Distributed proof metadata for bounded AI-agent actions

Evidence infrastructure for AI-agent actions.

For enterprise AI deployers and risk teams that need to prove what AI agents did, what boundary applied, and whether the evidence trail can be trusted.

ProofWarden captures bounded AI-agent actions, anchors proof metadata through DUAL, and assembles reviewer-verifiable evidence records.

Raw evidence stays in your vault. Proof metadata is anchored on DUAL. Reviewers get a record they can inspect.

Evidence chain

event → receipt → record

1

Capture

Event

Capture the structured facts of the agent action closest to execution.

2

Anchor

Receipt

Anchor proof metadata through DUAL, the distributed-ledger proof layer.

3

Review

Record

Assemble a reviewer-verifiable evidence record that can be inspected.

Exception path

event → exception → review record

When an action crosses a boundary, ProofWarden preserves the exception as evidence instead of making the action look cleaner than it was.

When ProofWarden matters

01

An AI agent takes an operational action.

02

A reviewer later needs to reconstruct what happened.

03

Sensitive raw evidence cannot be broadly exposed.

The problem

AI agents are moving from recommendation to action.

Enterprise AI agents increasingly interact with tools, workflows, approvals, procurement systems, customer operations, and controlled data. After an action occurs, risk teams may need to reconstruct what happened, which boundary applied, whether approvals existed, and whether the evidence changed.

1

Operational facts are scattered across logs, tickets, tools, emails, approvals, and AI gateways.

2

AI-generated summaries can reshape the narrative after the event.

3

Evidence can be sensitive, mutable, incomplete, or difficult to verify.

4

Exceptions can disappear during workflow cleanup or retrospective reporting.

5

Traditional logging was not designed for reviewer-verifiable AI action evidence.

How it works

Prove what happened, then make the trail reviewable.

ProofWarden follows a narrow sequence: capture the event, anchor the receipt, and assemble the record.

Capture01

Event

Capture structured facts around the AI-agent action: actor, action type, timestamp, source system, tool used, approval state, authority scope, boundary context, and evidence-vault reference.

Anchor02

Receipt

Anchor proof metadata through DUAL, a distributed-ledger proof layer that stores hashes, timestamps, receipt references, lineage metadata, object references, and verifier-readable proof fields.

Review03

Record

Assemble a reviewer-readable evidence record linking the event, boundary mapping, receipt metadata, hashes, approvals, reason codes, verifier grants, and review context.

Sample action receipt

A compact record of what happened, what boundary applied, and where the evidence lives.

The receipt gives reviewers a stable starting point without moving sensitive raw prompts, files, logs, or approvals out of the customer evidence vault.

proofwarden receipt
Receipt ID:
PWR-2026-000184
Action type:
Procurement request
Boundary:
PO threshold under $5,000
Approval state:
Within delegated authority
Vault reference:
vault://customer/po/8472
Event hash:
9f3a...72c1
DUAL anchor:
Confirmed
Timestamp:
2026-05-23 14:32 UTC
Review status:
Ready for inspection
Architecture

Separate custody, integrity, and judgment.

ProofWarden does not move sensitive raw evidence onto DUAL. It separates raw evidence custody from independently verifiable proof metadata.

Custody

Customer Evidence Vault

Stores prompts, logs, approvals, files, tickets, and operational records.

Purpose: custody and access control.

Integrity

DUAL Proof Layer

Stores hashes, timestamps, receipt IDs, lineage references, object references, and integrity status.

Purpose: independent proof metadata.

Judgment

Reviewer Evidence Record

Contains event summary, boundary mapping, receipt metadata, reason codes, verifier access, and review context.

Purpose: inspection and verification.

Customer Evidence Vault → DUAL Proof Layer → Reviewer Evidence Record
Bounded actions

Built around the boundary a reviewer will care about later.

ProofWarden starts with the operational boundary: the rule, threshold, authority limit, access condition, control, contract obligation, or reviewer question that defines what evidence should exist.

Approval rulesProcurement thresholdsAuthority limitsData-access rulesContract obligationsAudit requirementsOperational proceduresReviewer-defined questions

Exception path

event → exception → review record

Threshold exceeded
Approval missing
Outside authority scope
Boundary crossed
Proof-readiness failed
Exception preservation

Exceptions are evidence too.

