Trust Center

How ProofClaw establishes, enforces, and verifies trust for AI agents. Read what we guarantee, what we log, and what falls outside our scope.

What is ProofClaw?

ProofClaw is trust infrastructure for AI agents. It gives publishers a way to prove what their agent does — and gives platforms and users a way to verify those claims independently.

Agents register their identity, permissions, and capabilities.
An independent notary reviews the declaration and signs a ProofCard — a portable JSON attestation.
Runtime shield policies enforce the declared permissions at deploy time.
Anyone can verify a badge or ProofCard against the transparency log.

What a badge means

A ProofClaw badge on an agent listing or README is a machine-verifiable claim. It asserts that:

The agent's identity and publisher have been registered.
A notary has reviewed the declared capabilities against actual behavior.
A shield score has been computed based on permissions, network access, secret handling, and tool risk.
The badge is cryptographically signed (Ed25519) and can be verified offline or via API.

What we log

Every trust-relevant action is recorded in an append-only, hash-chained transparency log. Logged events include:

Agent registration and version updates.
Notary attestations and their outcomes.
Badge issuance and revocations.
Key rotations for publishers and the notary.

Privacy

The transparency log records structural metadata — agent IDs, publisher IDs, timestamps, and attestation outcomes. It does not record:

Agent conversation content or user inputs.
Secret values, API keys, or credentials.
Runtime arguments passed to tools.
End-user identity or personal data.

How verification works

1
Obtain the badge or ProofCard
Find the agent's badge SVG in a marketplace listing, README, or chat UI. Alternatively, retrieve the ProofCard JSON from the publisher or the ProofClaw registry.
2
Check the signature
The badge and ProofCard both contain an Ed25519 signature. Verify it against the ProofClaw notary public key, which is published in the transparency log.
3
Validate the contents
Confirm the agent ID, publisher, version, and permissions match what is declared. The shield score and tier reflect the risk profile at the time of notarization.
4
Check revocation status
Query the registry or transparency log to confirm the ProofCard has not been revoked. Revocations propagate within minutes.
5
Inspect the shield policy
The shield tier (high / medium / low) and recommended policy (strict / normal / experimental) indicate the level of runtime enforcement applied.

What we guarantee

Every ProofCard is cryptographically signed and tamper-evident.
The transparency log is append-only — entries cannot be silently removed or modified.
Revocations take effect across all verification endpoints within minutes.
Shield scores are computed deterministically from declared permissions.
Badge verification works offline with just the notary public key.
All notary actions are independently auditable via the log.

Limitations

ProofClaw verifies declared capabilities, not runtime intent. A notarized agent could still behave unexpectedly if its code changes after attestation.
Shield scores depend on the accuracy of the publisher's permission declaration. Undeclared capabilities are not detected.
Verification confirms the signature and revocation status — it does not sandbox or monitor the agent at runtime.
The transparency log records metadata only. It is not a substitute for runtime monitoring or incident response.
Notary review is point-in-time. A new version of the agent requires a new attestation.
ProofClaw does not guarantee the quality, usefulness, or safety of an agent — only that its declared trust properties are verifiable.

Frequently asked questions

What is a ProofCard?

A ProofCard is a portable JSON attestation that binds an agent's identity, version, permissions, and shield score to a cryptographic signature. It travels with the agent and can be verified by anyone.

How is a badge different from a ProofCard?

A badge is a visual representation (SVG) of the ProofCard's trust status, designed for embedding in READMEs and marketplace listings. It contains the same Ed25519 signature and can be verified programmatically.

Who is the notary?

The notary is an independent review function that examines an agent's declared capabilities and signs the ProofCard if they pass validation. The notary's public key is published in the transparency log.

What does the shield score mean?

The shield score (0–100) reflects the risk profile of an agent's declared permissions: network access, secret handling, tool risk levels, and data retention. Higher scores indicate more constrained, lower-risk configurations.

Can a ProofCard be revoked?

Yes. Publishers can revoke a ProofCard at any time. Revocations are recorded in the transparency log and propagate to all verification endpoints within minutes.

Does ProofClaw monitor agents at runtime?

No. ProofClaw provides trust attestation and verification infrastructure. Runtime enforcement is handled by shield policies at deploy time, but ongoing monitoring is the responsibility of the platform operator.

Is the transparency log public?

The log is designed for public read access. We are rolling out a public query API — contact us for early access.

What happens if an agent is updated?

Each version requires its own notarization. An existing ProofCard covers only the specific version it was issued for. The previous version's ProofCard remains valid unless explicitly revoked.

Can I verify a badge offline?

Yes. If you have the notary's public key, you can verify the Ed25519 signature on a badge or ProofCard without any network access. Revocation checks do require a network call.

How do I get my agent verified?

Register your agent, declare its capabilities, and submit for notary review. See our publisher onboarding guide in the docs, or contact us directly.