Tamper-evident SHA-256 hash-chain audit log + human-readable report for AI agent decisions - a stdlib-only integrity & traceability tool (not explainability, not a compliance control, not investment advice).
Project description
autonomous-audit
Tamper-evident audit log for AI trading agents — a SHA-256 hash chain plus a human-readable decision report. Give any agent-driven trading workflow (Alpaca or otherwise) a lightweight integrity + traceability record for its decisions — with zero dependencies.
Extracted from the autonomous_ "Senate Protocol" decision-audit log into a standalone, stdlib-only package.
Why
An AI agent that trades makes decisions you may later need to review and check were not
altered. autonomous-audit appends every decision to an append-only JSONL file under a SHA-256
hash chain: each record carries the hash of the previous one, so an in-place edit, mid-chain
deletion or reorder breaks the chain and is detected. (It does not by itself detect
truncation of the newest records or a wholesale rewrite from genesis — anchor the chain head
externally if you need that.) A one-command report turns the machine log into a readable HTML
document.
- Zero third-party dependencies — pure Python stdlib (no external supply-chain surface).
- Language-agnostic pre-image — the canonical pre-image is
json.dumps(entry, sort_keys=True)(Python defaults:ensure_ascii=True,", "/": "separators); a verifier in another language that reproduces it byte-for-byte validates the same chain — a Python-emulating serializer is required (naiveJSON.stringifydiffers). See reference.md for the exact byte contract. - Fail-loud — refuses to write when disk is low, rather than silently dropping evidence.
Install / run
# no install — run straight from PyPI with uv
uvx autonomous-audit demo # write + verify + report a sample chain
uvx autonomous-audit verify path/to/audit.jsonl # exit 0 = intact; 1 = problem (see message)
uvx autonomous-audit report audit.jsonl -o report.html
# or install it
pip install autonomous-audit
Use as a library
from autonomous_audit import AuditChainWriter, verify_chain
w = AuditChainWriter("audit_log.jsonl")
w.append({"symbol": "AAPL", "signal_action": "BUY", "consensus_score": "0.71",
"timestamp": "2026-07-02T09:30:00+00:00"})
ok, err = verify_chain("audit_log.jsonl") # (True, None) if intact
Keep record values float-free (use strings) if the same chain will be verified in JavaScript —
float formatting can differ between json.dumps and JSON.stringify.
Async & throughput. append() does one blocking, synchronous write plus a disk check per
record (pure stdlib, no async). In an event loop, run it in a thread — e.g.
await loop.run_in_executor(None, writer.append, record) — so a fast market's order path is
never blocked by audit I/O. It targets per-decision logging, not high-frequency (hundreds/sec)
streaming.
Report
report / render_html_report() produces a self-contained HTML page: an integrity banner, one
readable row per decision (subject, verdict, reason, short hash) and the required disclosure.
Print it to PDF from any browser — no PDF dependency required.
Scope, limits & regulatory context
This tool gives you tamper-evidence and a readable trail of what your agent decided — integrity and traceability. It does not judge whether decisions were correct, and it is not investment advice, a regulatory control, or a compliance certification.
- Tamper-evident, not tamper-proof. A local JSONL file is inherently mutable; the chain lets you detect alteration (in-place edits, reorders, mid-chain deletions — not tail-truncation or a genesis rewrite), not prevent it. It does not on its own satisfy MiFID II statutory record-keeping (Art. 16 MiFID II; Art. 72/76 Reg. (EU) 2017/565; RTS 6). For regulated retention, pair it with WORM / durable-medium storage and anchor the chain head externally.
- Not explainability. Recording what was decided is not explaining why. Model explainability/interpretability (e.g. EU AI Act Art. 13/14; MiFID II algo-governance) is a separate obligation this tool does not meet.
- AI Act orientation. The EU AI Act's event-logging concept is Art. 12 (record-keeping), which binds high-risk systems; an AI trading agent is not high-risk merely by trading (Annex III's finance items are credit scoring and life/health-insurance pricing). Assess your own use case.
Chain integrity is not authorization. Keep the raw log as the source of truth.
License
Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file autonomous_audit-0.1.0.tar.gz.
File metadata
- Download URL: autonomous_audit-0.1.0.tar.gz
- Upload date:
- Size: 17.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f48998a2925af693a00d1b098c10b6276338879dba07f4ca992a5942e3338b88
|
|
| MD5 |
dfc2b1b4bc68a527a79d2aed473bc23f
|
|
| BLAKE2b-256 |
97dc0ef89c641afcdcc5b4e21895a455e91df35f57ee8f65c64982638c8e45b3
|
Provenance
The following attestation bundles were made for autonomous_audit-0.1.0.tar.gz:
Publisher:
pypi-publish.yml on Autonomous-Asset-Management-Agents/autonomous_
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
autonomous_audit-0.1.0.tar.gz -
Subject digest:
f48998a2925af693a00d1b098c10b6276338879dba07f4ca992a5942e3338b88 - Sigstore transparency entry: 2062304660
- Sigstore integration time:
-
Permalink:
Autonomous-Asset-Management-Agents/autonomous_@a99f3b1db3232f06a38e5546cb89562a7d75ef91 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/Autonomous-Asset-Management-Agents
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pypi-publish.yml@a99f3b1db3232f06a38e5546cb89562a7d75ef91 -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file autonomous_audit-0.1.0-py3-none-any.whl.
File metadata
- Download URL: autonomous_audit-0.1.0-py3-none-any.whl
- Upload date:
- Size: 15.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
25ff84d104e608be464639f6000ecf7c33db861b2cef2229a49abe131f59d5fd
|
|
| MD5 |
2adb8c18168f8fbfdcf655a8c8df0eed
|
|
| BLAKE2b-256 |
0fd9fa24d8958cc0886788113cbeac6745d63c4f2c9e7a2c676c4e8435ea5e5a
|
Provenance
The following attestation bundles were made for autonomous_audit-0.1.0-py3-none-any.whl:
Publisher:
pypi-publish.yml on Autonomous-Asset-Management-Agents/autonomous_
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
autonomous_audit-0.1.0-py3-none-any.whl -
Subject digest:
25ff84d104e608be464639f6000ecf7c33db861b2cef2229a49abe131f59d5fd - Sigstore transparency entry: 2062304976
- Sigstore integration time:
-
Permalink:
Autonomous-Asset-Management-Agents/autonomous_@a99f3b1db3232f06a38e5546cb89562a7d75ef91 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/Autonomous-Asset-Management-Agents
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
pypi-publish.yml@a99f3b1db3232f06a38e5546cb89562a7d75ef91 -
Trigger Event:
workflow_dispatch
-
Statement type: