VeriSwarm Vault
Immutable, cryptographically-chained event ledger for compliance and audit.
Vault gives your organization a tamper-evident record of every meaningful action taken by or against your AI agents. Every event is hashed into an append-only chain that you can independently verify at any time.
Plan requirement: Max plan. To upgrade, visit Account > Billing in the dashboard or contact [email protected].
How It Works
Vault maintains an ordered, append-only ledger per workspace. Each event is cryptographically linked to the previous event using SHA-256 hashing. Modifying any historical event breaks the chain for all subsequent entries — immediately detectable via the verification endpoint.
Vault events are immutable. There are no update or delete operations. Any unauthorized modification at the storage layer breaks the hash chain automatically.
Event Recording
Events are recorded automatically when Vault is enabled. You do not need to call a separate API. Any event processed through VeriSwarm's suite — Guard scans, Passport verifications, trust decisions, agent events — is written to the ledger.
Event structure
Each ledger entry contains:
| Field | Description |
|---|---|
event_id |
Unique identifier |
actor_type / actor_id |
Who performed the action (user, agent, system, platform) |
subject_type / subject_id |
What the action targeted (agent, tool, mcp_server, user, policy) |
event_type |
Standardized event type |
source |
Origin system or integration |
occurred_at |
When the event happened (UTC) |
ingested_at |
When VeriSwarm recorded the event (UTC) |
payload |
Event-specific data |
visibility |
Access level: public, internal, or private |
correlation_id |
Optional ID linking related events |
content_hash |
SHA-256 hash of the event content |
previous_event_hash |
Hash of the preceding event in the chain |
Chain Verification
Verify the integrity of your ledger at any time. The verification endpoint walks the hash chain and reports whether every link is valid.
A successful response:
{
"ok": true,
"checked_count": 842,
"total_count": 842,
"partial": false,
"errors": []
}
If ok is false, one or more events have been modified, deleted, or inserted outside normal operations. Treat broken chain errors as a security incident and investigate immediately.
For large ledgers, verification may be partial (checked_count < total_count). Run verification repeatedly to cover the full chain.
Exports
Export ledger data for offline analysis, regulatory submissions, or archival.
Formats
| Format | Description |
|---|---|
json |
Array of event objects |
csv |
Tabular format with header row |
Filters
| Filter | Description |
|---|---|
event_type |
Filter to a specific event type |
actor_type |
Filter by actor type |
limit |
Maximum events (default 1,000; max 10,000) |
Each completed export includes a SHA-256 checksum for integrity verification.
For full endpoint details, see the API reference.
Compliance Use Cases
SOC 2 Audit Trails
Vault provides the continuous monitoring artifact that SOC 2 Type II audits require. The immutable ledger demonstrates that agent activities, access decisions, and policy enforcement are logged without gaps. Auditors can independently verify chain integrity and export date-ranged subsets for review.
EU AI Act Behavioral Logging
The EU AI Act mandates that deployers of high-risk AI systems maintain behavior logs. Vault captures every trust decision, moderation action, and agent interaction in a tamper-evident format. Exports provide the structured records needed for regulatory submissions under Articles 12 and 26.
ISO 42001 Audit Evidence
ISO/IEC 42001 (AI Management Systems) requires evidence of AI governance controls. The Vault ledger demonstrates that trust scoring, policy enforcement, and agent oversight are operating as documented. Chain verification provides cryptographic proof that records have not been altered.