Somewhere between Kyoto temples I shipped a signing proxy for Agent Receipts — an open protocol that gives every AI agent action a cryptographically signed audit trail. The idea is simple: when an agent acts on your behalf, you should be able to prove what happened. Not just logs. Proof. This week I used it to audit itself. The problem with MCP tool calls When you give Claude access to GitHub via the MCP server, it can create issues, push files, open pull requests. It acts on your behalf. And when it’s done, it tells you what it did. ... Read more

Last week, I asked an AI agent to clean up some files in a project directory. It did a great job — renamed a few things, deleted some stale configs, updated a README. I know this because I watched it happen in my terminal. But if you asked me to prove what it did? To show you an authoritative record of every action, in order, with cryptographic proof that nothing was altered after the fact? I couldn’t. ... Read more