What is a Cryptographic Audit Trail — and Why AI Agents Need One

When a human makes a decision at work, there's usually a paper trail — an email, a ticket, a signed document. You can look back and know who approved what, and when. AI agents don't have this yet. An agent can delete a file, call an API, or modify a database — and unless the application specifically logs it, there's no reliable record of what happened. Existing logs are mutable, incomplete, and easy to miss. More importantly, they don't prove who authorized the action. A cryptographic audit trail works differently. The core idea: Every action gets a receipt. Before an agent takes any action, it generates a signed record containing the action name, the parameters, a timestamp, and a nonce. This receipt is signed with the agent's private key using Ed25519 — an asymmetric signing algorithm. The receipt is tamper-evident. The signature is computed over a canonical representation of all the fields together. Change any single field after the fact — the timestamp, the action name, anything —