#0001 org.bootstrapped prev null · hash 9f2c41ab

Frameworks govern.
Tervos proves it.

The open verification layer for agentic AI. Every agent gets a cryptographic identity. Every action lands in a hash-chained log. Any slice exports as signed evidence that anyone can verify offline — no Tervos install, no network, no trust in the machine that produced it.

$ tervos start --dev
✓ Organization "Demo AI Corp" bootstrapped — 3 agents, hash-chained event log

$ tervos export-evidence --sign-as ceo -o evidence.json
✓ 23 events · chain intact · signed by did:key:z6Mk…

$ npx @tervos/verify evidence.json
✓ chain valid · signature valid — evidence verified offline▌

Get started Read the spec GitHub ↗

#0002 policy.evaluated prev 9f2c41ab · hash 4f1c2293

Your agent platform keeps an audit log.
Can anyone else trust it?

Platform logs are promises — a database the vendor agrees not to edit. Regulators, customers, and courts need proof. No framework ships cryptographically verifiable evidence of what agents did. Tervos does.

#0003 identity.agent.registered prev 4f1c2293 · hash b07d9e51

Four primitives. One chain.

⬡

Identity

Cryptographic did:key DIDs for every agent. Who did what, provably — not by API key.

▥

Policy

Budget limits, approval gates, delegation rules. Default-deny, enforced — and every decision is itself an event in the chain.

⛓

Evidence

Hash-chained event log. Tamper-evident, exportable as signed bundles, verifiable offline by anyone with npx @tervos/verify.

▤

Organization

Roles, teams, reporting lines. Defined in YAML, enforced at runtime.

#0004 external.action.recorded prev b07d9e51 · hash 8c41f0a2

Attaches to what you already run.

Tervos is not another agent framework. It counter-signs the ones you use.

Claude Code

// .claude/settings.json — one hook signs every tool call
"PostToolUse": [{ "hooks": [{ "command": "npx tervos hook" }] }]

Paperclip

$ tervos tap --from paperclip --url http://localhost:3000 --watch 30
✓ counter-signed 17 activities (chain head 8c41f0a2…)

Anything

$ tervos import --from paperclip ./my-company  # or pipe JSON into `tervos hook`
✓ Imported 5 agents — did:key identities, default-deny policies

#0005 org.task.created prev 8c41f0a2 · hash d3a85c77

Your entire AI org in one file.

# TERVOS.yaml
schema: tervos/v1
name: "My AI Company"

governance:
  autonomy_level: semi-autonomous
  budget: { monthly_limit_usd: 5000 }

agents:
  ceo:
    role: "CEO"
    capabilities: [strategy, delegation]
    budget_monthly_usd: 1000
    can_delegate_to: [engineer]
  engineer:
    role: "Engineer"
    reports_to: ceo
    capabilities: [coding, testing]
    budget_monthly_usd: 2000

#0006 org.task.submitted prev d3a85c77 · hash 71e0b94c

Above MCP and A2A. Beside your framework.

8 · Resilience7 · Observability6 · Knowledge5 · Economicsfuture

4 · Organization3 · Communication2 · Policy1 · Identityshipped ✓

MCPA2Afoundation

#0007 approval.granted prev 71e0b94c · hash e5921fd8

Built for the regulatory reality of 2026.

EU AI Act

High-risk record-keeping. Enforcement Aug 2, 2026. Evidence of enforcement, not just logs.

NIST AI Agent Standards

Agent identity and security are core pillars. Tervos agents are crypto-bound identities natively.

ISO 42001

Audit-ready event trails — exportable, independently verifiable.

Default-deny

No permit, no action. Every evaluation recorded in the chain.

Frameworks govern.Tervos proves it.

Your agent platform keeps an audit log.Can anyone else trust it?