Skip to content

Docs/add agentsystems notary integration #4401

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
brandon-agsys wants to merge 2 commits into
base: main
Choose a base branch
from
+181 −0
Open

Docs/add agentsystems notary integration #4401

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8c1ff60
Adding integration for AgentSystems Notary to Governance section
brandon-agsys Feb 7, 2026
42b4e05
Adding verification steps and clarifications
brandon-agsys Feb 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/docs.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -307,6 +307,12 @@
"en/observability/truefoundry"
]
},
{
"group": "Governance",
"pages": [
"en/governance/agentsystems-notary"
]
},
{
"group": "Learn",
"pages": [
Expand Down
175 changes: 175 additions & 0 deletions docs/en/governance/agentsystems-notary.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,175 @@
---
title: AgentSystems Notary
description: Cryptographically verifiable audit trails for CrewAI applications.
icon: stamp
mode: "wide"
---

## Overview

AgentSystems Notary creates tamper-evident audit trails for AI agent interactions.

## Why

When AI behavior is questioned by customers, auditors, regulators, insurers, etc., you need to prove what actually happened. Traditional logs don't work: you control them, so third parties have to trust you didn't modify them.

Tamper-evident logging removes that trust requirement.

## How it works

Raw LLM interactions stay in your storage. No third party sees them during normal operation. But cryptographic hashes of each interaction are written to independent, tamper-evident storage (Arweave or the AgentSystems custodied service) at the same time.

If there's ever an audit or dispute, you provide the raw logs. The auditor re-hashes them and compares against the stored hashes. A match indicates the logs are unaltered. A mismatch indicates tampering or corruption.

You control your data, but can't alter it without detection.

**What gets logged:**
- To your storage: full raw LLM payload (prompts, responses, metadata, timestamps)
- To hash storage: SHA-256 hash + metadata (e.g. namespace, session ID, timestamps)

## Hash storage options

Hashes (not raw data) can be written to either storage option:

| Storage | Best For | Features |
|---------|----------|----------|
| [Decentralized (Arweave)](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs) | No vendor lock-in | Public append-only ledger, open-source verification, no account needed |
| [Custodied](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs) | Managed compliance | Write-once storage, verification UI, signed attestations for audits |

<Note>
[Custodied plans](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs) offer WORM-compliant hash storage, managed signing, and signed attestations.
</Note>

## Prerequisites

```shell
pip install agentsystems-notary "crewai[anthropic]" python-dotenv
```

## Example (decentralized)

<Steps>
<Step title="Generate signing key">
```shell
openssl genrsa -out arweave-key.pem 4096
```
<Warning>
Retain this key. It is required to prove ownership of on-chain hashes during verification.
</Warning>

For production, use a [cloud key management service](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs).
</Step>
<Step title="Create .env file">
Create a `.env` file in your project root:
```
# AWS S3 for raw payload storage
ORG_AWS_S3_BUCKET_NAME=your-bucket
ORG_AWS_S3_ACCESS_KEY_ID=AKIA...
ORG_AWS_S3_SECRET_ACCESS_KEY=...
ORG_AWS_S3_REGION=us-east-1

# Path to signing key
ARWEAVE_PRIVATE_KEY_PATH=./arweave-key.pem

# Anthropic
ANTHROPIC_API_KEY=sk-ant-...
```
</Step>
<Step title="Run the example">
```python
import os

from agentsystems_notary import (
CrewAINotary,
ArweaveHashStorage,
AwsS3StorageConfig,
LocalKeySignerConfig,
RawPayloadStorage,
)
from crewai import Agent, Crew, LLM, Task
from dotenv import load_dotenv

load_dotenv()

# Your S3 bucket for raw LLM payloads
s3_config = AwsS3StorageConfig(
bucket_name=os.environ["ORG_AWS_S3_BUCKET_NAME"],
aws_access_key_id=os.environ["ORG_AWS_S3_ACCESS_KEY_ID"],
aws_secret_access_key=os.environ["ORG_AWS_S3_SECRET_ACCESS_KEY"],
aws_region=os.environ["ORG_AWS_S3_REGION"],
)
raw_payload_storage = RawPayloadStorage(storage=s3_config)

# Local RSA key for signing
signer = LocalKeySignerConfig(
private_key_path=os.environ["ARWEAVE_PRIVATE_KEY_PATH"],
)

# Arweave for decentralized hash storage
# Namespace is public — written to the ledger and used to segment stored data
# Namespace should be one anonymous ID per customer, agent, or environment
# Retain a record of your namespace mappings
arweave_storage = ArweaveHashStorage(
namespace="tenant_a1b2c3d4", # See namespace comments above
signer=signer,
)

# Register notary hooks — all LLM calls in this process are logged automatically
CrewAINotary(
raw_payload_storage=raw_payload_storage,
hash_storage=[arweave_storage],
debug=True,
)

# Create and run crew
llm = LLM(
model="anthropic/claude-sonnet-4-5-20250929",
api_key=os.environ["ANTHROPIC_API_KEY"],
)

agent = Agent(
role="Research Analyst",
goal="Answer questions accurately",
backstory="You are an expert analyst.",
llm=llm,
)

task = Task(
description="What is the capital of France?",
expected_output="The answer to the geography question",
agent=agent,
)

crew = Crew(agents=[agent], tasks=[task])
result = crew.kickoff()
print(result)
```
</Step>
</Steps>

## Verification

**Decentralized (Arweave)**: Download raw payloads from your storage bucket, zip them, and verify with the open-source CLI:

```shell
aws s3 sync s3://your-bucket/arweave/tenant_a1b2c3d4/ ./logs
zip -r logs.zip logs
npm install -g agentsystems-verify
agentsystems-verify --logs logs.zip
```

The CLI re-hashes each payload and compares against the hashes stored on Arweave. See the [full verification guide](https://docs.agentsystems.ai/notary/verification/arweave?utm_source=crewai-docs&utm_medium=docs) for details.

Alternatively, the [Verify UI](https://verify.agentsystems.ai?utm_source=crewai-docs&utm_medium=docs) supports both decentralized and custodied verification.

## Configuration

- [Raw payload storage options](https://docs.agentsystems.ai/notary/configuration/raw-payload-storage?utm_source=crewai-docs&utm_medium=docs)
- [Signing configuration](https://docs.agentsystems.ai/notary/configuration/signing?utm_source=crewai-docs&utm_medium=docs)
- [Hash storage options](https://docs.agentsystems.ai/notary/configuration/hash-storage?utm_source=crewai-docs&utm_medium=docs)

## Resources

- [Website](https://agentsystems.ai/notary?utm_source=crewai-docs&utm_medium=docs)
- [Documentation](https://docs.agentsystems.ai/notary/?utm_source=crewai-docs&utm_medium=docs)
- [GitHub](https://github.com/agentsystems/agentsystems-notary?utm_source=crewai-docs&utm_medium=docs)