Cryptographic notarization SDK for LLM interactions
Project description
AgentSystems Notary
Audit logging infrastructure for AI systems
AgentSystems Notary provides tamper-evident audit trails for AI systems. It creates cryptographically verifiable logs of all LLM interactions with dual-write architecture: your S3 bucket (raw logs) + Notary ledger (hash receipts).
Features
- Multi-Framework Support: LangChain and CrewAI adapters (extensible to other frameworks)
- Dual-Write Architecture: Organization S3 (raw logs) + Notary API (hash receipts)
- Cryptographic Verification: SHA-256 hashes with JCS canonicalization (RFC 8785)
- Tenant Isolation: Multi-tenant support for SaaS applications
- Audit Trail Architecture: Designed with verifiability and auditability in mind
Disclaimer
This SDK provides technical infrastructure for audit logging. It does not guarantee regulatory compliance, which depends on your specific jurisdiction, industry, policies, and operational practices. This SDK does not constitute legal, compliance, or regulatory advice. Consult with qualified legal and compliance professionals for your specific requirements.
Installation
# Install with LangChain support
pip install agentsystems-notary[langchain]
# Install with CrewAI support
pip install agentsystems-notary[crewai]
# Install with both
pip install agentsystems-notary[all]
Quick Start
LangChain
from agentsystems_notary import LangChainNotary
from langchain_anthropic import ChatAnthropic
# 1. Create notary callback
notary = LangChainNotary(
api_key="sk_asn_prod_...", # From notary.agentsystems.ai
slug="tnt_acme_corp", # Your tenant slug
org_bucket_name="acme-llm-logs" # Your S3 bucket
)
# 2. Add to any LangChain model
model = ChatAnthropic(
model="claude-sonnet-4-5-20250929",
callbacks=[notary]
)
# 3. Use normally - logs are automatic
response = model.invoke("What is AIUC-1 compliance?")
CrewAI
from agentsystems_notary import CrewAINotary
from crewai import Agent, Task, Crew
# 1. Initialize notary (registers hooks automatically)
notary = CrewAINotary(
api_key="sk_asn_prod_...",
slug="tnt_acme_corp",
org_bucket_name="acme-llm-logs"
)
# 2. Create crew normally
agent = Agent(role="Research Analyst", goal="...", backstory="...")
task = Task(description="Research AIUC-1 compliance", agent=agent)
crew = Crew(agents=[agent], tasks=[task])
# 3. All LLM calls are logged automatically
crew.kickoff()
How It Works
- Capture: Intercepts LLM requests/responses via LangChain callbacks
- Canonicalize: Deterministic JSON serialization (JCS/RFC 8785)
- Hash: SHA-256 of canonical bytes
- Dual-Write:
- Your S3 bucket: Full canonical JSON (verifiable by re-hashing)
- Notary API: Hash receipt (immutable ledger)
Configuration
Environment Variables
# AWS credentials (for organization S3 bucket)
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_ACCESS_KEY=...
export AWS_DEFAULT_REGION=us-east-1
Debug Mode
notary = LangChainNotary(
api_key="sk_asn_prod_...",
slug="tnt_acme_corp",
org_bucket_name="acme-llm-logs",
debug=True # Prints canonical JSON and hashes
)
Multi-Tenant Setup
For SaaS applications serving multiple end-customers:
# Each end-customer gets their own tenant
notary_bank_a = LangChainNotary(
api_key="sk_asn_prod_...",
slug="tnt_bank_a", # Bank A's logs
org_bucket_name="your-logs"
)
notary_bank_b = LangChainNotary(
api_key="sk_asn_prod_...",
slug="tnt_bank_b", # Bank B's logs (isolated)
org_bucket_name="your-logs"
)
API Keys
Generate API keys at notary.agentsystems.ai.
S3 Bucket Structure
Organization bucket (your S3):
logs/
{slug}/
{session_id}/
1.json
2.json
3.json
Each file contains canonical JSON that can be re-hashed to verify the hash receipt.
Verification
To verify a log entry:
import hashlib
import jcs
# 1. Download from your S3 bucket
log_data = s3.get_object(Bucket="your-bucket", Key="logs/tnt_acme/session-123/1.json")
# 2. Re-hash
canonical_bytes = log_data["Body"].read()
computed_hash = hashlib.sha256(canonical_bytes).hexdigest()
# 3. Compare with Notary receipt
assert computed_hash == notary_receipt_hash # Proof of integrity
Support
- Documentation: docs.agentsystems.ai/notary
- Dashboard: notary.agentsystems.ai
- Issues: GitHub Issues
License
Licensed under the Apache-2.0 license.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agentsystems_notary-0.4.0.tar.gz.
File metadata
- Download URL: agentsystems_notary-0.4.0.tar.gz
- Upload date:
- Size: 21.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
569b1ea340d07d50477c7546762fb886d7ce79ff91ea6a65a6d600ae7fccf437
|
|
| MD5 |
a513a2c77185f505a79bab82a075b2d1
|
|
| BLAKE2b-256 |
f3cc37e71ca9e325074b98daa2bf101bc29cebbf63fa781fe54831651f75a15b
|
File details
Details for the file agentsystems_notary-0.4.0-py3-none-any.whl.
File metadata
- Download URL: agentsystems_notary-0.4.0-py3-none-any.whl
- Upload date:
- Size: 20.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
37460504b43cbc4fb1180dbd1be0029cf445d637222618bdde1dad20b69eba1a
|
|
| MD5 |
db04d2dc99b53629277ef5e6e624818d
|
|
| BLAKE2b-256 |
54e7ee95b6abd8cf7a0f60851878035d0296b4bc117d4bad0985c9b5e895ccfc
|
