# AEVS

> AEVS is an open-source Python SDK by Fetch.ai that generates tamper-evident, ECDSA-signed receipts for every AI agent tool call, enabling independent audit and verification.

AEVS (Agent Execution Verification System) is an open-source Python SDK built by Fetch.ai that intercepts AI agent tool calls and produces cryptographically signed, hash-chained receipts for every action. Currently in beta (v0.2.2), it integrates with LangChain, LangGraph, and the Model Context Protocol (MCP) with zero changes to existing agent code.

## What It Is

AEVS addresses a fundamental gap in AI agent observability: model-generated text describes intent but does not constitute proof of execution. When an agent says "Refund sent," there is no portable, independently verifiable record of which tool ran, with which inputs, or what the API returned. AEVS fills that gap by sitting between the agent and its tools, capturing every invocation and sealing it with an ECDSA P-256 signature backed by a KMS, then linking each receipt to the previous one via a hash chain. The result is a tamper-evident audit trail that auditors can verify using only a `reference_id` — no access to the codebase or agent logs required.

## How the Receipt Chain Works

The SDK operates in three stages on every tool call:

- **Catch** — AEVS intercepts the invocation and records tool name, inputs, output, timing, and any errors.
- **Sign** — Each receipt is ECDSA-signed (P-256) and linked to the previous receipt's hash, so any alteration or skipped entry is detectable.
- **Verify** — Anyone with a `reference_id` can call the public verify API (`GET /v1/receipts/verify/<reference_id>`) or use the web explorer to confirm the signature independently.

Receipts are buffered locally in an encrypted SQLite database before being flushed to the AEVS backend over HTTPS via a background thread, making the flow crash-safe.

## Visibility Controls

AEVS gives developers three receipt visibility modes, set per agent at configuration time:

- **public** — Full tool payloads (inputs, outputs, metadata) are visible to anyone with the `reference_id` or explorer access. Suited for demos and shared audits.
- **private** (default) — Full payloads are stored and accessible to the account owner; public verify and explorer show `[REDACTED]` for inputs and outputs.
- **proof_only** — Inputs and outputs are stripped before ingest; only hashes and metadata are kept. Designed for PCI, health, or other regulated data that must not be persisted.

A separate per-agent dashboard toggle controls whether an agent's receipts appear on the public explorer listing at all, while the verify API remains functional as long as the caller has the `reference_id`.

## Setup Path

Installation is a single pip command with optional framework extras:

- `pip install aevs` for the base SDK
- `pip install aevs[langchain]` for LangChain / LangGraph (requires `langchain-core >= 0.2`)
- `pip install aevs[mcp]` for Model Context Protocol (requires `mcp >= 1.20`)

Configuration requires an `AEVS_API_KEY` and `AEVS_AGENT_ID`, which can be passed directly or set as environment variables. If credentials are missing, the SDK logs a warning and runs in no-op mode — the agent continues to function normally, receipts simply are not recorded.

## Update: v0.2.2

The latest release is v0.2.2, published on June 9, 2026. The repository was created in April 2026 and last pushed in June 2026, indicating active early development. The homepage banner explicitly marks AEVS as beta, noting that APIs and the explorer may change. The SDK is licensed under Apache 2.0 and the source is publicly available at `fetchai/AEVS-sdk` on GitHub.

## Features
- Tamper-evident signed receipts for every agent tool call
- ECDSA P-256 signatures backed by KMS
- Hash-chained receipts for sequential integrity
- Drop-in SDK with zero changes to existing agent code
- LangChain and LangGraph integration
- Model Context Protocol (MCP) integration
- Independent receipt verification via public API or web explorer
- Three receipt visibility modes: public, private, proof_only
- Encrypted local SQLite buffer for crash-safe receipt storage
- Background thread receipt flushing to AEVS backend
- Per-agent explorer listing toggle
- Session and reference ID tracking
- No-op mode when credentials are absent (agent keeps working)
- Python 3.10–3.13 support

## Integrations
LangChain, LangGraph, Model Context Protocol (MCP), OpenAI (via LangChain), ASI:One, PyPI

## Platforms
WEB, API, DEVELOPER_SDK, CLI

## Pricing
Open Source

## Version
v0.2.2

## Links
- Website: https://aevs.fetch.ai
- Documentation: https://github.com/fetchai/AEVS-sdk/tree/main/docs
- Repository: https://github.com/fetchai/AEVS-sdk
- EveryDev.ai: https://www.everydev.ai/tools/aevs