Agent CertAgent Cert
Concepts · Compliance

Compliance: Article 12 & ISO 42001.

Agent Cert receipts are designed to satisfy EU AI Act Article 12 record-keeping and map to ISO/IEC 42001 controls. The differentiator over a typical compliance log: every entry is cryptographically signed and anchored to a public ledger, so it can be verified independently — not just trusted because the vendor says so. See the marketing overview at /compliance.

What Article 12 requires

  • O1 — automatic logging of events over the system's lifetime.
  • O2 — traceability of inputs, situation, and resulting action.
  • O3 — coverage of risk situations + monitoring.
  • O4 — retention for ≥6 months (Arts. 19, 26).
  • O5 — evidentiary integrity (a silently-editable log proves nothing).
  • O6 — producible for authorities on request.

The crosswalk

Each receipt field maps to an obligation and an ISO 42001 control area. The full mapping lives in docs/compliance_crosswalk.md in the repo; the shape:

Article 12 obligationAgent Cert mechanism
Automatic logging (O1)One signed Decision Receipt per agent action (API / MCP)
Traceability (O2)user_intent, agent_output, tools_used, acting_model + version, permission_snapshot, memory_context_hash
Risk situations (O3)trust_score, risk_level, policy_compliant, prompt_injection_detected, policy_version
Retention (O4)Receipts retained in Postgres ≥6 months; exportable on demand
Evidentiary integrity (O5)Ed25519 signature + SHA-256 hashes anchored on Solana
Producible (O6)POST /v1/reports / generate_audit_report — JSON or PDF

Generating an audit export

POST /v1/reports assembles a scoped report (by agent + time range) with summary statistics, per-receipt entries, and embedded verification instructions. Request format: "pdf" for a human-readable document, or the default JSON for machine ingestion. The same is available as the MCP tool generate_audit_report.

POST /v1/reports
{ "agent_id": "safe_travels_bot",
  "start": "2026-01-01",
  "end": "2026-06-30",
  "format": "pdf" }

Retention guarantee

Receipts are retained for at least 6 months to satisfy Articles 19 and 26, and remain exportable for the full retention window. Longer retention is available on request.

Privacy: only hashes on-chain

Decision content, prompts, outputs, and any PII stay in the private record. Only one-way cryptographic hashes are anchored to the public ledger — enough to prove a receipt hasn't changed, impossible to reverse into the underlying data. memory_context_hash follows the same rule: a hash of the context, never the context itself. Public proof, private content.

Official sources

Verify every claim on this page against the primary text:

Timeline (in flux)

As enacted, Article 12 record-keeping obligations for high-risk (Annex III) systems applied from August 2, 2026. A provisional agreement reached in May 2026 would defer those Annex III obligations to December 2, 2027 — but it is not yet formally adopted, so the 2026 date stands until it is ratified. Treat the date as unsettled; the capability (verifiable, retained, producible audit logs) is the same either way. Confirm the date and scope that apply to your system against the official sources above.

Not legal advice

This is an engineering + product reference. Final Article 12 adequacy for a specific high-risk system is a determination for the provider and their counsel.

See also