Self-reported logs are not evidence
An autonomous agent that sends messages, changes systems, or moves value produces a log — a text file its operator controls. A log that can be edited after the fact is indistinguishable from one written at the time. When a question arrives — a client disputing what was delivered, a counterparty disputing what was sent, your own postmortem of an agent gone sideways — the log's value depends on being able to show this is what the record said then, and it has not changed since. A file on the operator's disk cannot show that.
What anchoring adds
Orphograph gives each consequential action record a Bitcoin-anchored receipt: the record is hashed on your machine, the fingerprint is anchored to the Bitcoin blockchain, and you get a dated receipt plus a hosted certificate page anyone you authorize can check in their own browser. Three properties do the work:
- Dated. The record provably existed by the time of a specific Bitcoin block. A receipt anchored seconds after the action cannot have been written after the dispute started.
- Tamper-evident. Change one byte of the record — a recipient, an amount, a timestamp — and it no longer matches the receipt.
- Verifiable without trusting the operator. The proof is an open format checked against the public chain; the verifier is open source. The person relying on the record needs no account and no relationship with the person who made it.
If you are the one accepting agent work
The receipt is built for your side of the table. Before you rely on a delivered artifact or a claimed action, ask for its receipt and verify it yourself — drop the file or record you were given onto the acceptance page and check it against the certificate. A "yes" means the bytes in front of you are the bytes that existed at the anchored time. Operators who anchor as they work can answer any dispute with a link; operators who cannot produce receipts are asking you to take their logs on faith.
What this is not
Honesty is the product, so the scope is narrow and stated plainly. A receipt is not proof that an action was correct, authorized, safe, or legal, and anchoring is not a compliance regime or an agent-safety mechanism. It makes the record of what happened tamper-evident and independently datable — which is what turns a log into evidence. What that evidence establishes in any particular dispute is a question for that forum.
Run it inside the agent
A dependency-free CLI plus a drop-in skill let the agent anchor its own trail as it works — one-line action records, artifacts it produces, and a daily manifest of its memory files:
# Anchor a one-line action record the moment it happens
echo "sent invoice #42 to client-7" | python3 orpho_agent_anchor.py anchor-text --label "billing"
# Anchor an artifact the agent produced
python3 orpho_agent_anchor.py anchor-file ./deliverable.zip --label "handoff"
# Nightly: anchor a manifest of the agent's memory files
python3 orpho_agent_anchor.py anchor-memory ./workspace --label "memory"
MCP-capable agents can anchor through the MCP server instead — proof of existence becomes part of the agent's output, not an afterthought. Setup for both lives on the integrations page.
Give your agents a paper trail today
The receipt is dated from the moment you anchor — an audit trail started before the first dispute is worth more than one reconstructed after it.
FAQ
Does a receipt prove my agent's action was correct or authorized?
No. A receipt proves one thing: the action record existed, in exactly this form, by the time of a specific Bitcoin block, and has not been altered since. Whether the action itself was correct, authorized, or wise is a question the record helps you argue — the receipt makes the record trustworthy, not the action.
Does the content of the agent's actions leave our environment?
No. The action record is hashed locally with SHA-256; only the fingerprint is sent to be anchored. The record itself — what the agent did, to whom, with which parameters — stays on your machine.
I'm hiring agent-driven work from someone else. How does this help me?
Ask the operator for receipts. Each one is a public certificate page you can open in your own browser and verify against the Bitcoin blockchain — no Orphograph account and no trust in the operator required. If the log they show you later doesn't match the receipt, the log changed.
What happens to my receipts if Orphograph disappears?
The receipt is an open format: a SHA-256 digest plus OpenTimestamps proofs committed to the Bitcoin blockchain. Verification needs only the record, the .ots files, and the public chain — none of which depend on Orphograph existing. An MIT-licensed verifier is published for exactly this reason.