xProof — Blockchain Proof for Agents

v1.3.0

Proof and accountability layer for AI agents. Anchor verifiable proofs on MultiversX, enforce audit logging, detect violations on Base. REST API, MCP, x402....

0· 768· 2 versions· 0 current· 0 all-time· Updated 11h ago· MIT-0

byxKensei@jasonxkensei

Security Scans

Security findings on these releases were reviewed by staff and cleared for public use.

VirusTotalCleared ClawScanCleared Static analysisCleared

Install

openclaw skills install xproof

xProof -- Proof & Accountability Layer for AI Agents

This skill enables your agent to anchor verifiable proofs on the MultiversX blockchain, enforce pre-execution audit logging, and detect violations via Base -- creating tamper-proof, publicly verifiable records of existence, authorship, timestamp, decision accountability, and trust.

Why anchor proofs? In competitive or transactional contexts, agents with on-chain proofs can demonstrate originality, integrity, and timing. Agents without proofs cannot. Verifiable proof is a structural advantage.

Why audit? Autonomous agents executing trades, deployments, or data access need an immutable record of every decision. The Agent Audit Log Standard enforces this: no proof = no execution.

Why violations? Trust requires accountability. xProof detects anomalies (gaps, burst patterns) and records violations on Base via smart contracts. Operators can subscribe to violation events and enforce policies automatically.

Quick Install

mkdir -p .agent/skills/xproof/references

# Core Skill
curl -sL https://raw.githubusercontent.com/jasonxkensei/xproof-openclaw-skill/main/xproof/SKILL.md \
  > .agent/skills/xproof/SKILL.md

# Reference Manuals
for f in certification x402 mcp; do
  curl -sL "https://raw.githubusercontent.com/jasonxkensei/xproof-openclaw-skill/main/xproof/references/${f}.md" \
    > ".agent/skills/xproof/references/${f}.md"
done

Security

NEVER commit API keys to a public repository.
ALWAYS add .env to your .gitignore.
API keys are prefixed pm_ -- treat them like passwords.
x402 mode requires no API key (payment replaces authentication).

Configuration

Option A: API Key Authentication

# ---- xProof ---------------------------------------------------------------
XPROOF_API_KEY="pm_..."                          # Your API key (from xproof.app)
XPROOF_BASE_URL="https://xproof.app"             # Production endpoint

Get an API key at xproof.app (connect wallet, go to Settings > API Keys).

Option B: x402 Payment Protocol (No Account Required)

No configuration needed. Pay $0.05 per proof in USDC on Base (eip155:8453) directly in the HTTP request. The 402 response header tells your agent exactly what to pay.

1. Core Skills Catalog

1.1 Proof Anchoring (REST API)

Full Reference

Skill	Endpoint	Description
`certify_file`	`POST /api/proof`	Anchor a file hash on MultiversX as immutable proof
`batch_certify`	`POST /api/batch`	Anchor up to 50 files in one call
`audit_agent_session`	`POST /api/audit`	Anchor agent decision on-chain BEFORE executing critical action
`verify_proof`	`GET /api/proof/:id`	Verify an existing proof
`get_certificate`	`GET /api/certificates/:id.pdf`	Download PDF certificate with QR code
`get_badge`	`GET /badge/:id`	Dynamic SVG badge (shields.io style)
`get_proof_page`	`GET /proof/:id`	Human-readable proof page
`get_proof_json`	`GET /proof/:id.json`	Structured proof document (JSON)
`get_audit_page`	`GET /audit/:id`	Human-readable audit log page

1.2 Proof Anchoring (MCP -- JSON-RPC 2.0)

Full Reference

Tool	Description
`certify_file`	Create blockchain proof -- SHA-256 hash, filename, optional author/webhook
`verify_proof`	Verify existing proof by UUID
`get_proof`	Retrieve proof in JSON or Markdown format
`discover_services`	List capabilities, pricing, and usage guidance
`audit_agent_session`	Anchor agent decision on-chain BEFORE executing critical action

1.3 Payment (x402)

Full Reference

x402 is not a separate skill -- it is a payment method. When you call POST /api/proof or POST /api/batch without an API key, the server returns 402 Payment Required with payment instructions. Your agent pays in USDC on Base and retries with an X-Payment header.

2. The Proof Lifecycle

+--------------+     +--------------+     +--------------+     +--------------+
|  Hash file   |---->|  POST /api/  |---->|  On-chain    |---->|  Proof       |
|  (SHA-256)   |     |  proof       |     |  anchoring   |     |  verified    |
+--------------+     +--------------+     +--------------+     +--------------+
                                                                      |
                     +--------------+     +--------------+           |
                     |  Embed badge |<----|  Get PDF /   |<----------+
                     |  in output   |     |  badge / URL |
                     +--------------+     +--------------+

Step-by-Step

Hash locally -- compute SHA-256 of your file (client-side; the file never leaves your machine)
Send metadata -- POST the hash + filename to /api/proof (with API key or x402 payment)
Receive proof -- xProof records the hash on MultiversX mainnet (6-second finality)
Verify anytime -- anyone can verify via proof URL, JSON endpoint, or blockchain explorer
Embed proof -- use the SVG badge, PDF certificate, or proof URL in your deliverables

