Audit Vault

Every AI decision, on the record.

Every model call, agent run, and tool use lands in the Audit Vault as a tamper-evident Ed25519-signed receipt. Browsable. Filterable. Exportable to SIEM. Independently verifiable without trusting Prova.

What it is

One signed receipt per AI decision. The receipt format is open and verifiable offline against a published public key:

  • Receipt schema. A generalized AIDecisionEvent covering model calls, agent steps, tool calls, policy verdicts, and detector findings.
  • Ed25519 signing. Persistent key with a public verification endpoint.
  • Ingest endpoint. POST receipts directly or via the SDK.
  • Dashboard browser. Filter by kind, severity, verdict, phase, time range, or free text.
  • SIEM export. Pull signed batches into Splunk, Datadog, or your warehouse.

What it does for you

One source of truth for every AI decision.

Stops the 'whose log do we trust' meeting. Every AI invocation goes through one ingest pipeline and lands in one vault with one signed receipt format.

Verify without trusting Prova.

Each receipt carries its signature and key ID. The public key endpoint is unauthenticated. A regulator three years from now can verify the receipt the auditor saw against the key Prova published, with no Prova in the loop.

SIEM export from day one.

If your security team already lives in Splunk, Datadog, or Sentinel, the Audit Vault becomes an upstream source, not a replacement. Signed batches keep tamper-evidence intact across the hop.

The auditor asks one question. You have one answer.

When the question is 'show me every AI decision that touched a regulated workflow last quarter,' the answer is one signed export, not a six-week scavenger hunt across CloudWatch, BigQuery, and Slack.

The receipt is the moat

Every other pillar in Prova produces or consumes a receipt. Detectors emit them when they catch a failure. Policies emit them when they enforce a rule. The Risk Score reads them when it computes coverage. The Inventory builds itself from them.

Once your AI traffic is flowing through the vault, switching costs are measured in compliance review cycles, not engineering days.

START INGESTING RECEIPTS →Read the receipt spec