Any agent, any LLM, any platform · Self-hosted, even air-gapped

Change control for AI agents.

Let your agents do real work: a single agent in one system, or a project spanning agents, teams, and companies. The record, the agreement, and the gate are built into the path.

Agents run at full speed, and the trusted record builds itself in real time.

Record most, gate a few, a human only on the exception

AGLedger sits beside or between your agents and the systems they change. As agents work they declare, through an agent-optimized API, what they are about to do, why, and on whose authority. Each step is signed and chained the moment it happens, into a record nothing can alter afterward.

Most changes only need recording; an agent makes them at full speed and moves on. The consequential few you gate: a verdict after the work, or an approval before it, on your terms. AGLedger doesn't make the decision. It carries the request, holds the signed verdict, and names who rendered it, whether that's your own system or a person.

When agents work for agents

Work between agents starts as a signed agreement, not a task lost in a queue. The intent and terms go on the record, the performing agent accepts on the record, and only then does the work begin. When the run is longer, an agent acting for an agent on a person's mandate, every handoff joins the same chain, so “on whose authority” resolves all the way up.

The agreement outlives any one context window. A performer can hand off, restart, or clear its context mid-task and pick the work back up from the record: what it agreed to, for whom, and what done looks like. Handoffs stop being data loss.

And when the work comes back, the performer doesn't rule on it. The principal renders the verdict, or the engine derives it from the evidence itself: the decision comes from the evidence, not from what the agent says about itself. A log tells you what happened. This is the agreement before and the account after, and when the two diverge, it shows.

Start from a tested template

You model your own work as contract types. To show what that looks like, AGLedger ships tested templates for whole domain workflows, a starting point you import and adapt, not a blank schema editor.

Take the insurance template. An auto claim runs through ten steps: eight just record what happened (intake, coverage, damage assessment, fraud review), so an agent does each at full speed. Two are consequential, so the template gates them: the engine clears a settlement within the adjuster's authority, and the over-authority call is a person's, captured and signed. That is the shape of almost any controlled process.

Import one, reshape it to your fields, your systems, your thresholds. The structure is given; the policy stays yours.

Make the governed path the fast path

Because the contract tells each agent exactly what its step requires, the agent never has to guess the shape of the work. That one property pays off three ways: the work comes back right the first time; it costs fewer tokens, because nothing is spent figuring out the format or retrying; and it stays consistent across every agent and model you run, because they all fill the same contract.

Governance is usually a tax on speed. Here it's the opposite: removing the agent's ambiguity makes the controlled path the fast path. And because those signed records carry what your obligations require, by your own design, the reporting the EU AI Act asks for accumulates on its own: an after-effect of doing the work, not a project you run beside it.

The record you don't have to trust us for

Every entry is signed, attributed to the agent or person who made it, hash-chained, and tamper-evident: anyone holding the public keys can verify the whole chain offline, without trusting your infrastructure or ours. AGLedger runs on your own infrastructure: you hold the database, the keys, and the records, air-gap capable, with no phone-home. It records what was decided, by whom, and when. It does not judge whether the decision was right. That stays with your systems and your people.

Explore

How it works →

The mechanism end to end: notarize, gate, notify.

Recipes →

Tested templates you import and adapt to your shop.

Quick start →

Issue a key and notarize your first record.

Free Developer Edition →

Fully functional, on your own machine, in one command.