EveryDev.ai
Subscribe
Home
Tools

3,107+ AI tools

  • New
  • Trending
  • Featured
  • Compare
  • Arena
Categories
  • Agents2063
  • Coding1441
  • Infrastructure665
  • Marketing524
  • Projects470
  • Research437
  • Design408
  • Analytics371
  • MCP268
  • Security265
  • Testing255
  • Data249
  • Integration183
  • Prompts183
  • Communication172
  • Learning166
  • Extensions163
  • Voice146
  • Commerce132
  • DevOps115
  • Web84
  • Finance24
AI Tools by Topic
  • AI Coding Assistants
  • Agent Frameworks
  • MCP Servers
  • AI Prompt Tools
  • Vibe Coding Tools
  • AI Design Tools
  • AI Database Tools
  • AI Website Builders
  • AI Testing Tools
  • LLM Evaluations
Follow Us
  • X / Twitter
  • LinkedIn
  • Reddit
  • Discord
  • Threads
  • Bluesky
  • Mastodon
  • YouTube
  • GitHub
  • Instagram
Get Started
  • About
  • Editorial Standards
  • Corrections & Disclosures
  • Community Guidelines
  • Advertise
  • Contact Us
  • Newsletter
  • Submit a Tool
  • Start a Discussion
  • Write A Blog
  • Share A Build
  • Terms of Service
  • Privacy Policy
Explore with AI
  • ChatGPT
  • Gemini
  • Claude
  • Grok
  • Perplexity
Agent Experience
  • llms.txt
Theme
With AI, Everyone is a Dev. EveryDev.ai © 2026
    1. Home
    2. Tools
    3. halo-record
    halo-record icon

    halo-record

    Compliance and Governance
    Featured

    Tamper-evident, hash-chained runtime audit logs for AI agents — dependency-free, verifiable by anyone, and designed for compliance evidence.

    Visit Website

    At a Glance

    Pricing
    Open Source

    Fully free and open-source under Apache-2.0. Install via pip and use all features including recorder, verifier, witness client, and report server.

    Engagement

    Available On

    Web
    API
    SDK
    CLI

    Resources

    WebsiteDocsGitHubllms.txt

    Topics

    Compliance and GovernanceAgent FrameworksMonitoring Tools

    Alternatives

    DashClawVirtue AIOximy
    Developer
    Brian KuanUnited StatesEst. 2025$500K raised

    Listed Jul 2026

    About halo-record

    halo-record is an open-source Python library by Brian Kuan that creates tamper-evident, append-only audit trails for AI agents. Every tool call, model call, data access, and approval an agent makes becomes a hash-chained record that any party can independently verify — without trusting the operator who produced it. The project is licensed under Apache-2.0 and currently in Alpha (Development Status 3), with active releases on PyPI.

    What It Is

    halo-record implements the Halo Runtime Record format: a JSONL-based, hash-chained log where each record's integrity is anchored to the previous one using RFC 8785 canonicalization and SHA-256. The package ships a recorder, a conformance verifier, a witness client, and a report server — all in approximately 4,300 lines of pure Python with zero runtime dependencies. The format is open and free to implement; this package is the reference implementation. A TypeScript counterpart (halo-record-ts) ships the same chain format and witness protocol for the Node/JS ecosystem.

    How the Integrity Model Works

    Each record's hash is computed by taking the record (excluding integrity.hash), setting integrity.prev_hash to the previous record's hash, canonicalizing with RFC 8785, and SHA-256-ing the bytes. The first record's prev_hash is 64 zeros. Verification recomputes every hash and checks every link — no secret required. The library distinguishes between integrity (nothing was edited or reordered after the fact, provable by the chain itself) and completeness (no records were deleted and re-sealed, which requires an external witness holding periodic chain fingerprints). The halo anchor command supports both local and hosted witness workflows.

    Adapter Matrix and Integrations

    halo-record connects to a wide range of agent runtimes and telemetry sources without requiring code rewrites:

    • Captured at the boundary: native trace() wrapper, MCP interceptor, LangChain/LangGraph callback, OpenAI Agents SDK hooks, Claude Code/Claude Agent SDK hook
    • Ingested from existing telemetry: OpenTelemetry GenAI spans (covering CrewAI, LlamaIndex, and most OTel-instrumented frameworks), LiteLLM callbacks, Langfuse export, any gateway/reverse-proxy log

    Every record carries a source tag so the report discloses how each piece of evidence was collected. Raw argument values never enter a record — arguments are hashed and stored only as a redacted summary.

