Blog
·4 min read·VAIBot

Can you prove what your AI did?

provenanceauditcompliance

Two questions get very hard the moment AI is in the loop, and both are really the same question wearing different clothes:

  • Did this come from where it claims? — the deck, the report, the image an agent produced.
  • What did the agent actually do? — at 3am, in a workflow no human watched.

Today the honest answer to both is “trust me.” Logs are mutable. Screenshots are fakeable. A dashboard your vendor controls is only as good as your faith in the vendor. None of that survives an audit, a dispute, or a regulator — and it definitely doesn't survive an adversary with an incentive to rewrite history.

Make it provable, not promised

The fix is old and boring and works: cryptographic commitments. You don't need to publish the content to prove things about it — you publish a hash, and hashes are cheap, private, and impossible to forge backwards.

VAIBot applies this in two places.

Content receipts

The Provenance API takes a piece of content, hashes it (keccak256 for anything anchored on-chain, sha256 for local and offline use), and anchors that hash on a public chain. What comes back is a receipt anyone can verify: this exact artifact existed, in this exact form, at this time, and has not been altered since. The content itself never leaves your hands — only the fingerprint does. Anchoring is batched by a background service so you get on-chain finality without paying per-item gas.

Action receipts

The other half is what the agent did. Every decision the guard makes — allow, ask, deny — lands in a hash-chained, tamper-evident audit log, and governance decisions produce receipts of their own. Because each entry commits to the one before it, you can't quietly delete or reorder the awkward parts; a break in the chain is detectable. “What happened and in what order” stops being a matter of trust.

Why this is worth the trouble

  • Compliance — show that your agent operated under an enforced policy, with a record you didn't author after the fact.
  • Disputes — settle “the AI produced this” / “no it didn't” with a receipt instead of a screenshot.
  • Authenticity — give downstream consumers a way to check that an AI artifact is the one you actually signed off on.
  • Tamper-evidence — a log that can't be edited without leaving a mark changes the incentives of everyone who touches it.

What a receipt does and doesn't claim

Precision matters here, so: provenance proves integrity, timing, and origin— that a specific artifact or event existed, when, and that it wasn't altered. It does notprove the content is correct, safe, or true. It is an authenticity layer, not a truth oracle. But “we can prove exactly what was produced and exactly what was done” is a foundation almost no AI stack has today, and most of the trust problems above can't be solved without it.

Governance decides what your AI is allowed to do; provenance proves what it did. Get started, or read the enforcement side in the circuit-breaker post.

Put a brake on your AI stack.

One command installs the guard across the agents you already use — free, no signup to start.

$ curl -fsSL https://vaibot.io/install.sh | sh