonymized and aggregated.
Maximum trust. No contribution to benchmarks or training. The default posture for banks, government and defense.
Share only aggregate signals — decision volume, decision types, error rates, human-review rates. No prompts, outputs or identifiers.
Voluntarily contribute richer anonymized signals in exchange for benchmarking reports, comparative insights and pricing benefits.
An open receipt format spreads across the ecosystem — and every receipt feeds a recomputable reputation signal for the agent that issued it.
Read the ADR specification → See real, verifiable use cases →
A 0–100 reputation derived from verifiable history: integrity, oversight on risky calls, governance and longevity.
Wrap a tool call in LangChain, CrewAI, AutoGen or the OpenAI Agents SDK and emit a receipt.
Drop the n8n-nodes-signatrust node into any workflow to sign, verify or fetch a Decision Receipt — Cloud or self-hosted. See the integration →
An open receipt specification and a Model Context Protocol tool so any agent can seal its actions.
The score is the headline. The passport is the proof. Every datum links back to receipts an auditor can independently re-check. Counterparties and regulators can demand it before they let your agent act in their systems — and recompute it themselves at any time.
signatrust.net/passport/financebot-acmeThe receipt layer is the foundation. On top of it, two regulator-grade products fall out directly: compliance reports an auditor can re-check, and risk profiles an insurer can underwrite — both derived entirely from real receipts, never self-attested.
Regulator-ready reports mapped to the EU AI Act, GDPR, NIST AI RMF and ISO/IEC 42001 — every control backed by verifiable receipts an auditor can independently re-check. Export a signed, tamper-evident copy in one click.
An insurance-grade risk profile from verifiable history: exposure by risk level, the strength of operating controls, an insurability score and a relative underwriting index. A comparative signal for underwriters — derived, never invented.
The risk profile isn't a marketing claim — it's already queryable, exportable and shaped for the people who actually price AI risk.
A read-only dashboard for insurance partners: live insurability grade, premium index, exposure by risk level, control strength — and one-click verification of any receipt in the sample.
Two unauthenticated endpoints already in production. Underwriters can pull profile data programmatically and rebuild their own pricing models on top.
GET /api/v1/risk/{agentId} GET /api/v1/risk/network/benchmarksView discovery document →
A real, recomputable risk profile served as signed JSON: insurability score, premium index, exposure by risk level, control strength, network percentile.
The data engine above is live in production. The first underwriting partnership will be announced publicly the day it's signed and bindable, not before. If you price AI risk for a living, the partner program is open today.
Open the partner program →Standards win when they make a hard question routine. Signatrust is in that lineage — not a SaaS feature, an operating primitive for the agent era.
A Decision Receipt is meant to become as ordinary in the agent stack as a TLS certificate is on the web: small, signed, independently verifiable, free to issue — and present everywhere a decision is made.
Issuing and verifying Decision Receipts is free — and built to stay that way. When you need unlimited volume, a private or air-gapped deployment, signed webhooks, custom-branded verification or a contractual SLA, Enterprise is priced to be very competitive — talk to us and we'll tailor it to your volume.
Issuing receipts is always free. You pay only for private deployment, scale and support — never for the right to sign.
Register an agent, seal your first decision, and share a verifiable receipt anyone can check — in under a minute.