Traceseal provides cryptographic proof of actions performed by AI agents, offering a tamper-evident audit trail for each invocation. It addresses the challenge of verifying what an AI agent did, who authorized it, and who attested to the execution, all without requiring access to the operator’s environment or keys. The tool is built around a receipt system that encapsulates execution details, provenance, and attestation in a single, verifiable JSON document.
The process begins with the publisher signing the AI skill bundle using an ed25519 key, covering every source file through a content-addressed manifest. This signature and the public key are recorded in a transparency log. When the skill is executed, the operator runs it inside a kernel-namespace sandbox (using bwrap), with the runtime capturing hashes of inputs, outputs, timing, and sandbox configuration. The operator then signs the full execution record with their own ed25519 key. The resulting receipt contains three sections: execution (detailing the skill, manifest hash, input/output hashes, and audit chain link), provenance (publisher’s fingerprint, public key, and transparency log sequence), and attestation (operator’s signature and public key). Any tampering with the receipt invalidates the signature, ensuring integrity.
Verification is accessible to any third party by installing the traceseal-verify tool and running a single command on the receipt file. This process checks both the publisher’s and operator’s signatures without any trust assumptions or need for operator contact. The receipt format is canonical JSON, and verification depends only on the receipt file and cryptographic libraries. The tool supports offline verification with clear exit codes indicating validity.
Traceseal is implemented as a command-line tool and is available for installation via pip. It is based on an open specification, with the receipt format, signing convention, and verification algorithm fully documented. 0, allowing commercial use, auditing, and independent implementation. The system uses ed25519 for signatures and SHA-256 for hashing, and is designed to be transparent and reproducible, with real-world tests and production usage documented.
In the CLI tools & terminal space, Traceseal takes a focused approach. It focuses on providing verifiable, tamper-evident proof of AI agent actions for audit and compliance. Traceseal is an open-source project aimed at AI developers and auditors. The project is open source (Apache-2.0). Traceseal is available on the command line.
Traceseal first shipped in 2026. The project is developed in the open on GitHub with 4 commits in the last 90 days. Across PulseGate's embedding index, Traceseal has few near neighbours, marking it as relatively distinct. Among its 4 catalogued features are cryptographic receipts, execution verification, and CLI interface.
Latest indexed changes and source events
traceseal.io discovered by the PulseGate indexer
Other apps tracked under the same category.