Replay-first execution runtime for AI agents

Cryptographic proof for
every AI decision.

Capture, replay, and verify your AI agents' production runs — with regulatory-grade evidence that stands up in court.

agent.py
from notary import instrument

@instrument(secret_key=NOTARY_KEY)
def run_agent(application):
    # your existing agent — unchanged
    return agent.decide(application)

Five lines. Every run is recorded as a sealed, replayable commit.

Observability shows what happened. It can't prove why.

When an autonomous AI agent fails in production, your logs show the error — but not the cause, and not that your fix actually works. Regulators require more. The EU AI Act, NIST AI RMF, SEC disclosure rules, and OCC guidance all demand forensic proof: what went wrong, why, and evidence the fix prevents recurrence.

$5M–$500M potential fines
8–12 weeks typical investigation
0 tools that prove root cause today

Notary is the execution runtime that makes an agent run reproducible and its remediation provable.

Git for AI agent execution.

Capture → commit
Every prompt, tool call, and decision is recorded as a node in a sealed execution graph.
Replay → checkout
Deterministically re-run the exact incident against real sandbox APIs.
Branch → experiment
Fork the run and try a fix without touching the original.
Diff → compare
See exactly where and how the fixed run diverges.
Verify → certify
Prove the fix resolves the incident and issue a signed certificate.

Tamper-evident capture

HMAC-SHA256 sealing with a Merkle chain. Alter one byte and the proof breaks.

Deterministic replay

Real provider sandboxes (Stripe test mode, GitHub, Salesforce) — not mocks that drift.

Proof of Mitigation

A cryptographically signed certificate regulators and courts can verify independently.

A lending denial, proven in days — not months.

A lending agent denies a qualified applicant: credit score 650, threshold 700. Your compliance team imports the run into Notary. Notary provisions a Stripe test environment, restores the applicant data, and replays the credit check — score 650, reproduced exactly. A developer branches an experiment lowering the threshold to 620. Notary re-runs the branch, diffs it against the original: the agent now approves. Notary issues a signed Proof of Mitigation certificate — root cause, fix, test method, and verified outcome — ready for the regulator.

Who It's For

Debug production AI in minutes.

For Developers

  • Open-source SDK
  • ~5 lines to instrument
  • Works offline
  • Deterministic replay of the real incident
  • Verify a fix before you ship it

Regulatory defense, ready before the audit.

For Compliance & Legal — CISO · Compliance Officer · General Counsel

  • Cut investigation from 8 weeks to 2
  • Signed, court-admissible evidence
  • Immutable chain of custody
  • Push straight into your GRC system

Evidence you don't have to take on faith.

Bring your own key

Seal runs with your own key; Notary never has to hold it.

Publicly verifiable signatures

Certificates signed with asymmetric keys (ECDSA/RSA) — verify with a public key, no secret required.

Immutable audit trail

Append-only, write-once evidence log. Nothing can be silently altered.

GRC-native

Evidence flows into ServiceNow, OneTrust, and AuditBoard, mapped to the right controls.

Built for the frameworks that matter.

EU AI Act (Article 10)NIST AI RMFSEC AI DisclosureOCC Model Risk

Pricing

FreeEssentialsProfessionalRecommendedEnterprise
PriceFree foreverContact usContact usCustom
ForDevelopersSmall compliance teamsCompliance + legalLarge orgs, critical infra
SDK: capture + HMAC sealing + local verify
Framework supportRaw / basicLangChain + rawAll frameworksAll + custom
Deterministic replayLimited (free quota)UnlimitedUnlimitedUnlimited
Real sandboxesStripe onlyStripe, GitHub, SalesforceAll supportedCustom providers
Branching & experiments1 branch / incident5 branchesUnlimitedUnlimited
Mutation testingManualAutomatedAutomatedAutomated
Proof of Mitigation certificates
Certificate signatureECDSAECDSA + RSAECDSA + RSACustom
Compliance reportsEU AI ActAll 4 frameworksCustom
GRC connections15Unlimited
Audit logging / RBAC
SSO
SLABest-effort99.5%99.9%
SupportCommunityEmailPriorityDedicated
Data retention30 days90 days1 yearCustom
Install the SDKContact usContact usTalk to sales

Usage limits and pricing shown are indicative and subject to change.