If an action exceeds a threshold, lacks approval, falls outside authority scope, crosses a boundary, or fails proof-readiness checks, ProofWarden does not create a clean-action receipt that could imply acceptance. Instead, it preserves the facts as exception evidence so reviewers can inspect what occurred, which boundary failed, what evidence existed, and where uncertainty remained.

Use cases

Designed for enterprise AI deployers and risk teams.

Start where boundaries, review conditions, approvals, and evidence sufficiency already matter.

01

AI-agent procurement controls

Capture and verify agent actions around purchase orders, spend thresholds, approval rules, and authority limits.

Example: an AI agent prepares or routes a purchase order under a defined spend threshold.

02

Sensitive data and tool access

Preserve evidence when AI agents access controlled systems, customer data, internal tools, or restricted workflows.

Example: an AI agent accesses a controlled system or customer dataset.

03

Exception and incident reconstruction

Assemble review records when agent actions cross boundaries, miss approvals, or require post-action investigation.

Example: an agent action exceeds a limit or lacks approval, and ProofWarden preserves the exception as review evidence.

Customer assurance evidence requestsSupplier-screening exception routingOperational escalation workflowsLow-risk refundsContract workflow evidence

What ProofWarden does

  • Captures structured AI-agent action events.
  • Maps operational boundaries to agent activity.
  • Validates events against approvals, thresholds, authority scope, and evidence requirements.
  • Anchors proof metadata through DUAL.
  • Assembles reviewer-verifiable evidence records.
  • Preserves exception evidence.
  • Provides scoped verifier access and evidence-pack exports.

What ProofWarden does not do

  • Determine compliance.
  • Assign liability.
  • Approve or deny workflows.
  • Replace auditor or reviewer judgment.
  • Act as a general AI risk dashboard.
  • Store raw operational evidence on DUAL.
  • Make final operational or legal decisions.
FAQ

Common questions about ProofWarden.

Plain-English answers for enterprise teams evaluating AI action evidence infrastructure.

What is ProofWarden?+

ProofWarden is evidence infrastructure for AI-agent actions. It helps enterprise AI deployers and risk teams capture bounded agent events, anchor proof metadata, and assemble reviewer-verifiable evidence records.

What problem does ProofWarden solve?+

ProofWarden helps teams preserve and verify the evidence trail around AI-agent actions, especially when logs, summaries, approvals, or operational narratives may change after the action occurs.

Who is ProofWarden for?+

ProofWarden is designed for enterprise AI deployers, risk teams, governance teams, assurance teams, audit teams, compliance reviewers, and AI operations teams.

What is an AI-agent action?+

An AI-agent action is an operational step taken or initiated by an AI system, such as accessing a tool, preparing a purchase order, routing an exception, requesting data, approving a low-risk workflow, or escalating an operational process.

What does bounded action mean?+

A bounded action is an AI-agent action tied to a defined rule, threshold, approval expectation, authority scope, data-access condition, contract obligation, or reviewer question.

What is DUAL?+

DUAL is the distributed-ledger proof layer used by ProofWarden to anchor proof metadata such as hashes, timestamps, receipt references, lineage metadata, object references, and verifier-readable proof fields.

Does ProofWarden store raw prompts or sensitive files on DUAL?+

No. Raw prompts, logs, approvals, files, tickets, and operational records remain in customer-controlled evidence storage. DUAL stores proof metadata only.

Is ProofWarden a compliance tool?+

ProofWarden supports evidence integrity and reviewability. It does not determine compliance, assign liability, approve workflows, or replace reviewer judgment.

What happens when an action is out of bounds?+

ProofWarden preserves the event as exception evidence and assembles a review record so reviewers can inspect what happened.

Is ProofWarden available now?+

ProofWarden is an active product. Organisations interested in early access can request a conversation through the site.

About ProofWarden

Built for the next phase of enterprise AI operations.

As AI agents move deeper into operational workflows, enterprises need more than dashboards and logs. They need evidence infrastructure that preserves what happened, anchors proof metadata, and supports reviewer trust without exposing unnecessary sensitive data.

ProofWarden is built around a simple principle: when AI agents act, the evidence trail should be captured, anchored, and reviewable before systems or narratives change around it.

Request early access

Explore AI action evidence infrastructure with ProofWarden.

ProofWarden is working with enterprise AI deployers and risk teams exploring evidence infrastructure for AI-agent actions.

We'll only use your details to respond to your request. See Privacy Notice.