Documentation

What is Proof of Task?

Proof of Task (PoT) is a cryptographic attestation that an AI agent executed a specific task. It is not a consensus mechanism and it is not observability. It is a new verification primitive for the AI agent economy — client-facing proof that work was done, how it was done, and that nobody can alter the record.

3-Level Verification Stack

Every receipt is verified at three independent levels:

① SIGNATURE   Ed25519          → agent signed it
② ENCRYPTION  AES-256-GCM      → data is authentic
③ BLOCKCHAIN  Merkle on Base L2 → record is permanent

Architecture

Agent Action
     ↓
SDK: SHA-256 hash input/output
     ↓
SDK: AES-256-GCM encrypt (viewing key → URL fragment)
     ↓
SDK: Sign payload with Ed25519
     ↓
Save to ~/.openclawscan/ (local backup)
     ↓
POST /api/receipts (server stores encrypted blobs + hashes)
     ↓
POST /api/tasks/certify → Merkle tree → Base L2
     ↓
Public verification: /task/[slug] — 3-level verify in browser

Receipt Format

Each signed receipt contains:

{
  "version": "1.0",
  "receipt_id": "rcpt_wyuc8de1qj93",
  "agent_id": "sentinel-007",
  "owner_id": "github:myuser",
  "timestamp": "2026-02-21T14:31:15Z",
  "action": { "type": "tool_call", "name": "slither_scan", "duration_ms": 8400 },
  "model": { "provider": "anthropic", "name": "claude-sonnet-4-5", "tokens_in": 3840, "tokens_out": 5560 },
  "cost": { "amount_usd": 0.072 },
  "hashes": { "input_sha256": "a1b2c3...", "output_sha256": "f6e5d4..." },
  "context": { "task_id": "uuid", "session_id": "sess_abc", "sequence": 3 },
  "signature": { "algorithm": "ed25519", "public_key": "VzqZ...", "value": "base64..." }
}

Raw input/output are never stored — only SHA-256 hashes. With E2E encryption enabled, even hashes are encrypted (AES-256-GCM) before transmission.