Metadata-Version: 2.4
Name: argus-receipts
Version: 0.1.0
Summary: Evidence receipts for agent work: hash-chained, signable execution records that prove claimed results trace to real runs.
Project-URL: Homepage, https://argusdiff.com
Author: Argus
License: MIT
License-File: LICENSE
Keywords: agents,audit,provenance,receipts,verification
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Requires-Python: >=3.10
Provides-Extra: dev
Requires-Dist: cryptography>=42; extra == 'dev'
Requires-Dist: pytest; extra == 'dev'
Requires-Dist: ruff; extra == 'dev'
Provides-Extra: sign
Requires-Dist: cryptography>=42; extra == 'sign'
Description-Content-Type: text/markdown

# argus-receipts

**Evidence receipts for agent work.** AI agents claim "done" with no
artifacts; 43% of AI code changes need production debugging; agents exceed
their permissions and nobody can reconstruct what actually ran.
`argus-receipts` wraps any unit of work in a receipt — command, exit code,
artifact hashes, timestamps — hash-chained into an append-only ledger and
optionally signed, so claimed results provably trace to real runs.

The company building this runs on it: every material decision Argus (the
company) makes carries a receipt in a ledger of exactly this format.

## Install

```bash
pip install argus-receipts          # stdlib-only core
pip install "argus-receipts[sign]"  # + Ed25519 third-party-verifiable signatures
```

## Use

```bash
# wrap a run: records command, exit code, and the hash of what it produced
argus-receipts run --ledger ops.jsonl --actor build-bot \
  --artifact dist/app.tar.gz -- make release

# receipt a decision (the "why" lives in your docs; the receipt makes it tamper-evident)
argus-receipts record --ledger ops.jsonl --actor operator \
  --action "decision: ship v0.2" --artifact DECISIONS.md

# verify everything: ids honest, chain unbroken, artifacts unmodified, signatures valid
argus-receipts verify --ledger ops.jsonl
```

As a library:

```python
from argus_receipts import Ledger
from argus_receipts.signer import Ed25519Signer

ledger = Ledger("ops.jsonl", signer=Ed25519Signer.from_file("ops.key"))
receipt, proc = ledger.run(["pytest", "-q"], actor="ci", artifacts=["report.xml"])
assert ledger.verify().ok
```

## Guarantees (and honest non-guarantees)

- A receipt's `id` is the SHA-256 of its canonical body: edit anything, the id
  breaks. Each receipt embeds its parent's id: delete or reorder, the chain
  breaks. Re-hash artifacts at verify time: silent drift is caught.
- HMAC signatures bind receipts to a shared secret (one trust domain);
  Ed25519 signatures are verifiable by anyone holding the public key.
- NOT guaranteed: that the command *did the right thing* (receipts prove what
  ran and what it produced, not that it was wise), and a signer who controls
  the whole ledger file can rewrite history they signed — anchor the ledger
  tip externally (e.g., commit it) for that.

## License

MIT.
