TRACE¶
Trust Runtime Attestation and Compliance Evidence — an open specification for hardware-attested AI agent governance records.
TRACE defines the format, anchoring protocol, and verification rules for cryptographically provable evidence that an AI agent ran under a specific policy, in a verified hardware environment, on classified data, invoking identified tools — bound into a single signed artifact rooted in silicon attestation.
-
Get Started
Install the library, sign your first Trust Record, and verify it end-to-end in minutes.
-
Specification
The normative TRACE v0.1 specification — envelope format, claim types, signing rules, and verification algorithm.
-
Integration
Connect TRACE to AGT and cMCP for end-to-end agent governance pipelines.
-
Conformance Tests
197 tests across 7 modules. Verify your implementation against the spec.
What a Trust Record proves¶
A TRACE Trust Record answers — in a form any third party can verify without trusting the operator:
| Question | TRACE claim |
|---|---|
| What model ran? | model.model_id + model.weights_digest |
| Where did it run? | runtime.platform + runtime.measurement |
| Under which policy? | policy.bundle_hash + policy.enforcement_mode |
| What data did it touch? | data_class |
| Which tools were called? | tool_transcript.hash + tool_transcript.call_count |
| Is the record independently anchored? | anchoring.receipt_uri (SCITT) |
Standards alignment¶
TRACE is built on open IETF/IRTF standards and designed for CoSAI WS4 interoperability:
- RFC 9711 — CBOR Web Token (CWT) / EAT claim envelope
- RFC 9334 — RATS architecture (attester, verifier, relying-party roles)
- SCITT draft-22 — transparency ledger anchoring
- CoSAI WS4 — AI agent digital lifecycle controls (contributed spec language)