GenticBook a demo
Governed Runtime

Every action. On the record.

Wrap any AI call in gentic.run(). Get back the result and a tamper-evident signed receipt, independently verifiable with no call to Gentic.

Start free →Read the docs

live receipt lifecycle · ed25519 · gentic_rec_

How it works

Three checkpoints. One proof.

01

Intercept

Every AI action passes a runtime checkpoint before execution. No action runs uninspected. The checkpoint records the action, the caller, and any policy constraints.

02

Sign

An Ed25519-signed receipt is issued for the outcome: action, result, cost, and timestamp. Canonical bytes, hash-chained. The signing key never leaves the runtime.

03

Return

Your function receives both the result and the receipt. The proof travels with the output, not behind it. Verify offline with the public key: no account, no network call.

The receipt

This is what proof looks like.

Every Gentic receipt is a JSON document signed with Ed25519. Anyone holding the public key can verify it offline — no network call, no Gentic account.

gentic_rec_94b8b2d499ad4959
─────────────────────────────────────────
actionvoice.call.completed
outcomeappointment.booked
cost$0.42
issued2026-06-26T03:14:22Z
─────────────────────────────────────────
hashec0366511c96824439fe607e2438152b
sigpDFJzf4gSHvvwC7CMKc2HojRPSU2LmqgoraX
alged25519
─────────────────────────────────────────
hash_valid
sig_valid
hash

SHA-256 of the canonical payload: every field, sorted, no whitespace. Rewrite a single byte and the hash fails.

sig

Ed25519 signature over the canonical bytes. Requires the private key to forge. Requires only the public key to verify.

alg

Always ed25519, asymmetric: not HMAC. You verify without ever seeing the private key. No Gentic account.

SDK

Three lines to governed AI.

Drop the SDK in, wrap the call, get the receipt. @gentic/sdk is zero-dependency on Node and ships WebCrypto verify for the browser and Deno.

Zero dependencies

Pure Node node:crypto. No vendored crypto library: the runtime handles signing.

Fails closed

If the control path fails, execution blocks. If observation fails, fn() still runs and the receipt carries unreceipted: true.

WebCrypto verify

Browser and Deno verification ships with the SDK. Same Ed25519 proof, any runtime.

import { Gentic } from '@gentic/sdk'

const gentic = new Gentic({ key: process.env.GENTIC_KEY })

const { result, receipt } = await gentic.run({
  action: 'voice.call.completed',
  fn: () => client.calls.create({
    to: '+17025550198',
    from: '+18449803424',
  }),
})

// receipt.id          === 'gentic_rec_94b8b2d499ad4959'
// receipt.hash_valid  === true
// receipt.sig_valid   === true

A log can be rewritten.

A signed receipt cannot.

Tamper-evident

The receipt hash covers every byte of the signed payload. Alter any field (action, cost, outcome) and the hash fails verification.

Independently verifiable

Anyone holding the public key can verify any receipt, offline, without contacting Gentic. No API call. No trust relationship.

No account required

Verification is a one-liner and a public key. Not a dashboard. Not a Gentic login. The proof belongs to the receipt holder.

Get started

Put your AI on the record.

Talk to us about governed runtimes for your stack. We work with developers, CTOs, and compliance teams who need verifiable AI action trails.

Book a demo →Read the docs