    Where It Fits in a Compliance Stack

    The project positions halo-record as an evidence layer for AI governance frameworks, not a certification tool. The README maps it to several frameworks:

    • SOC 2 / security questionnaires: verifiable Runtime Reports instead of screenshots and prose
    • OWASP GenAI Security Project / Top 10 for LLM Applications: runtime evidence for excessive agency, tool misuse, and sensitive-information disclosure
    • AARM (CSA): produces the tamper-evident action receipt specified in R5/R6
    • EU AI Act: logging and record-keeping obligations for high-risk AI systems
    • ISO 42001 / NIST AI RMF: operational evidence behind management-system controls

    Update: Version 0.2.4

    The latest release is v0.2.4, published on July 9, 2026, following a rapid release cadence since the project's initial v0.1.0 on June 12, 2026. The 0.2.x series introduced the authority snapshot mechanism (sealing session rules, MCP tool registries, and policy refs into the hash chain), the halo hook command for Claude Code's PostToolUse hook, and the halo export command for date-bounded evidence exports. The project has 52 GitHub stars and 6 forks as of the latest metadata, and the repository shows zero open issues.

    halo-record - 1

    Community Discussions

    Be the first to start a conversation about halo-record

    Share your experience with halo-record, ask questions, or help others learn from your insights.

    Pricing

    OPEN SOURCE

    Open Source

    Fully free and open-source under Apache-2.0. Install via pip and use all features including recorder, verifier, witness client, and report server.

    • Full recorder, verifier, witness client, and report server
    • Zero runtime dependencies
    • CLI with verify, report, serve, grant, anchor, demo, export, hook commands
    • All adapter integrations (LangChain, OpenAI, Claude Code, OTel, etc.)
    • Apache-2.0 license

    Capabilities

    Key Features

    • Append-only, hash-chained audit log for AI agent actions
    • Zero runtime dependencies — standard library only
    • No network calls except opt-in witness (chain fingerprint only, no record contents)
    • Raw inputs never stored — arguments hashed and redacted
    • CLI: verify, report, serve, grant, anchor, demo, export, hook
    • Self-verifying HTML Runtime Reports per tenant
    • Per-customer gated report serving over HTTP
    • Completeness witnessing via external anchor checkpoints
    • Authority snapshot sealing (rules, MCP registries, policy refs)
    • MCP interceptor adapter
    • LangChain/LangGraph callback adapter
    • OpenAI Agents SDK hooks adapter
    • Claude Code PostToolUse hook integration
    • OpenTelemetry GenAI spans ingestion
    • LiteLLM callbacks ingestion
    • Langfuse export ingestion
    • TypeScript counterpart (halo-record-ts) with same chain format
    • CI-friendly non-zero exit on verification failure
    • Date-bounded evidence export (CSV + manifest)
    • RFC 8785 JSON Canonicalization Scheme for hash computation

    Integrations

    LangChain
    LangGraph
    OpenAI Agents SDK
    Claude Code
    Claude Agent SDK
    MCP (Model Context Protocol)
    OpenTelemetry
    LiteLLM
    Langfuse
    CrewAI
    LlamaIndex
    Vercel AI SDK
    API Available
    View Docs

    Ratings & Reviews

    No ratings yet

    Be the first to rate halo-record and help others make informed decisions.

    Developer

    Brian Kuan

    Brian Kuan builds halo-record, an open-source tamper-evident audit trail library for AI agents. The project focuses on making AI agent behavior verifiable and auditable for compliance with frameworks like SOC 2, OWASP, EU AI Act, and NIST AI RMF. The library ships with zero runtime dependencies and an open record format anyone can implement.

    Founded 2025
    United States
    $500K raised
    1 employees

    Used by

    Noma Security (AARM conformance…
    Read more about Brian Kuan
    WebsiteGitHub
    1 tool in directory

    Similar Tools

    DashClaw icon

    DashClaw

    Decision infrastructure for AI agents that intercepts actions, enforces guard policies, requires human approvals, and produces audit-ready decision trails before execution.

    Virtue AI icon

    Virtue AI

    AI-native security and compliance platform for enterprise AI agents, models, and applications with real-time guardrails and automated red-teaming.

    Oximy icon

    Oximy

    Enterprise AI visibility platform that shows which AI tools employees use and provides adoption, spend, and governance insights.

    Browse all tools

    Related Topics

    Compliance and Governance

    AI-enhanced tools for ensuring regulatory compliance and project governance with automated monitoring, risk assessment, and policy enforcement across projects.

    62 tools

    Agent Frameworks

    Tools and platforms for building and deploying custom AI agents.

    487 tools

    Monitoring Tools

    AI-enhanced monitoring solutions that provide real-time visibility into system performance, anomaly detection, and predictive alerting for proactive issue resolution.

    79 tools
    Browse all topics
    Back to all toolsSuggest an edit
    ratings
    discussions