PRIVATE.ME PLATFORM

xLineage: AI Agent Tool-Use Chain of Custody

HMAC-chained audit trail for AI agent tool calls. Every tool invocation, its parameters, and results are DID-signed and cryptographically linked.

AI/ML Governance AVAILABLE NOW XorIDA Powered 71 Tests Passing

Section 01

The Problem

AI agents use dozens of external tools, but there is no verifiable record of which tools were called, with what parameters, or what results were returned.

Tool-use agents can call APIs, query databases, execute code, and modify systems. Without a chain-of-custody log, there is no way to reconstruct what an agent did, why, or whether it was authorized.

Standard logging is insufficient because logs can be tampered with. A compromised agent can delete or modify its own log entries to cover its tracks.

The Old Way: Tamperable Logs

Industry Pain Point

The $3.2B AI governance market lacks cryptographic audit infrastructure. Organizations deploying autonomous agents have no way to prove what the agent did, detect tampering, or enforce multi-party approval for sensitive operations.

Section 02

The PRIVATE.ME Solution

xLineage creates an HMAC-chained, DID-signed record of every tool invocation. Each entry is cryptographically linked to the previous, making tampering detectable.

Every tool call generates a signed entry: tool name, parameters (hashed if sensitive), result hash, timestamp, and the calling agent's DID. Entries are HMAC-SHA256-chained.

Threshold authorization can gate sensitive tools — require K-of-N approval before the agent can execute high-risk operations like database writes or payment calls.

The New Way: Tamper-Evident Chain

Key Innovation

DID signatures ensure non-repudiation. HMAC chaining makes tampering detectable. K-of-N threshold gates enforce multi-party approval for sensitive tools. All cryptographically verifiable without trusting the agent.

Section 03

Solution Architecture

xLineage provides an append-only tool-use audit trail with HMAC chaining, DID signatures, and optional threshold gates for sensitive operations.

Production Implementation

xLineage ships with 71 tests across 4 test files, all passing. The package includes production-ready modules:

audit.ts (214 LOC) — HMAC-chained audit trail generation and integrity verification
tracking.ts — Tool call event logging with DID signatures and parameter hashing
verification.ts — Chain integrity verification and tamper detection
reconstruction.ts — Event replay and forensic reconstruction from chained logs

Pipeline Architecture

Core Modules

audit.ts (214 LOC)

HMAC-chained audit trail generation. Each event includes: eventId, lineageId, actionType, actorDid, timestamp, dataHash, prevHash. Chain integrity verified on retrieval via sequential HMAC validation.

tracking.ts

Tool call event logging with DID signatures. Logs tool name, parameter hashes (protects sensitive inputs), result hashes, and execution metadata. Events cryptographically attributed to calling agent.

verification.ts

Chain integrity verification and tamper detection. Validates HMAC chain continuity, DID signature authenticity, and event ordering. Returns detailed failure diagnostics on chain break.

reconstruction.ts

Event replay and forensic reconstruction. Rebuilds agent action sequence from chained logs. Supports filtered playback by agent DID, tool type, or time range.

Security Properties

Every tool call is DID-signed and HMAC-chained. Sensitive tools can require K-of-N threshold approval gates before execution. The chain is tamper-evident — modifying any entry invalidates all subsequent hashes. DID signatures ensure non-repudiation, parameter hashing protects sensitive inputs.

Section 04

Real-World Use Cases

🤖

AI AGENTS

Tool-Use Audit

Tamper-evident log of every tool an agent calls, with parameters and results.

Audit

🔒

SECURITY

Gated Tool Access

Require multi-party approval before agents can use sensitive tools.

Threshold

📋

COMPLIANCE

Agent Accountability

Irrefutable record of agent actions for regulatory compliance.

Compliance

🔍

FORENSICS

Incident Investigation

Reconstruct exactly what a compromised agent did and when.

Forensics

Section 05

Developer Experience

Quick Start — Basic Audit Trail

import { auditChain, verifyChain } from '@private.me/xlineage';

// Log tool call with DID signature
const result = await auditChain({
  lineageId: 'agent-session-abc',
  actionType: 'tool:database.query',
  actorDid: agent.did,
  dataHash: hashParams(queryParams)
});

// Verify chain integrity before forensic reconstruction
const verification = await verifyChain('agent-session-abc');
if (!verification.ok) {
  console.error('Chain tampered!', verification.error);
}

K-of-N Threshold Gates for Sensitive Tools

import { gateToolCall } from '@private.me/xlineage';

// Require 2-of-3 approval for payment API calls
const gateResult = await gateToolCall({
  toolName: 'stripe.createCharge',
  threshold: 2,
  totalShares: 3,
  approverDids: [did1, did2, did3],
  paramsHash: hashParams(chargeData)
});

if (gateResult.ok) {
  // Execute payment only after threshold approval
  await executeCharge();
  await auditChain({ /* log execution */ });
}

API Reference

auditChain(opts): Promise<Result<AuditEvent, Error>>

Logs an action to the HMAC-chained audit trail. Each event includes: eventId, lineageId, actionType, actorDid, timestamp, dataHash, prevHash. Chain integrity preserved via cryptographic linking.

verifyChain(lineageId): Promise<Result<AuditChain, Error>>

Verifies chain integrity for a lineage. Validates HMAC continuity, DID signatures, and event ordering. Returns detailed failure diagnostics on tamper detection.

gateToolCall(opts): Promise<Result<boolean, Error>>

Enforces K-of-N threshold approval before sensitive tool execution. Collects approver signatures, validates threshold, logs gating decision to audit trail.

Section 06

Security Properties

Property	Mechanism	Guarantee
Integrity	HMAC-SHA256 chain	✓ Tamper-evident
Attribution	DID signatures	✓ Non-repudiation
Access control	Threshold gates	✓ K-of-N for sensitive tools
Privacy	Parameter hashing	✓ Sensitive params hidden

$3.2B

AI governance TAM

Tests passing

214

LOC audit.ts

K-of-N

Threshold gates

Test Coverage

xLineage ships with comprehensive test coverage across 4 test files:

audit.test.ts (23 tests) — Chain generation, HMAC linking, tamper detection
verification.test.ts (23 tests) — Integrity verification, DID signature validation, chain break diagnostics
reconstruction.test.ts (19 tests) — Event replay, filtered playback, forensic reconstruction
tracking.test.ts (6 tests) — Tool call logging, parameter hashing, DID attribution

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xLineage?

Talk to Sol, our AI sales engineer, or book a live demo with our team.

Book a Demo

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xlineage
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xLineage is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →