Specification | Schema | Examples | Registry | Test Suite | Reference Impl
Developer Preview. Launching at Confidential Computing Summit, June 23 2026.
An open specification for hardware-attested AI agent governance records. TRACE defines the format, anchoring protocol, and verification rules for cryptographically provable evidence that an AI agent ran under a specific policy, in a verified hardware environment, on classified data, invoking identified tools — bound into a single signed artifact rooted in silicon attestation.
A TRACE Trust Record answers: what ran, where, under which policy, touching which data, calling which tools — in a form any third party can verify without trusting the operator.
pip install agentrust-tracefrom agentrust_trace import TrustRecord, sign_record
record = TrustRecord(
subject="spiffe://trust.example.org/agent/payments-processor",
model_id="claude-sonnet-4-6",
platform="amd-sev-snp",
policy_hash="sha256:b2c3d4...",
)
signed = sign_record(record, key=signing_key)| 📖 Full documentation | trace.agentrust-io.com |
| 📄 Specification | spec/trace-v0.1.md |
| 🔍 Schema | schema/trace-claim.json |
| 📦 PyPI | agentrust-trace |
| 🧪 Test suite | trace-tests |
| 🗂 Registry | trace-registry |
| 🔗 Reference implementation | cmcp |
| 💬 Discussions | GitHub Discussions |
| 📋 Changelog | CHANGELOG.md |
Targeting the Agentic AI Foundation (AAIF) at the Linux Foundation. Active standardization track in CoSAI WS4. Builds on RFC 9711 (EAT), RFC 9334 (RATS), and SCITT draft-22.
See CONTRIBUTING.md and GOVERNANCE.md. All contributors must agree to the ANTITRUST.md policy.