Skip to main content

Framework-agnostic, tamper-evident audit layer for AI agents. Hash chains verify byte-for-byte against the ProofLedger TypeScript SDK and dashboard.

Project description

ProofLedger Python SDK

A framework-agnostic, tamper-evident audit layer for AI agents. ProofLedger sits underneath or beside any agent framework (LangGraph, CrewAI, OpenAI Agents SDK, AutoGen, or a custom stack) and records every run, event, and tool call into a SHA-256 hash chain.

The chains this SDK produces are byte-for-byte compatible with the ProofLedger TypeScript SDK: runs captured from Python verify correctly in the ProofLedger dashboard, which verifies using the TS implementation.

No third-party runtime dependencies — standard library only (Python >= 3.9).

Install

pip install proofledger

Or from this repo:

pip install packages/sdk-py

Usage

from proofledger import enable, track, with_run, verify_run

# Cloud mode — sends to your ProofLedger backend.
enable(
    api_key="tl_live_...",
    base_url="https://proofledger.dev",
    project_id="proj_...",
)

# One-shot tracking of a complete, verifiable run.
track(
    agent_id="support-agent",
    input="Hello",
    output="Hi there",
    model="gpt-4.1",
    provider="openai",
)

If you call enable() without an api_key (or pass local=True), the SDK runs in local dev mode: events are kept in memory and best-effort appended to ./.proofledger/events.jsonl, with no server required.

Wrapping a unit of work with with_run

with_run opens a run, runs your function, records the result (or the error), and closes the run — all on a verifiable chain. The callback receives a RunHandle you can use to record tool calls and custom events.

from proofledger import enable, with_run, verify_run

enable(local=True)  # local dev mode, no api key

def do_work(run):
    # Record a tool call — emits tool.called + tool.returned around the record.
    run.record_tool_call(
        tool_name="search_kb",
        input={"query": "refund policy"},
        output={"hits": 3},
    )
    return {"answer": "Refunds within 30 days."}

result = with_run({"agent_id": "support-agent", "model": "gpt-4.1"}, do_work)

# Verify the run's hash chain.
report = verify_run(...)  # pass the run id; see examples/basic.py
print(report["valid"])    # True

See examples/basic.py for a complete, runnable example:

python examples/basic.py

Hashing primitives

The same primitives the dashboard uses are re-exported:

from proofledger import (
    create_payload_hash,
    create_event_hash,
    verify_event_chain,
    GENESIS_HASH,
)
  • Canonical JSON: object keys are sorted recursively and serialized with no whitespace and literal Unicode, matching JS JSON.stringify with sorted keys.
  • GENESIS_HASH is 64 zeros — the previousHash of the first event.
  • create_event_hash commits to the event id, type, timestamp, payload hash, and the previous event's hash, chaining every event to the one before it.

Because the canonicalization and digests match the TypeScript SDK exactly, a chain captured in Python verifies identically in the ProofLedger dashboard.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

proofledger-0.3.0.tar.gz (23.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

proofledger-0.3.0-py3-none-any.whl (23.9 kB view details)

Uploaded Python 3

File details

Details for the file proofledger-0.3.0.tar.gz.

File metadata

  • Download URL: proofledger-0.3.0.tar.gz
  • Upload date:
  • Size: 23.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for proofledger-0.3.0.tar.gz
Algorithm Hash digest
SHA256 c0a85789efec1ee302485bee357bbe3f8fb906802d747569967c1d4ba1981038
MD5 e863904934a1829ef3648e995138e697
BLAKE2b-256 541902832925532f9e356b1adf443454c9762be129797e5cc11c25311f1e6f3c

See more details on using hashes here.

Provenance

The following attestation bundles were made for proofledger-0.3.0.tar.gz:

Publisher: publish-pypi-sdk.yml on jorama/proofledger

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file proofledger-0.3.0-py3-none-any.whl.

File metadata

  • Download URL: proofledger-0.3.0-py3-none-any.whl
  • Upload date:
  • Size: 23.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for proofledger-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b1ea034bf92b2662b9e34a766cbe850331b7c00993d8307a3f4dfbf1c57a9bf3
MD5 7da55e1706b842a2c13b077a6ff40fc1
BLAKE2b-256 25046fb5e83612554214136a16b95f32dfef0e45b4fe9514c4ca65c32efd9e97

See more details on using hashes here.

Provenance

The following attestation bundles were made for proofledger-0.3.0-py3-none-any.whl:

Publisher: publish-pypi-sdk.yml on jorama/proofledger

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page