Models can propose. Only ProofGate can act.
ProofGate prevents “agent” failures by enforcing deterministic consequences: least-privilege policy gates, signed decisions, signed approvals, and append-only audit trails — all before any tool touches reality.
Deterministic Gates
Every intent is validated against explicit invariants. No hidden authority. No vibe-based execution.
Signed Receipts
Every decision + execution emits a cryptographic receipt. You always have proof of what happened.
Signed Approvals
When a policy requires approval, tokens are signed + expiring, tied to the exact intent hash.
One-call Execute
Use /v1/execute for decide→execute, or receive an approval token when gates require it.
Audit Memory
Append-only JSONL log. Every request and result is written with receipts — no rewrites, no ambiguity.
Tool-agnostic
SMTP today. Gmail/Drive/Slack/Stripe tomorrow — same rails, same proof, same invariants.
Quickstart
Run ProofGate locally and send a deterministic intent.
# start server (example)
npm i proofgate
# optional: run local reference server
pnpm -C packages/proofgate-server dev
# execute (one-call)
curl -s -X POST http://localhost:8790/v1/execute \
-H "content-type: application/json" \
-d '{
"intentId":"intent_demo_01",
"action":"email.send",
"actor":{"actorId":"bjk","actorType":"human"},
"payload":{
"to":["test@gmail.com"],
"cc":[],
"bcc":[],
"subject":"ProofGate Test",
"body":"Deterministic consequence rails.",
"links":[]
},
"requestedScopes":["email.send"],
"meta":{}
}'Result includes a signed decision receipt and a signed execution receipt — plus an append-only audit log line.