how it works

One record, sealed link by link

Axyvera turns an AI coding session into a canonical, hash-chained stream, exports it as a signed bundle, and lets anyone verify it. Here's each layer.

The canonical stream

Every event, hashed to the last

Each event is normalised to a canonical form (RFC 8785) and appended to a hash chain. The digest of every block folds in the digest of the one before it — so the history is ordered, append-only, and tamper-evident. Alter a byte and the chain stops verifying.

See the tamper-evidence guarantees →
  1. session.started
  2. prompt.submitted
  3. tool.used · edit
  4. tool.used · shell
  5. session.completed
Adapters

Honest capture for real agents

Axyvera captures the strongest officially-supported surface each tool exposes — and labels the provenance honestly. It never claims to observe what it only inferred.

Claude Codeadapter-reported
Hooks

Lifecycle hooks capture tool use and session boundaries.

OpenAI Codexobserved
Wrapped exec

axyvera codex exec wraps the JSONL stream — the strongest observed surface.

OpenAI Codexpartial
Hooks + notify

Interactive hooks with notify as corroboration only — never inflated.

The .axy bundle

Portable, signed, self-contained

anatomy — session.axy
session.axy/
├─ manifest.json      # files + digests
├─ stream.jsonl       # the hash chain
├─ coverage.json      # honest coverage
└─ signature.ed25519  # over the manifest
Recovery

Compare, roll back, report

zsh — axyvera
$ axyvera compare run-a run-b
3 files changed · chain intact

$ axyvera rollback latest --apply
restored to sealed checkpoint

$ axyvera report --html
wrote evidence report
These unlock with Pro and above →
Who it's for

When "the AI did it" has to hold up

Regulated & audited teams

Attach a signed bundle to the work and hand an auditor a record they can verify themselves — with coverage stated honestly, not sold.

Code review & provenance

Ship a bundle with a PR so a reviewer can confirm what the agent actually changed, and that the history hasn't been rewritten.

Enterprise AI governance

Give an AI-usage policy something concrete to point at: a portable, tamper-evident trail that lives with the code, not in a dashboard.