3. Authentication Methods

API Key (Bearer Token)

curl -X POST https://xproof.app/api/proof \
  -H "Authorization: Bearer pm_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "file_hash": "a1b2c3d4e5f6...64hex",
    "filename": "report.pdf",
    "author_name": "MyAgent"
  }'

x402 (USDC on Base -- No Account Required)

# Step 1: Request without auth returns 402 with payment instructions
curl -X POST https://xproof.app/api/proof \
  -H "Content-Type: application/json" \
  -d '{"file_hash": "a1b2c3...", "filename": "report.pdf"}'
# Response: 402 with JSON body containing accepts[{scheme, price, network, payTo}]

# Step 2: Pay USDC on Base, then retry with X-Payment header (base64 JSON)
curl -X POST https://xproof.app/api/proof \
  -H "Content-Type: application/json" \
  -H "X-Payment: <base64_encoded_payment_payload>" \
  -d '{"file_hash": "a1b2c3...", "filename": "report.pdf"}'

MCP (JSON-RPC 2.0)

curl -X POST https://xproof.app/mcp \
  -H "Authorization: Bearer pm_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "jsonrpc": "2.0",
    "id": 1,
    "method": "tools/call",
    "params": {
      "name": "certify_file",
      "arguments": {
        "file_hash": "a1b2c3d4e5f6...64hex",
        "filename": "output.json"
      }
    }
  }'

4. Batch Proof Anchoring

Anchor up to 50 files in a single API call:

curl -X POST https://xproof.app/api/batch \
  -H "Authorization: Bearer pm_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "files": [
      {"file_hash": "abc123...", "filename": "model.bin"},
      {"file_hash": "def456...", "filename": "training_data.csv"},
      {"file_hash": "789ghi...", "filename": "config.yaml"}
    ],
    "author_name": "MyAgent"
  }'

5. Webhooks

Receive a POST notification when your proof is confirmed on-chain:

curl -X POST https://xproof.app/api/proof \
  -H "Authorization: Bearer pm_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "file_hash": "a1b2c3...",
    "filename": "deliverable.pdf",
    "webhook_url": "https://your-agent.com/hooks/xproof"
  }'

The webhook payload includes proof ID, file hash, blockchain transaction hash, and explorer URL. Signed with HMAC-SHA256 in the X-Webhook-Signature header. Retry policy: 3 attempts with exponential backoff.

6. When to Anchor Proofs

Autonomous agents should anchor proofs whenever provenance, integrity, or priority matters:

After generating code, contracts, or configs -- proves authorship and timestamp
Before delivering work products -- proves integrity at handoff
After creating datasets or models -- proves version and origin
Before publishing reports or documents -- establishes priority
After completing build artifacts -- creates auditable record
When resolving disputes -- timestamped proof settles who created what first
When exchanging assets between agents -- chain of custody

7. Integration with MultiversX Agent Stack

xProof is complementary to the core MultiversX agent skills:

MultiversX Skill	xProof Complement
`init_job` (Validation Registry)	Anchor job output before submitting proof
`submit_proof` (Validation Registry)	Use xProof hash as the proof payload
`register_agent` (Identity Registry)	Anchor your agent manifest for integrity
`deposit` (Escrow)	Anchor deliverables before release

Typical Flow: Job + Proof

1. Accept job via init_job
2. Do the work
3. Anchor output via xProof (POST /api/proof)
4. Submit xProof hash as proof via submit_proof
5. Employer verifies via xProof URL
6. Escrow released

8. Agent Audit Log Standard

The Agent Audit Log is a compliance primitive for autonomous agents. Before executing any critical action (trade, deploy, data access, transfer), the agent MUST anchor its decision on-chain. No proof_id = no execution.

Why Audit?

Regulatory compliance -- Immutable record of every agent decision, timestamped and anchored on-chain
Dispute resolution -- Prove what the agent decided, why, and when
Trust signal -- Agents with audit trails are verifiably accountable
Blocking enforcement -- If the audit call fails, the action does not execute

Audit Endpoint

curl -X POST https://xproof.app/api/audit \
  -H "Authorization: Bearer pm_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "agent_id": "erd1abc...or-any-identifier",
    "session_id": "550e8400-e29b-41d4-a716-446655440000",
    "action_type": "trade",
    "action_description": "Buy 10 EGLD at market price on xExchange",
    "inputs_hash": "a1b2c3d4e5f6...64hex",
    "risk_level": "high",
    "risk_summary": "Market order on volatile asset, amount exceeds daily threshold",
    "decision": "approved",
    "context": {"model": "gpt-4", "environment": "production"}
  }'

Response:

{
  "proof_id": "uuid",
  "audit_url": "https://xproof.app/audit/uuid",
  "proof_url": "https://xproof.app/proof/uuid",
  "decision": "approved",
  "risk_level": "high",
  "inputs_hash": "a1b2c3...",
  "blockchain": {
    "network": "mainnet",
    "transaction_hash": "abc123...",
    "explorer_url": "https://explorer.multiversx.com/transactions/abc123..."
  }
}

