Sanna is an open-source trust infrastructure designed to enforce governance and provide cryptographic proof for actions taken by AI agents. It addresses the challenge of ensuring that AI agents comply with organizational or regulatory policies by halting forbidden actions before they reach downstream systems and generating tamper-evident, Ed25519-signed receipts for every decision. This approach aims to shift the burden of liability to the deployer, ensuring that every agent output is both policy-compliant and auditable.
The platform operates on two main pillars: constitution enforcement and governance receipts. Governance rules are defined in version-controlled YAML files, which specify the boundaries of agent authority. Sanna evaluates every action at execution time—allowing, halting, or escalating actions as dictated by these rules. Escalation-required actions are held for human approval, and any violation results in immediate halting. Each decision, whether allowed, halted, or escalated, generates a cryptographically signed receipt containing deterministic fingerprints and proof of compliance, which can be verified offline using a public key. These receipts are portable and vendor-neutral, enabling them to be shared with auditors, regulators, or counterparties as evidence of governance enforcement.
Sanna is delivered as libraries for both Python and TypeScript, allowing developers to wrap governed functions with minimal code changes. The same receipt schema and constitution format are used across languages, ensuring cross-language compatibility and verification. Additionally, Sanna offers a gateway deployment mode, acting as a proxy between AI clients and downstream tools without requiring code changes to the agent itself. There is also a governance plugin available for OpenClaw agents, providing runtime enforcement through integration hooks.
The tool has undergone multiple independent security review cycles, features a published formal specification, and has been tested across two languages and multiple runtimes. It is open source, with receipts and constitutions signed using Ed25519, and is designed to be vendor neutral. Sanna’s architecture and cryptographic approach aim to provide both enforcement and verifiable proof, moving beyond simple audit logs to deliver actionable, regulator-grade evidence for AI agent governance.
Sanna is an AI & ML product. It focuses on ensuring AI agents comply with governance policies and providing verifiable proof of their actions. It is built as an open-source project for AI developers and organizations deploying AI agents. Sanna is open source under the AGPL-3.0 license. Sanna is available on the command line, and it can be self-hosted.
Sanna first shipped in 2026. Development happens publicly on GitHub with 115 commits in the last 90 days. Key capabilities include constitution enforcement, governance receipts, and policy violation halting.
Latest indexed changes and source events
Other apps tracked under the same category.