← primitives
draft-kya-audit-01

AUDIT

draft-kya-audit-01

Accountability by design.
Complete action history.
Non-repudiable audit trails.

1. Audit Model

Every significant action is logged. Logs are cryptographically signed. The complete chain is reconstructible. 

Consent → Delegation → Invocation → Execution
    ↓          ↓            ↓            ↓
  Logged    Logged       Logged      Logged

2. Audit Events

Required audit events:

CONSENT_GRANTED     Human approved delegation
CONSENT_REVOKED     Human revoked delegation
DELEGATION_CREATED  Delegation token issued
DELEGATION_EXPIRED  Delegation naturally expired
TOOL_INVOKED        Agent called a tool
TOOL_EXECUTED       Service executed tool
TOOL_FAILED         Execution failed
SCOPE_EXCEEDED      Agent attempted unauthorized action
PROOF_INVALID       Proof verification failed

3. Audit Log Entry

{
  "id": "audit-12345",
  "type": "TOOL_INVOKED",
  "timestamp": "2025-01-29T12:00:00Z",
  "agentDid": "did:key:z6Mk...",
  "userDid": "did:pkh:eip155:1:0x...",
  "delegationId": "del-67890",
  "action": {
    "tool": "read_calendar",
    "arguments": { "date": "2025-01-29" }
  },
  "result": "success",
  "proofRef": "sha256:...",
  "metadata": {
    "clientIp": "203.0.113.42",
    "userAgent": "claude-desktop/1.0"
  }
}

4. Log Integrity

Logs form a hash chain.
Each entry references the previous.
Tampering is detectable. 

entry[n].previousHash = sha256(entry[n-1])
entry[n].signature = sign(entry[n], serviceKey)

5. Retention

Audit logs MUST be retained for compliance.
Minimum retention period depends on jurisdiction.
Logs MUST be exportable in standard formats.

6. Access

Audit log access:

- Humans can view their own delegation logs
- Agents can view their own action logs
- Services can view their own execution logs
- Compliance officers can view aggregated logs
- No party can modify historical logs

7. Blast Radius Analysis

Audit logs enable blast radius calculation.
What did the agent access?
What was the scope of impact? 

blast_radius = {
  delegations: [del-1, del-2],
  tools_invoked: ["read_calendar", "send_email"],
  data_accessed: ["calendar:events", "email:drafts"],
  actions_taken: 47,
  time_window: "2025-01-29T10:00:00Z/2025-01-29T14:00:00Z"
}
View Source · GitHub