From 8c1ff6092b13b1a79fa197e8852ecf7e6e279e98 Mon Sep 17 00:00:00 2001 From: Brandon Bennett Date: Fri, 6 Feb 2026 16:01:28 -1000 Subject: [PATCH 1/2] Adding integration for AgentSystems Notary to Governance section --- docs/docs.json | 6 + docs/en/governance/agentsystems-notary.mdx | 169 +++++++++++++++++++++ 2 files changed, 175 insertions(+) create mode 100644 docs/en/governance/agentsystems-notary.mdx diff --git a/docs/docs.json b/docs/docs.json index 37e0609613..a183ae993e 100644 --- a/docs/docs.json +++ b/docs/docs.json @@ -307,6 +307,12 @@ "en/observability/truefoundry" ] }, + { + "group": "Governance", + "pages": [ + "en/governance/agentsystems-notary" + ] + }, { "group": "Learn", "pages": [ diff --git a/docs/en/governance/agentsystems-notary.mdx b/docs/en/governance/agentsystems-notary.mdx new file mode 100644 index 0000000000..61cd9ebc81 --- /dev/null +++ b/docs/en/governance/agentsystems-notary.mdx @@ -0,0 +1,169 @@ +--- +title: AgentSystems Notary +description: Tamper-evident audit logging for CrewAI applications. +icon: stamp +mode: "wide" +--- + +## Overview + +AgentSystems Notary creates cryptographically verifiable audit trails for AI systems. + +## Why + +When AI behavior is questioned by customers, auditors, regulators, insurers, etc., you need to prove what actually happened. Traditional logs don't work: you control them, so third parties have to trust you didn't modify them. + +Tamper-evident logging removes that trust requirement. + +## How it works + +Raw LLM interactions stay in your storage. No third party sees them during normal operation. But cryptographic hashes of each interaction are written to independent, tamper-evident storage (Arweave or the AgentSystems custodied service) at the same time. + +If there's ever an audit or dispute, you provide the raw logs. The auditor re-hashes them and compares against the stored hashes. A match indicates the logs are unaltered. A mismatch indicates tampering or corruption. + +You control your data, but can't alter it without detection. + +**What gets logged:** +- To your storage: input prompt, response text, agent metadata, session IDs, timestamps +- To ledger: SHA-256 hash + metadata (e.g. namespace, session ID, timestamps) + +## Hash storage options + +Hashes (not raw data) can be written to either storage option: + +| Storage | Best For | Features | +|---------|----------|----------| +| [Decentralized (Arweave)](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs) | No vendor lock-in | Public append-only ledger, open-source verification, no account needed | +| [Custodied](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs) | Managed compliance | Write-once storage, verification UI, signed attestations for audits | + + +[Custodied plans](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs) offer WORM-compliant hash storage, managed signing, and signed attestations. + + +## Prerequisites + +```shell +pip install agentsystems-notary "crewai[anthropic]" python-dotenv +``` + +## Example (decentralized) + + + + ```shell + openssl genrsa -out arweave-key.pem 4096 + ``` + For production, use [AWS KMS or another cloud key management service](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs). + + + Create a `.env` file in your project root: + ``` + # AWS S3 for raw payload storage + ORG_AWS_S3_BUCKET_NAME=your-bucket + ORG_AWS_S3_ACCESS_KEY_ID=AKIA... + ORG_AWS_S3_SECRET_ACCESS_KEY=... + ORG_AWS_S3_REGION=us-east-1 + + # Path to signing key + ARWEAVE_PRIVATE_KEY_PATH=./arweave-key.pem + + # Anthropic + ANTHROPIC_API_KEY=sk-ant-... + ``` + + + ```python + import os + + from agentsystems_notary import ( + CrewAINotary, + ArweaveHashStorage, + AwsS3StorageConfig, + LocalKeySignerConfig, + RawPayloadStorage, + ) + from crewai import Agent, Crew, LLM, Task + from dotenv import load_dotenv + + load_dotenv() + + # Your S3 bucket for raw LLM payloads + s3_config = AwsS3StorageConfig( + bucket_name=os.environ["ORG_AWS_S3_BUCKET_NAME"], + aws_access_key_id=os.environ["ORG_AWS_S3_ACCESS_KEY_ID"], + aws_secret_access_key=os.environ["ORG_AWS_S3_SECRET_ACCESS_KEY"], + aws_region=os.environ["ORG_AWS_S3_REGION"], + ) + raw_payload_storage = RawPayloadStorage(storage=s3_config) + + # Local RSA key for signing + signer = LocalKeySignerConfig( + private_key_path=os.environ["ARWEAVE_PRIVATE_KEY_PATH"], + ) + + # Arweave for decentralized hash storage + arweave_storage = ArweaveHashStorage( + namespace="tenant_a1b2c3d4", # Use an anonymous ID, not a company name + signer=signer, + ) + + # Initialize notary — hooks auto-register with CrewAI + notary = CrewAINotary( + raw_payload_storage=raw_payload_storage, + hash_storage=[arweave_storage], + debug=True, + ) + + # Create crew — all LLM calls are logged automatically + llm = LLM( + model="anthropic/claude-sonnet-4-5-20250929", + api_key=os.environ["ANTHROPIC_API_KEY"], + ) + + agent = Agent( + role="Research Analyst", + goal="Answer questions accurately", + backstory="You are an expert analyst.", + llm=llm, + ) + + task = Task( + description="What is the capital of France?", + expected_output="The answer to the geography question", + agent=agent, + ) + + crew = Crew(agents=[agent], tasks=[task]) + result = crew.kickoff() + print(result) + ``` + + + The `namespace` is written to the public ledger. Use an anonymous tenant identifier, not a company name. + + + + +## Verification + +**Decentralized (Arweave)**: Download raw payloads from your storage bucket, then verify with the open-source CLI: + +```shell +npm install -g agentsystems-verify +agentsystems-verify --logs logs.zip +``` + +The CLI re-hashes each payload and compares against the hashes stored on Arweave. + +Alternatively, the [Verify UI](https://verify.agentsystems.ai?utm_source=crewai-docs&utm_medium=docs) supports both decentralized and custodied verification. + +## Configuration + +- [Raw payload storage options](https://docs.agentsystems.ai/notary/configuration/raw-payload-storage?utm_source=crewai-docs&utm_medium=docs) (AWS S3, GCS, etc.) +- [Signers for Arweave](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs) (local key, AWS KMS) +- [Hash storage options](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs) (Arweave, Custodied) + +## Resources + +- [Documentation](https://docs.agentsystems.ai/notary/?utm_source=crewai-docs&utm_medium=docs) +- [GitHub](https://github.com/agentsystems/agentsystems-notary?utm_source=crewai-docs&utm_medium=docs) From 42b4e05f22231de6b253a465bf03f47c42ad0bef Mon Sep 17 00:00:00 2001 From: Brandon Bennett Date: Fri, 6 Feb 2026 21:37:30 -1000 Subject: [PATCH 2/2] Adding verification steps and clarifications --- docs/en/governance/agentsystems-notary.mdx | 44 ++++++++++++---------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/docs/en/governance/agentsystems-notary.mdx b/docs/en/governance/agentsystems-notary.mdx index 61cd9ebc81..e7946570f8 100644 --- a/docs/en/governance/agentsystems-notary.mdx +++ b/docs/en/governance/agentsystems-notary.mdx @@ -1,13 +1,13 @@ --- title: AgentSystems Notary -description: Tamper-evident audit logging for CrewAI applications. +description: Cryptographically verifiable audit trails for CrewAI applications. icon: stamp mode: "wide" --- ## Overview -AgentSystems Notary creates cryptographically verifiable audit trails for AI systems. +AgentSystems Notary creates tamper-evident audit trails for AI agent interactions. ## Why @@ -24,8 +24,8 @@ If there's ever an audit or dispute, you provide the raw logs. The auditor re-ha You control your data, but can't alter it without detection. **What gets logged:** -- To your storage: input prompt, response text, agent metadata, session IDs, timestamps -- To ledger: SHA-256 hash + metadata (e.g. namespace, session ID, timestamps) +- To your storage: full raw LLM payload (prompts, responses, metadata, timestamps) +- To hash storage: SHA-256 hash + metadata (e.g. namespace, session ID, timestamps) ## Hash storage options @@ -53,7 +53,11 @@ pip install agentsystems-notary "crewai[anthropic]" python-dotenv ```shell openssl genrsa -out arweave-key.pem 4096 ``` - For production, use [AWS KMS or another cloud key management service](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs). + + Retain this key. It is required to prove ownership of on-chain hashes during verification. + + + For production, use a [cloud key management service](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs). Create a `.env` file in your project root: @@ -71,7 +75,7 @@ pip install agentsystems-notary "crewai[anthropic]" python-dotenv ANTHROPIC_API_KEY=sk-ant-... ``` - + ```python import os @@ -102,19 +106,22 @@ pip install agentsystems-notary "crewai[anthropic]" python-dotenv ) # Arweave for decentralized hash storage + # Namespace is public — written to the ledger and used to segment stored data + # Namespace should be one anonymous ID per customer, agent, or environment + # Retain a record of your namespace mappings arweave_storage = ArweaveHashStorage( - namespace="tenant_a1b2c3d4", # Use an anonymous ID, not a company name + namespace="tenant_a1b2c3d4", # See namespace comments above signer=signer, ) - # Initialize notary — hooks auto-register with CrewAI - notary = CrewAINotary( + # Register notary hooks — all LLM calls in this process are logged automatically + CrewAINotary( raw_payload_storage=raw_payload_storage, hash_storage=[arweave_storage], debug=True, ) - # Create crew — all LLM calls are logged automatically + # Create and run crew llm = LLM( model="anthropic/claude-sonnet-4-5-20250929", api_key=os.environ["ANTHROPIC_API_KEY"], @@ -137,33 +144,32 @@ pip install agentsystems-notary "crewai[anthropic]" python-dotenv result = crew.kickoff() print(result) ``` - - - The `namespace` is written to the public ledger. Use an anonymous tenant identifier, not a company name. - ## Verification -**Decentralized (Arweave)**: Download raw payloads from your storage bucket, then verify with the open-source CLI: +**Decentralized (Arweave)**: Download raw payloads from your storage bucket, zip them, and verify with the open-source CLI: ```shell +aws s3 sync s3://your-bucket/arweave/tenant_a1b2c3d4/ ./logs +zip -r logs.zip logs npm install -g agentsystems-verify agentsystems-verify --logs logs.zip ``` -The CLI re-hashes each payload and compares against the hashes stored on Arweave. +The CLI re-hashes each payload and compares against the hashes stored on Arweave. See the [full verification guide](https://docs.agentsystems.ai/notary/verification/arweave?utm_source=crewai-docs&utm_medium=docs) for details. Alternatively, the [Verify UI](https://verify.agentsystems.ai?utm_source=crewai-docs&utm_medium=docs) supports both decentralized and custodied verification. ## Configuration -- [Raw payload storage options](https://docs.agentsystems.ai/notary/configuration/raw-payload-storage?utm_source=crewai-docs&utm_medium=docs) (AWS S3, GCS, etc.) -- [Signers for Arweave](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs) (local key, AWS KMS) -- [Hash storage options](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs) (Arweave, Custodied) +- [Raw payload storage options](https://docs.agentsystems.ai/notary/configuration/raw-payload-storage?utm_source=crewai-docs&utm_medium=docs) +- [Signing configuration](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs) +- [Hash storage options](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs) ## Resources +- [Website](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs) - [Documentation](https://docs.agentsystems.ai/notary/?utm_source=crewai-docs&utm_medium=docs) - [GitHub](https://github.com/agentsystems/agentsystems-notary?utm_source=crewai-docs&utm_medium=docs)