Signed ReceiptsPolicy GatesApproval TokensAudit Logs

Models can propose. Only ProofGate can act.

ProofGate prevents “agent” failures by enforcing deterministic consequences: least-privilege policy gates, signed decisions, signed approvals, and append-only audit trails — all before any tool touches reality.

View API Docs Quickstart

Deterministic Gates

Every intent is validated against explicit invariants. No hidden authority. No vibe-based execution.

Signed Receipts

Every decision + execution emits a cryptographic receipt. You always have proof of what happened.

Signed Approvals

When a policy requires approval, tokens are signed + expiring, tied to the exact intent hash.

One-call Execute

Use /v1/execute for decide→execute, or receive an approval token when gates require it.

Audit Memory

Append-only JSONL log. Every request and result is written with receipts — no rewrites, no ambiguity.

Tool-agnostic

SMTP today. Gmail/Drive/Slack/Stripe tomorrow — same rails, same proof, same invariants.

Quickstart

Run ProofGate locally and send a deterministic intent.

Full docs →

# start server (example)
pnpm -C packages/proofgate-server dev

# execute (one-call)
curl -s -X POST http://localhost:8790/v1/execute \
  -H "content-type: application/json" \
  -d '{
    "intentId":"intent_demo_01",
    "action":"email.send",
    "actor":{"actorId":"bjk","actorType":"human"},
    "payload":{
      "to":["test@gmail.com"],
      "cc":[],
      "bcc":[],
      "subject":"ProofGate Test",
      "body":"Deterministic consequence rails.",
      "links":[]
    },
    "requestedScopes":["email.send"],
    "meta":{}
  }'

Result includes a signed decision receipt and a signed execution receipt — plus an append-only audit log line.