veralog 0.1.0

Cryptographic audit trails for AI agents

Veralog Python SDK

Cryptographic audit trails for AI agents. Add one line to your agent, get a tamper-proof signed log of every action.

www.vrlg.tech

Installation

pip install veralog

Quick start

import veralog

veralog.configure(api_key="vrlg_...")

result = veralog.record(
    agent_id="sales-bot",
    action="send_proposal",
    payload={"client": "acme-corp", "deal_value": 50000},
    status="success",
)

print(result.verify_url)

Get an API key

import veralog
account = veralog.register(email="you@yourcompany.com")
print(account["api_key"])

Or register at www.vrlg.tech.

Configuration

# Explicit
veralog.configure(api_key="vrlg_...")

# Or via environment variable
export VERALOG_API_KEY="vrlg_..."

Record an event

result = veralog.record(
    agent_id="sales-bot",           # required: your agent's ID
    action="send_proposal",         # required: what it did
    payload={"client": "acme"},     # required: arbitrary dict
    status="success",               # success | warning | error | crash | timeout | blocked | cancelled
    severity="info",                # debug | info | warning | error | critical
    flags=[],                       # loop_detected | policy_violation | data_exposure | ...
    trace_id="trace-abc-123",       # optional: correlation ID
    tool_name="gmail_api",          # optional: tool used
)

print(result.event_id)    # UUID
print(result.verify_url)  # https://www.vrlg.tech/verify/{id}/page
print(result.events_used) # running total

Query events

events = veralog.get_events(
    status="blocked",
    agent_id="sales-bot",
    since="2026-06-01T00:00:00",
    limit=50,
)
print(events["total"])
print(events["events"])

Export all events

data = veralog.export()
# Returns dict with all events, signatures, and public keys

Verify an event

event = veralog.verify("8b466b96-8663-4742-a6a6-8964ce69e5d4")
print(event["signature"])
print(event["public_key"])

LangChain example

from langchain.agents import AgentExecutor
import veralog

veralog.configure(api_key="vrlg_...")

def run_agent_with_audit(agent_executor, input_text):
    try:
        result = agent_executor.invoke({"input": input_text})
        veralog.record(
            agent_id="langchain-agent",
            action="invoke",
            payload={"input": input_text, "output": result["output"][:200]},
            status="success",
        )
        return result
    except Exception as e:
        veralog.record(
            agent_id="langchain-agent",
            action="invoke",
            payload={"input": input_text, "error": str(e)},
            status="error",
            severity="error",
        )
        raise

CrewAI example

from crewai import Agent, Task, Crew
import veralog

veralog.configure(api_key="vrlg_...")

class AuditedCrew(Crew):
    def kickoff(self, inputs=None):
        result = super().kickoff(inputs=inputs)
        veralog.record(
            agent_id="crewai-crew",
            action="kickoff",
            payload={"inputs": inputs, "result": str(result)[:200]},
            status="success",
        )
        return result

Independent verification

Every event is signed with Ed25519. You can verify any event without Veralog:

from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
import binascii

event = veralog.verify("your-event-id")

public_key = Ed25519PublicKey.from_public_bytes(
    binascii.unhexlify(event["public_key"])
)
message = f"{event['event_id']}:{event['agent_id']}:{event['action']}:{event['timestamp']}".encode()
signature = binascii.unhexlify(event["signature"])

public_key.verify(signature, message)
print("Signature valid — event was not tampered with")

Links

• Website: www.vrlg.tech
• API docs: www.vrlg.tech/docs
• Contact: liquidcrystalcore@gmail.com