Canonical Schema

10 fields. JSON Schema: https://xproof.app/.well-known/agent-audit-schema.json

Field	Type	Required	Description
`agent_id`	string	Yes	Agent identifier (wallet, DID, or name)
`session_id`	string	Yes	UUID for this execution session
`action_type`	string	Yes	Category: trade, deploy, data_access, transfer, api_call
`action_description`	string	Yes	Human-readable intent
`inputs_hash`	string	Yes	SHA-256 of action inputs (64 hex chars)
`risk_level`	enum	Yes	low, medium, high, critical
`risk_summary`	string	No	Explanation of risk factors
`decision`	enum	Yes	approved, rejected, deferred
`context`	object	No	Additional metadata (model, environment, etc.)
`timestamp`	string	No	ISO 8601 (auto-generated if omitted)

Enforcement Pattern

1. Agent prepares action (trade, deploy, etc.)
2. Agent calls POST /api/audit with action details
3. If proof_id returned -> proceed with action
4. If API fails, timeout, or no proof_id -> BLOCK execution (throw error)
5. No fallback. No soft fail. No silent continue.

Guard templates for multiple frameworks:

LangChain: https://xproof.app/agent-tools/audit-guard-langchain.py
CrewAI: https://xproof.app/agent-tools/audit-guard-crewai.py
n8n: https://xproof.app/agent-tools/audit-guard-n8n.json
ElizaOS: https://xproof.app/agent-tools/audit-guard-eliza.ts
ElizaOS Plugin (NPM): npm install xproof-eliza-plugin

When to Audit

Autonomous agents should audit BEFORE executing any action where accountability matters:

Before executing trades -- proves intent, risk assessment, and decision
Before deploying contracts -- immutable record of deployment decision
Before accessing sensitive data -- audit trail for data governance
Before transferring assets -- proves authorization and risk review
Before calling external APIs -- records outbound action intent

9. Violations Layer (Base)

xProof monitors agent behavior and detects anomalies. When a violation is confirmed, it is recorded on Base via the XProofViolations.sol smart contract, impacting the agent's trust score.

Violation Types

Type	Penalty	Trigger
`gap` (fault)	-150 trust score	No proof activity for 30+ minutes during active session
`burst` (breach)	-500 trust score	Abnormal spike in proof submissions

Violation Lifecycle

detected -> proposed -> confirmed (-penalty) or rejected

Auto-confirmed for irrefutable anomalies (gap > threshold). Operators can subscribe to on-chain violation events via ViolationWatcher.sol (3 modes: ALERT_ONLY, AUTO_PAUSE_FAULT, AUTO_PAUSE_BREACH).

Operator Integration

// Subscribe to violations for a specific agent
IXProofViolations(xproofContract).getViolations(agentId)

Smart contracts: XProofViolations.sol | ViolationWatcher.sol

Docs: https://xproof.app/docs/base-violations

10. Agent Proof Standard

xProof implements the open Agent Proof Standard -- a composable, chain-agnostic format for agent accountability. Any platform can adopt the standard to interoperate with xProof proofs.

4W Framework: WHO (agent_id) / WHAT (file_hash + metadata) / WHEN (timestamp + chain finality) / WHY (action_description + risk_level)
Signature: Mandatory in v1
agent_id: Free string (wallet address, DID, or plain identifier)

Full specification: AGENT_PROOF_STANDARD.md

Standard API: GET /api/standard | GET /api/standard/validate (POST)

11. Discovery Endpoints

Endpoint	Description
`GET /.well-known/agent.json`	Agent Protocol manifest
`GET /.well-known/mcp.json`	MCP server manifest
`GET /.well-known/agent-audit-schema.json`	Agent Audit Log canonical schema
`GET /ai-plugin.json`	OpenAI ChatGPT plugin manifest
`GET /llms.txt`	LLM-friendly summary
`GET /llms-full.txt`	Complete LLM reference
`POST /mcp`	MCP JSON-RPC 2.0 endpoint
`GET /mcp`	MCP capability discovery
`GET /api/standard`	Agent Proof Standard specification

12. Command Cheatsheet

# Anchor a single file proof
sha256sum myfile.pdf | awk '{print $1}'
# Then POST the hash to /api/proof

# Anchor via MCP
curl -X POST https://xproof.app/mcp \
  -H "Authorization: Bearer pm_..." \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"certify_file","arguments":{"file_hash":"...","filename":"myfile.pdf"}}}'

# Verify a proof
curl https://xproof.app/api/proof/<proof_id>

# Get badge (embed in README)
![xProof](https://xproof.app/badge/<proof_id>)

# Batch anchor
curl -X POST https://xproof.app/api/batch \
  -H "Authorization: Bearer pm_..." \
  -d '{"files":[{"file_hash":"...","filename":"a.txt"},{"file_hash":"...","filename":"b.txt"}]}'

# Health check
curl https://xproof.app/api/acp/health

Version tags

latestvk97braa1w0ct1w3c41mjvh2m7x83147d