← back to docs

Audit Vault

Record every AI decision.

The Audit Vault gives you a permanent, tamper-evident record of every AI decision your enterprise makes. Two ways to get data in: send your existing observability stream to us, or wrap your agent code with the SDK.

Option 1: Send your existing trace stream

The fastest path. Send a webhook from LangSmith, Langfuse, Helicone, OpenTelemetry, or your own logger. Each event becomes a signed receipt.

POST https://prova.cobound.dev/api/v1/audit/ingest
Authorization: Bearer prv_<your_api_key>
Content-Type: application/json

{
  "kind": "model_call",
  "occurred_at": "2026-05-15T18:42:00Z",
  "idempotency_key": "trace-abc-step-7",
  "source": {
    "app_id": "fraud-classifier",
    "environment": "production"
  },
  "model": { "provider": "anthropic", "name": "claude-opus-4-7" },
  "payload": {
    "prompt": "...",
    "completion": "...",
    "tool_calls": []
  }
}

The response includes the signed receipt. Send it back to us authenticated and we persist it for audit retrieval. Send it without a key and we sign it but don't store it (useful for testing).

Option 2: Wrap your agent code with the SDK

For LangGraph and CrewAI users, pass ProvaCallbackHandler into the runtime callbacks and every LLM call, agent step, and tool use becomes a signed receipt. Token usage and USD cost are extracted and attached automatically. For custom decisions outside LangChain, call prova.ingest(...) directly.

from prova_cp import ProvaClient, ProvaCallbackHandler

prova = ProvaClient(api_key=os.environ["PROVA_API_KEY"])
handler = ProvaCallbackHandler(
    prova,
    app_id="support-bot",
    environment="production",
    break_on_loop=True,
)
graph.invoke(state, config={"callbacks": [handler]})

# or, for custom decisions outside LangChain:
prova.ingest({
    "kind": "tool_call",
    "payload": {"tool": "send_email", "args": {...}},
    "source": {"app_id": "support-bot", "environment": "production"},
})

Detectors that run on every receipt

Every event is checked against your active detector set before the receipt is signed. Today's first-party detectors:

  • Coordination loops. The original Prova detector, using persistent homology on the agent communication graph.
  • Prompt injection (preview). Detects pattern matches against known attack templates.
  • PII / PHI exfiltration (preview). Catches regulated data in outputs.
  • Bias drift (preview). Flags statistical divergence in decisions across protected groups.
  • Hallucination (preview). Claim doesn't match retrieved context (RAG systems).

You can write your own detectors via the SDK and contribute them to the marketplace (free for community, revenue share for paid).

Compliance exports

The Audit Vault ships with pre-built export templates for the major AI regulatory frameworks. Run an export from the dashboard or call the API:

GET /api/v1/audit/export?framework=eu_ai_act&from=2026-01-01&to=2026-03-31
Authorization: Bearer prv_<your_api_key>

# returns:
#   { manifest: {...}, receipts: [...] }
# signed end-to-end against Prova's published public key

Templates available: eu_ai_act (general availability), fda, sec, hipaa (preview). Need a different format? Talk to us and we'll fold it into the endpoint.

Verifying a receipt without calling Prova

The whole point of a tamper-evident receipt is that an auditor doesn't have to trust us. The signature on every receipt can be verified offline against our published Ed25519 public key (see Verify independently).

Open the Audit Vault →Or talk to us about your audit