AI agents make decisions, access data, and invoke services autonomously. HATS produces cryptographic proof of every action — independently verifiable, post-quantum signed.
Autonomous AI agents operate without human oversight at execution time. When something goes wrong, current verification approaches fail.
Agents write their own logs. A compromised or misconfigured agent can omit, reorder, or fabricate log entries. Self-reported activity is not evidence.
Did the agent read PII? Access medical records? Query a restricted database? Without cryptographic attestation, there is no verifiable answer — only the agent's claim.
Agent A calls Agent B calls Agent C. Who touched what data? Who authorized the delegation? Current architectures have no provenance chain — just nested API calls.
Cyber insurers are excluding AI agent actions from coverage. Without independently verifiable proof of agent behavior, liability shifts entirely to deployers.
Every agent action generates a 74-byte cryptographic commitment. The full chain is independently verifiable without access to the agent system.
No system access required for verification. Auditors, regulators, and insurers verify agent behavior using only the 74-byte H33-74 commitments and the public verification endpoint. No VPN, no agent credentials, no infrastructure access.
When agents delegate to other agents, each link in the chain is cryptographically bound. The chain breaks precisely at the point of compromise.
Chain breaks at point of compromise. If Agent B's attestation is invalid — wrong authority, tampered data, expired delegation — Agent C refuses to proceed. The failure is localized and attributable. No silent failures, no ambiguous blame.
Every attestable event produces a 74-byte H33-74 commitment: 32 bytes on-chain, 42 bytes in Cachee. Three post-quantum signature families.
| Event Type | What Is Recorded | H33-74 Commitment |
|---|---|---|
| Data Access | Which data sources the agent read, field-level scope, timestamp | 74 bytes — PQ-signed |
| Computation Type | Operation performed (inference, aggregation, comparison, transformation) | 74 bytes — PQ-signed |
| Delegation Authority | Who authorized the agent, scope of delegation, expiry | 74 bytes — PQ-signed |
| Policy Compliance | Which policies were evaluated, pass/fail status, policy version hash | 74 bytes — PQ-signed |
| Output Hash | SHA3-256 hash of agent output — proves output was not modified after attestation | 74 bytes — PQ-signed |
| Timestamp | Attestation creation time, chain position, ordering proof | 74 bytes — PQ-signed |
74 bytes per event. Three post-quantum signature families (ML-DSA + FALCON + SLH-DSA) compressed into 74 bytes via the H33-74 substrate. Breaks only if MLWE lattices, NTRU lattices, and stateless hash functions are all simultaneously broken — three independent mathematical bets.
HATS is a publicly available technical conformance standard for continuous AI trustworthiness; certification under HATS provides independently verifiable evidence that a system satisfies the standard's defined controls.
HATS does not audit after the fact. It continuously monitors agent behavior in real time, generating attestations as actions occur — not reconstructing them from logs later.
Every HATS control produces a cryptographic commitment. Compliance is not a checkbox — it is a verifiable chain of post-quantum signed attestations that any third party can independently validate.
HATS defines controls specifically for autonomous AI agents: delegation authority verification, data access scope enforcement, multi-agent chain integrity, and output attestation.
AI agents are deploying across regulated industries. Each has specific compliance requirements that agent attestation addresses directly.
Prove that an AI agent accessing patient records stayed within authorized scope. Attest every PHI access event. Provide verifiable evidence for HIPAA audits without exposing patient data.
AI agents making investment decisions, executing trades, or assessing credit need verifiable proof that they operated within fiduciary bounds. Attestation creates the audit trail regulators require.
AI agents reviewing documents, conducting discovery, or generating summaries create chain-of-custody concerns. Attestation proves which documents were accessed and what operations were performed.
Cyber insurers need to assess whether AI agents operated within policy terms. Agent attestation provides the independently verifiable evidence required for claims processing and coverage decisions.