RootSign SDK · v0.1.3
Tamper-evident provenance logging for AI agents.
Open-source · Apache 2.0 · Python 3.11+
Install
Base install: pip install rootsign. Framework extras pull in the matching connector.
Quickstart
Wrap your existing tools. Provenance is captured automatically.
agent.pypython
from rootsign import wrap_tools, session
from langchain_core.tools import tool
@tool
def send_invoice(customer_id: str, amount: float) -> str:
"""Send an invoice."""
return "sent"
async with session(agent_id=agent.agent_id, client=client) as ctx:
tools = wrap_tools([send_invoice], ctx=ctx)
# your graph runs here — every tool call is capturedVerify the chain
One command proves the record chain is intact — or flags tampering.
terminalbash
$ rootsign verify <session_id>
VALID ✓ — 47 records, chain intactWhat's in v0.1.3
✓ Shipped- LangGraph 0.1.x and 0.2.x
- CrewAI 0.28+, 0.40+, 1.x
- SHA-256 hash chain + rootsign verify CLI
- Human-in-the-loop checkpoint (require_approval=True)
- PII redaction before hashing (StandardPIIConfig, FinancialPIIConfig, HealthcarePIIConfig)
- 261 tests · 7 ADRs · Apache 2.0