RSS

Show HN: Check whether agent logs are independently verifiable

jithinraj1 pts0 comments

Paste agent logs and see what another party could verify

?"><br>?">

Methodology and source

Local-only checker

Could your agent logs survive a dispute?

Paste logs, traces, JSON, or a signed record. See what is merely observable and what another party can independently verify. Signed records are signature-checked in your browser.

Logs help you debug. Signed records help others verify.

Try a sample

Analyze your own

For incident review, disputes, payment questions, and audit evidence.

Runs locally

Native WebCrypto Ed25519

Open source

Portable record format

Could your logs survive an incident review?

Choose what happened. See what another party can verify.

Pick a workflow for a real sample, or paste your own below. Runs entirely in your browser.

API call<br>Did this API return that result?<br>Sample: request/response trace<br>Try this &rarr;

MCP tool run<br>Did this tool run with this input/output?<br>Sample: MCP server log<br>Try this &rarr;

Agent action<br>What did the agent actually do?<br>Sample: signed agent-action record<br>Try this &rarr;

Gateway decision<br>Why was this allowed, denied, routed, or challenged?<br>Sample: gateway policy decision<br>Try this &rarr;

Payment event<br>What was authorized vs captured/settled?<br>Sample: payment authorization note<br>Try this &rarr;

Provisioning event<br>Who created or changed access, config, or entitlement?<br>Sample: provisioning log<br>Try this &rarr;

This checker assesses whether your evidence is independently verifiable. It does not prove the underlying event happened unless you provide a valid signed record.

Check logs / traces<br>Verify a signed record

Structural scorecard for logs, traces, and JSON is heuristic. Paste a signed record (compact JWS) and its Ed25519 signature is verified in your browser. Nothing is uploaded; issuer-key lookups are opt-in and shown first. A valid signature does not assert the claims inside are true.

Analyze<br>Try an example

Structural evidence score: /100 . Heuristic, based on detectable evidence structure, not a formal audit.

Structural scorecard is heuristic. Signed records (compact JWS) are signature-verified in your browser; see the verification panel below.<br>How scoring works

What this does not check<br>The structural scorecard does not confirm that claimed timestamps or policy bindings are authentic, and a valid signature proves only the issuer and integrity of a record, not that its claims are true.

Observable

Independently verifiable

Missing

Next steps

Signature verification

Not checked

This is a signed record. Verify its Ed25519 signature locally. Provide the issuer key by pasting a JWK or JWKS, or resolve it from the issuer (you will see the URL first).

Your key and record stay in your browser. Nothing here is uploaded.

Verify signature<br>Resolve issuer key

Verification runs in your browser with native WebCrypto. A valid signature proves who issued the record and that it was not altered. It does not assert that the claims inside are true.

PEAC defines the portable signed-record shape (interaction-record+jwt) this verifier checks.

What to do next

Want signed records without building the plumbing? Originary &rarr;

Share result

Copy result

Download image

What good looks like: logs &rarr; signed record<br>Same event, two evidence levels: internal logs vs a signed record another party can verify.

View example

What most teams have<br>What signed records add

Internal observability

Local only

14:23:01.2

Agent invoked MCP tool: check_inventory

tool_call_id: tc_82af &rarr; pending

14:23:01.8

Tool called external API

GET /api/v2/inventory/sku_47x &rarr; 200

14:23:02.1

Policy evaluated

policy: tools.check_inventory &rarr; allow

14:23:02.4

Tool returned result to agent

trace_id: 7f3a-b2c1-9e4d

Useful for debugging. Weak for disputes.

Signed record

Sample state

14:23:01.2

Issuer: demo.whatdidmyagentdo.com

kid: wtf-demo-key-1

14:23:01.2

Type: org.peacprotocol/agent-action

kind: evidence

14:23:02.4

Action: tool.call &rarr; search_customer_orders

outcome: invoked-observed

14:23:02.4

Ed25519 signature over header.payload

wire format: interaction-record+jwt (0.2)

verify

Real signed record. Verify the signature below.

runs in your browser with WebCrypto

A real, signed PEAC interaction record. Verify its Ed25519 signature right here.

Verify sample record

Decoded payload

interaction-record+jwt<br>decoded payload

"peac_version": "0.2",

"kind": "evidence",

"type": "org.peacprotocol/agent-action",

"iss": "https://demo.whatdidmyagentdo.com",

"iat": 1748736000,

"jti": "019d7400-0000-7000-8000-000000000abc",

"ext": { "org.peacprotocol/agent-action": { "action": "tool.call", "tool": "search_customer_orders" } }

Copy sample signed record

The hard questions

What your logs cannot settle

Did the agent actually accept those terms?

Your logs recorded a policy decision. Another party has no way to verify what terms were in effect.

Did the tool call happen before or after the policy changed?

Timestamps in your system are...

record signed verify agent logs signature

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

US Government directive to suspend access to Fable 5 and Mythos 5

Dylan131224 ptsfable government anthropic jailbreak access mythos

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.