// FEATURES

Built for production agent workflows.

Not a monitoring tool. Not an observability platform. ChainProof doesn't watch your agents — it notarizes what they report. The difference matters when someone asks you to prove it later.

Hash-chained entries
Every ledger entry includes the SHA-256 of the previous. Edit any past entry and the chain head changes. If you recorded the head at write time, the discrepancy is detectable by anyone who reruns the verification.
Content-addressed artifacts
Prompts, responses, tool payloads, and reasoning traces are stored in R2 by SHA-256 of their body. The ledger references them by hash — not by a mutable pointer.
🔒
Append-only by design
The API has no update or delete endpoints for ledger entries. You can't accidentally overwrite history through ChainProof. Completed runs are serialized to R2 on close.
Edge-native infrastructure
Serverless compute, durable object ledger, object storage for artifacts, relational indexes. No external infrastructure. No cold starts.
🤖
Agent self-context
Agents can query their own provenance mid-chain. If the chain is broken or a contamination flag is set, the agent can self-limit and refuse to take further actions.
🌐
Multi-tenant & scoped keys
Tenant-scoped and agent-scoped API keys. Granular permissions: read, write, verify, admin. Revoke at any time. Webhooks for chain events, violations, and chain breaks.

// WHAT CHAINPROOF PROVES

A notary, not a watchdog.

ChainProof only knows what your agent tells it. That's not a limitation — it's the design. An external system that claims to independently verify agent behavior is guessing. ChainProof makes a narrower, harder guarantee.

✓  What ChainProof gives you
A structured, queryable record of what your agents reported doing.
A hash chain you can recompute yourself — you don't have to trust our verify endpoint.
Detection of post-hoc edits, if you record chain heads independently at write time.
Content hashes for artifacts — if the hash matches, the payload hasn't changed.
✗  What ChainProof doesn't give you
Independent verification that agents told the truth.
A guarantee that ChainProof itself hasn't altered records — only external anchoring would provide that.
Any signal about whether a chain's task succeeded at its real-world goal.
Protection against an agent that deliberately logs false entries.

Chain validity and chain status are independent signals. status: failed with a valid chain means the agent reported failure and nothing in the log changed since. status: completed with a broken chain means an entry was edited after it was written — by someone, somewhere. ChainProof can tell you the second happened. It can't tell you who did it or why.

// GET STARTED

Your agents are running.
Is there a record?

Wire in ChainProof in under 10 minutes. Three API calls — open a chain, append entries, close it. Free tier is permanent, no credit card required.

Start free — no card required Read the docs →

Free: 500 chains & 50k entries/month. Upgrade when you need more.