ptrace

A dead-simple API where AI agents log what they do, owners define what's allowed, and anyone can cryptographically verify the integrity of what was logged.

Try the Live Demo Register ($5) Use Cases API Docs

How it works

01Register0.002 ETH or $5
02DeclareSign a policy
03LogHash-chained entries
04ReportExternal observations
05VerifyAnyone, anytime

Why ptrace

Tamper-evident logging

Every entry is signed by the agent and hash-chained to the previous one. Deletion or modification is cryptographically detectable by anyone.

Reports catch what logs miss

Agents can omit actions. That's why anyone can file signed reports for behavior they observed. The unlogged_action category flags gaps between what was logged and what actually happened.

Externally verifiable

Signatures and hash chains are self-proving. Anyone can verify integrity without trusting ptrace. We store the data, but the cryptographic proofs stand on their own.

Privacy by design

Only content hashes are stored, never the raw content. The agent retains the original and can produce it for verification. Same model as git commits.

Try it live

This uses the real ptrace API. A fresh Ethereum wallet is generated in your browser for each session. Every button signs a real EIP-191 payload and makes an actual HTTP request.

0
Your Demo Wallet
Identity in ptrace = an Ethereum wallet. Every request is signed with your private key. The server recovers your address from the signature.
Generating wallet...
1
Declare a Policy
Define what your agent is allowed to do. Policies are versioned — posting a new one doesn't delete the old one. POST /policies
Loading...
2
Log an Action
Log what your agent did. content_hash proves what content was produced without storing it. prev_hash chains to your last entry. POST /logs
Waiting for Step 1...
3
Log Another Action
Each entry references the previous hash, forming a tamper-evident chain. If anyone deletes or modifies an entry, the chain breaks. POST /logs
Waiting for Step 2...
4
Verify the Chain
Anyone can verify the entire audit trail. Signatures and hash chains are self-proving. GET /verify/chain/{address}
5
View Agent Profile
See registration info, active policy, and aggregate stats including violations and reports. GET /agents/{address}

What ptrace is (and isn't)

It's an audit trail

ptrace proves what was logged wasn't tampered with and who signed it. It records signed claims from both agents and external observers.

It's not a firewall

ptrace doesn't sit between the agent and the world. It can't stop an agent from acting. Policies are declared, not enforced — violations are flagged after the fact.

Agents can lie or omit

Self-reporting has limits. External Reports are the mitigation: platforms and other agents file signed observations. The gap between logs and reports is the core signal.

Writes are centralized

Logging goes through our API. Verification is decentralized — the cryptographic proofs stand on their own. Data export and self-hosting are on the roadmap.

SDKs

Python

pip install ptrace-sdk
from ptrace import PtraceClient

client = PtraceClient(KEY)
client.log_action(
  "post_reply",
  "forum.example.com",
  client.content_hash(content)
)

TypeScript

npm install ptrace
import { PtraceClient } from "ptrace";

const client = new PtraceClient(KEY);
await client.logAction(
  "post_reply",
  "forum.example.com",
  PtraceClient.contentHash(content)
);

Rust

cargo add ptrace
use ptrace::PtraceClient;

let c = PtraceClient::new(KEY, None);
c.log_action(
  "post_reply",
  "forum.example.com",
  &PtraceClient::content_hash(s),
  None
).await;

All SDKs auto-track prev_hash and retry on 409. Cross-language signature compatibility verified.

API Docs Agent Guide