Skip to main content

Framework-agnostic, tamper-evident audit layer for AI agents. Hash chains verify byte-for-byte against the ProofLedger TypeScript SDK and dashboard.

Project description

ProofLedger Python SDK

A framework-agnostic, tamper-evident audit layer for AI agents. ProofLedger sits underneath or beside any agent framework (LangGraph, CrewAI, OpenAI Agents SDK, AutoGen, or a custom stack) and records every run, event, and tool call into a SHA-256 hash chain.

The chains this SDK produces are byte-for-byte compatible with the ProofLedger TypeScript SDK: runs captured from Python verify correctly in the ProofLedger dashboard, which verifies using the TS implementation.

No third-party runtime dependencies — standard library only (Python >= 3.9).

Install

pip install proofledger

Or from this repo:

pip install packages/sdk-py

Usage

from proofledger import enable, track, with_run, verify_run

# Cloud mode — sends to your ProofLedger backend.
enable(
    api_key="tl_live_...",
    base_url="https://proofledger.dev",
    project_id="proj_...",
)

# One-shot tracking of a complete, verifiable run.
track(
    agent_id="support-agent",
    input="Hello",
    output="Hi there",
    model="gpt-4.1",
    provider="openai",
)

If you call enable() without an api_key (or pass local=True), the SDK runs in local dev mode: events are kept in memory and best-effort appended to ./.proofledger/events.jsonl, with no server required.

Wrapping a unit of work with with_run

with_run opens a run, runs your function, records the result (or the error), and closes the run — all on a verifiable chain. The callback receives a RunHandle you can use to record tool calls and custom events.

from proofledger import enable, with_run, verify_run

enable(local=True)  # local dev mode, no api key

def do_work(run):
    # Record a tool call — emits tool.called + tool.returned around the record.
    run.record_tool_call(
        tool_name="search_kb",
        input={"query": "refund policy"},
        output={"hits": 3},
    )
    return {"answer": "Refunds within 30 days."}

result = with_run({"agent_id": "support-agent", "model": "gpt-4.1"}, do_work)

# Verify the run's hash chain.
report = verify_run(...)  # pass the run id; see examples/basic.py
print(report["valid"])    # True

See examples/basic.py for a complete, runnable example:

python examples/basic.py

Hashing primitives

The same primitives the dashboard uses are re-exported:

from proofledger import (
    create_payload_hash,
    create_event_hash,
    verify_event_chain,
    GENESIS_HASH,
)
  • Canonical JSON: object keys are sorted recursively and serialized with no whitespace and literal Unicode, matching JS JSON.stringify with sorted keys.
  • GENESIS_HASH is 64 zeros — the previousHash of the first event.
  • create_event_hash commits to the event id, type, timestamp, payload hash, and the previous event's hash, chaining every event to the one before it.

Because the canonicalization and digests match the TypeScript SDK exactly, a chain captured in Python verifies identically in the ProofLedger dashboard.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

proofledger-0.2.0.tar.gz (19.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

proofledger-0.2.0-py3-none-any.whl (19.8 kB view details)

Uploaded Python 3

File details

Details for the file proofledger-0.2.0.tar.gz.

File metadata

  • Download URL: proofledger-0.2.0.tar.gz
  • Upload date:
  • Size: 19.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for proofledger-0.2.0.tar.gz
Algorithm Hash digest
SHA256 3ec96856bbd973220362048ee552ce57d79c0878356ab57cb3c5d17263b31656
MD5 0d6d4a5c05a8d967b6b045706c8192d6
BLAKE2b-256 43e3d5675a144cde1676e8d68876116af316cb15c9e89dae1208915b7c4c9695

See more details on using hashes here.

Provenance

The following attestation bundles were made for proofledger-0.2.0.tar.gz:

Publisher: publish-pypi-sdk.yml on jorama/proofledger

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file proofledger-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: proofledger-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 19.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for proofledger-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0a7f91870dc21b3b300950dc8803bef62394a06db4874c899e4e09d6eed9a547
MD5 32661f9e5372455adf0329b76198aa3b
BLAKE2b-256 6aad1a63cf8af49f2eb10b8fa580022a40cb78e350d46afb74c4273560d8c42d

See more details on using hashes here.

Provenance

The following attestation bundles were made for proofledger-0.2.0-py3-none-any.whl:

Publisher: publish-pypi-sdk.yml on jorama/proofledger

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page