EU AI Act Article 14 enforcement starts August 2, 2026. If you're building AI agents that access sensitive data, process customer information, or make autonomous decisions — you need to demonstrate human oversight with verifiable artifacts.
Not logs. Not observability traces. Cryptographic proof.
In this post, I'll show you how we built Verigate — a cryptographic trust infrastructure for AI agents — and how you can use it to generate tamper-evident authorization receipts that any auditor can verify offline.
This content was created for the Build with Gemini XPRIZE.
Every AI agent platform today — LangChain, CrewAI, Google ADK, Zapier AI — lets agents take actions. But none of them produce independently verifiable proof that the action was authorized according to policy.
When your agent:
...what evidence exists that this action was authorized? A database log? That can be modified. An observability trace? That's vendor-dependent. A timestamp? That proves when, not whether.
Article 14 of the EU AI Act requires deployers to demonstrate five capabilities:
That fifth requirement is where most teams fail. You need artifacts that are:
Here's how Verigate solves this:
When an agent requests authorization, the gateway evaluates policy rules (allowlist, resource scope, rate limit) and produces an Ed25519-signed receipt:
{
"body": {
"v": "1",
"seq": "42",
"ts": "2026-06-26T10:30:00Z",
"request_digest": "sha256:0e6d5b86f01f...",
"policy_version": "sha256:d59a1e4171e6...",
"decision": "approve",
"reasons": [],
"prev_receipt": "sha256:b3f51c8824bc..."
},
"sig": {
"alg": "EdDSA",
"kid": "gateway-prod-a1b2c3d4",
"value": "7WiFneT3tLRtE2Iztm..."
},
"receipt_hash": "sha256:2a3e65a3ade468..."
}
Key properties:
Each receipt's prev_receipt
field contains the SHA-256 hash of the previous receipt. This creates a tamper-evident chain:
Receipt #1 (genesis) → prev: sha256:0000...0000
Receipt #2 → prev: sha256(Receipt #1)
Receipt #3 → prev: sha256(Receipt #2)
...
Modify any receipt in the chain, and every subsequent prev_receipt
hash becomes invalid. Insert or delete a receipt, and the sequence numbers break.
Receipt hashes are organized into a Merkle tree using domain-separated hashing:
Leaf: SHA256("BI_RECEIPT_LEAF_V1" || 0x00 || receipt_hash)
Node: SHA256("BI_RECEIPT_NODE_V1" || 0x00 || left || right)
This lets you prove a specific receipt is included in a batch without down all receipts. The /v1/engine/merkle/proof
endpoint returns the sibling hashes and directions.
For regulated industries, the Merkle root can be anchored on Base mainnet (chain ID 8453) as transaction calldata:
Anchor TX → burn address (0x000...000)
Value: 0
Calldata: 32-byte Merkle root
This creates an immutable timestamp proving the receipt chain existed at a specific block height. Verifiable on BaseScan by anyone, forever.
Here's what makes this architecture unique: the authorization decision is fully deterministic. No AI model can influence whether an action is allowed or denied. The policy engine evaluates three rule types:
All three must pass. Any failure → deny.
Gemini (via Vertex AI) powers six AI agents that sit outside the authorization path:
The security boundary is explicit: AI advises, the gateway decides.
from sdk import Verigate
vg = Verigate(api_key="as_...")
vg.register_agent("my-bot", name="My Bot", capabilities=["read", "query"])
result = vg.authorize("my-bot", action="read", resource="/data/users")
print(f"Decision: {result.decision}")
print(f"Receipt: {result.receipt_hash}")
chain = vg.verify_chain()
print(f"Chain valid: {chain['valid']}")
report = vg.generate_compliance_report(
agent_name="my-bot",
agent_description="Reads customer profiles from staging database",
capabilities=["read", "query"],
data_types=["PII", "customer_records"],
frameworks=["EU AI Act", "HIPAA", "SOC 2"],
)
print(f"Findings: {len(report.findings)}")
{
"mcpServers": {
"verigate": {
"command": "python",
"args": ["/path/to/mcp_server.py"],
"env": { "VERIGATE_API_KEY": "as_..." }
}
}
}
56 tools available — authorize, verify, register agents/resources/actions, generate compliance reports, chat with the multi-agent system.
Not ready to commit? Try the free compliance quick-scan — describe your agent and get 3 EU AI Act findings in 30 seconds. No signup required.
Full report with all 6 frameworks (EU AI Act, HIPAA, SOC 2, DORA, NIST AI RMF, OWASP LLM Top 10): $299 one-time.
Built with Google Gemini 2.5 (Vertex AI), Google ADK 2.1, Cloud Run, and Firestore.