EVIDENCE BY DEFAULT

The receipt is the product.

Every Forge action — every prompt, every plan, every change, every deployment, every decision — emits a cryptographic receipt. The platform cannot be made to lie about what it did.

Read the format spec See a sample receipt

EVIDENCE BY DEFAULT.

SECTION 2 · ANATOMY OF A RECEIPT

Every field is part of the audit trail.

rec_01JT3A · ed25519 · block 1,840,221Verified

{
  "id":            "rec_01JT3AZB6XK0PWMQVE6QFG8C5T",
  "issued_at":     "2026-05-26T12:48:33Z",
  "actor":         "agent:senior-developer@forge-conductor-1",
  "constitution":  "forge-default-v1",
  "action":        "diff.apply",
  "anchor":        "0x9af4d2c... (OSS Network, block 1,840,221)",
  "request_hash":  "sha256:b8b1...",
  "response_hash": "sha256:c91e...",
  "residency":     "eu-west-1",
  "policy_checks": [
    "pii.minimised",
    "constitution.scope.ok",
    "consent.recorded",
    "residency.eu"
  ],
  "signatures": [
    { "signer": "conductor-prod-eu-1", "alg": "ed25519", "sig": "..." }
  ]
}

Stable identifier. Reference this in your audit logs.

constitution

The signed, versioned agent constitution under which the action ran.

anchor

OSS Network block reference. Tamper-evident, third-party verifiable.

policy_checks

What the action was checked against before execution — refused if any failed.

residency

Region the data was processed and stored in. Pinned per project.

signatures

Ed25519 signatures of the issuing Conductor instance.

SECTION 3 · WHERE RECEIPTS GO

Emitted, anchored, audited.

The receipt

Emitted by the Conductor runtime, signed in real time.

The anchor

Chain-anchored on the OSS Network. Tamper-evident.

The audit

Exposed via Studio's Proof Pane, the Forge API response, and the auditor dashboard.

SECTION 4 · WHAT CAN BE PROVEN

Six properties. One unified format.

Provenance

Who acted, against which constitution, at what time.

Policy compliance

Which policies the action checked against.

Scope adherence

The action stayed within constitution-bound authority.

Data residency

Where the data was processed and where it stayed.

PII minimisation

Which fields were minimised, which were retained, and under what authority.

Selective disclosure

Which fields were revealed to which recipient (ZKP-backed).

SECTION 5 · HOW IT STACKS UP

Beyond periodic attestations.

Feature	SOC 2 reports	ISO 27001	Generic audit logs	Forge Proofs
Periodic attestation	✓	✓	─	continuous
Live evidence	─	─	partial	✓
Chain-anchored	─	─	─	✓
Tamper-evident	─	─	─	✓
Per-action receipts	─	─	partial	✓
Selective-disclosure ZKP	─	─	─	✓
Auditor-readable in real time	─	─	─	✓

Talk to procurement.

We will walk you through the receipt format, the audit pathway, and the ZKP primitives in 60 minutes.

Talk to leadership

FROM PROMPT TO PROOF.