# How to Generate Cryptographic Proof of AI Agent Authorization (EU AI Act Article 14) > Source: > Published: 2026-06-27 04:16:58+00:00 EU AI Act Article 14 enforcement starts **August 2, 2026**. If you're building AI agents that access sensitive data, process customer information, or make autonomous decisions — you need to demonstrate **human oversight with verifiable artifacts**. Not logs. Not observability traces. **Cryptographic proof.** In this post, I'll show you how we built [Verigate](https://verigate.cloud) — a cryptographic trust infrastructure for AI agents — and how you can use it to generate tamper-evident authorization receipts that any auditor can verify offline. *This content was created for the Build with Gemini XPRIZE.* Every AI agent platform today — LangChain, CrewAI, Google ADK, Zapier AI — lets agents take actions. But none of them produce **independently verifiable proof** that the action was authorized according to policy. When your agent: ...what evidence exists that this action was authorized? A database log? That can be modified. An observability trace? That's vendor-dependent. A timestamp? That proves when, not whether. Article 14 of the EU AI Act requires deployers to demonstrate five capabilities: That fifth requirement is where most teams fail. You need artifacts that are: Here's how Verigate solves this: When an agent requests authorization, the gateway evaluates policy rules (allowlist, resource scope, rate limit) and produces an **Ed25519-signed receipt**: ``` { "body": { "v": "1", "seq": "42", "ts": "2026-06-26T10:30:00Z", "request_digest": "sha256:0e6d5b86f01f...", "policy_version": "sha256:d59a1e4171e6...", "decision": "approve", "reasons": [], "prev_receipt": "sha256:b3f51c8824bc..." }, "sig": { "alg": "EdDSA", "kid": "gateway-prod-a1b2c3d4", "value": "7WiFneT3tLRtE2Iztm..." }, "receipt_hash": "sha256:2a3e65a3ade468..." } ``` Key properties: Each receipt's `prev_receipt` field contains the SHA-256 hash of the previous receipt. This creates a tamper-evident chain: ``` Receipt #1 (genesis) → prev: sha256:0000...0000 Receipt #2 → prev: sha256(Receipt #1) Receipt #3 → prev: sha256(Receipt #2) ... ``` Modify any receipt in the chain, and every subsequent `prev_receipt` hash becomes invalid. Insert or delete a receipt, and the sequence numbers break. Receipt hashes are organized into a Merkle tree using domain-separated hashing: ``` Leaf: SHA256("BI_RECEIPT_LEAF_V1" || 0x00 || receipt_hash) Node: SHA256("BI_RECEIPT_NODE_V1" || 0x00 || left || right) ``` This lets you prove a specific receipt is included in a batch without downloading all receipts. The `/v1/engine/merkle/proof` endpoint returns the sibling hashes and directions. For regulated industries, the Merkle root can be anchored on **Base mainnet** (chain ID 8453) as transaction calldata: ``` Anchor TX → burn address (0x000...000) Value: 0 Calldata: 32-byte Merkle root ``` This creates an immutable timestamp proving the receipt chain existed at a specific block height. Verifiable on [BaseScan](https://basescan.org) by anyone, forever. Here's what makes this architecture unique: **the authorization decision is fully deterministic**. No AI model can influence whether an action is allowed or denied. The policy engine evaluates three rule types: All three must pass. Any failure → deny. Gemini (via Vertex AI) powers six AI agents that sit *outside* the authorization path: The security boundary is explicit: AI advises, the gateway decides. ``` python from sdk import Verigate # Provision a tenant (or use an existing API key) vg = Verigate(api_key="as_...") # Register your agent vg.register_agent("my-bot", name="My Bot", capabilities=["read", "query"]) # Authorize an action result = vg.authorize("my-bot", action="read", resource="/data/users") print(f"Decision: {result.decision}") print(f"Receipt: {result.receipt_hash}") # Verify the chain chain = vg.verify_chain() print(f"Chain valid: {chain['valid']}") report = vg.generate_compliance_report( agent_name="my-bot", agent_description="Reads customer profiles from staging database", capabilities=["read", "query"], data_types=["PII", "customer_records"], frameworks=["EU AI Act", "HIPAA", "SOC 2"], ) print(f"Findings: {len(report.findings)}") # Download PDF: GET /v1/compliance/report/{report.report_id}/pdf { "mcpServers": { "verigate": { "command": "python", "args": ["/path/to/mcp_server.py"], "env": { "VERIGATE_API_KEY": "as_..." } } } } ``` 56 tools available — authorize, verify, register agents/resources/actions, generate compliance reports, chat with the multi-agent system. Not ready to commit? Try the [free compliance quick-scan](https://verigate.cloud/v1/compliance/quick-scan) — describe your agent and get 3 EU AI Act findings in 30 seconds. No signup required. Full report with all 6 frameworks (EU AI Act, HIPAA, SOC 2, DORA, NIST AI RMF, OWASP LLM Top 10): [$299 one-time](https://verigate.cloud/eu-ai-act). Built with Google Gemini 2.5 (Vertex AI), Google ADK 2.1, Cloud Run, and Firestore.