Blog
Research findings, compliance guidance, and engineering insights.
Lessons from an In-Place PostgreSQL 17 to 18 Upgrade (the uuidv7 Default That Did Not Switch Over)
An in-place Aurora 17.9 to 18.3 upgrade kept inserting with the uuidv7 polyfill because column defaults are OID-pinned. The trap, the re-point-then-drop fix, the benchmarks (native is 2.6x faster and packs a 33%-smaller index), and a ~10-minute write-outage that self-healed.
Your people are already using AI. Make being compliant the easy path.
Shadow AI is a path problem, not a discipline problem: 90% of executives feel in control while 52% of workers use unsanctioned AI. Pave the compliant path so agents take it on their own, and the audit-ready record accrues as a byproduct.
Settlement Evidence for Agentic Commerce: What AP2, ACP, and x402 Leave Out of Scope
The 2026 agentic-payment rails sign the authorization moment, then declare dispute evidence and settlement out of scope - in their own spec language. AP2, Verifiable Intent, Stripe SPTs, and x402 mapped against the settlement-evidence layer none of them carries.
We Created and Managed Our AWS Marketplace Listing with Claude Code
Listing copy, pricing, delivery options, a live self-purchase validation that surfaced four real bugs, and the Public submission - a coding agent operated our AWS Marketplace listing end-to-end through the Catalog, Discovery, and Agreements APIs. A worked account.
Intent Before Action: Reconstructed Agent Logs Follow the Outcome, Not the Decision
When the recorded outcome contradicted the real decision, one of four models rewrote its own intent to match the outcome on 5 of 5 contested tasks - sometimes adding "I made an error." Why intent has to be captured before the action, not after.
Can an AI Agent Be Trusted to Write Its Own Audit Log? We Measured It.
Four production-tier models processed payment batches with forced write failures, then wrote their own audit reports. Three of four claimed success for writes that never happened - up to 47%. The independent signed chain caught every phantom record.
Durable Intent, Measured: We Wiped Four Agents and Asked Them to Finish Their Own Work
A cold-recovery experiment: four agents restarted with zero memory had to discover and finish their own work from the signed ledger alone. All four stalled behind a judgment gate; a deterministic gate flipped the weakest model from 0/3 to 3/3.
Durable Intent: The One Thing Your Agent Will Not Forget or Make Up
Long-running agents lose context, and a model asked to remember will confabulate. Durable intent is a signed, byte-stable record of what an agent was told to do - readable back after the context is gone. Why logging and agent memory do not solve it, and what does.
The 88,000-Token Crash: Making gpt-oss-120b Survive Its Full 128K Context on Strix Halo
Past ~80k tokens of prefill, llama.cpp on Strix Halo trips the amdgpu GPU watchdog: ring reset, vk::DeviceLostError, core dump. Flash attention does not fix it; -ub 512 does. The crash matrix, the throughput bill, and 3/3 needle-in-a-haystack at 110k tokens.
SCITT as the Article 12 Implementation Pattern for Autonomous AI Agents
EU AI Act Article 12 requires logs conformant to recognised standards. SCITT is the IETF-track standard designed for this evidence shape. The article-by-article mapping, the gaps SCITT explicitly leaves open, and a concrete implementation pattern.
/llms.txt is not enough: a discovery suite for agent-facing APIs
A single Markdown file cannot carry everything an agent needs to plan a session against an API. Five surfaces - link index, OpenAPI, agent-card, scope profiles, verification keys - and one principle: predictable availability.
The advisory-lock self-deadlock Postgres can't see
PostgreSQL's deadlock detector walks the row-lock wait graph. Advisory locks held across `await` boundaries can form cycles through application code that the detector cannot see. Reproduction, real diagnostic output, and the structural fix.
Near Frontier-Quality LLM, No Cloud, No Subscription, Unlimited Tokens: gpt-oss-120b on Strix Halo + Ubuntu 26.04
A $2,300 96 GB Strix Halo box runs gpt-oss-120b at ~48 tok/s with a stable full 128K context on llama.cpp + Vulkan. Rewritten after a full rebuild - including what the May version of the post got wrong.
pg-boss in production: footguns we hit and how to avoid them
Four operational footguns we hit running pg-boss at AGLedger for about a year. One is fixed upstream; the other three still bite. Self-contained reproductions, citations, and the patterns we settled on.
Why receipts must be signed: a threat model for agent accountability
Logging answers "what happened?" Signed receipts answer "can you prove it to someone who does not trust you?" Four scenarios where logs quietly fail and what signing buys you mechanically.
Cutting PostgreSQL Audit-Report Query Time 44% with GROUPING SETS and Materialized CTEs
Six aggregations per request became two. Total DB time dropped 44% under sustained load. The anti-pattern, the rewrite, and the honest caveat about why wall-clock p50 did not move.
Frictionless Compliance: How Accountability Gates Guide AI Agents to Success
70 traces, 4 LLM providers. A bare policy denial causes agents to fabricate, quit, or loop. Add a directive and AGLedger tools - agents complete the full accountability lifecycle. No system prompt changes.
What We Learned Adapting to Google A2A v1.0
27 experiments, 30 multi-agent runs. A2A handles task delegation. It does not handle accountability. Here is what the data shows and how AGLedger bridges the gap.
Testing to Learn: Deterministic CI, Probabilistic Agents, and the MCP Proxy We Killed
2,900+ deterministic tests per build plus LLM-agent simulations with controlled product awareness. How that mix falsified our MCP-proxy architecture in one month.
Zero Dispatcher Calls: When Accountability Became the Coordination Layer
We removed the task dispatcher from a 3-agent system. Instead of breaking, agents coordinated entirely through accountability tools - 56 receipts, 41 auto-settled, 0 dispatcher calls.
We Published Our Security Whitepaper
AGLedger's security architecture is now public. 18 sections covering trust boundaries, cryptographic design, threat model, compliance mappings, and post-quantum readiness.
Designing APIs for AI Agents: Lessons from 3 LLM Providers
36 tools tanked completion to 0%. 10 focused tools achieved full lifecycle closure. What we learned testing Claude, GPT, and Gemini against the same API.
Budget LLMs Outperform Premium Models at Task Completion
Haiku and GPT-4o-mini beat Sonnet and GPT-4o at actually finishing work. The "Doers vs Planners" phenomenon.
Zero-Scaffolding API Discovery: Can Agents Learn Your API from Scratch?
HTTP + llms.txt achieved 100% record lifecycle completion. SDK achieved 0%. What this means for API design.
109 Records per Second on One 2-vCPU Node: AGLedger Performance at Scale
1.0.0 GA stamp on the smallest practical AWS footprint. 109 records/sec notarize on a single pod; 999,006 records through 240 forced pod-kills, zero forks.
EU AI Act Article 12: What Event Logging Actually Requires for AI Agents
A deep dive into Article 12 event logging requirements and how structured accountability records satisfy them automatically.
NIST AI RMF for AI Agent Operations: A Practical Mapping
How the four NIST AI RMF functions - GOVERN, MAP, MEASURE, MANAGE - map to agent accountability infrastructure.
ISO 42001 Certification Evidence: What Auditors Actually Want to See
Practical guidance on generating ISO/IEC 42001:2023 certification evidence as a byproduct of AI agent operations.