Scopes
Open Scopes

Trust & security · provenance by architecture

Every action, provable.

Because every move on an arc is signed, authorized, and recorded before it commits, trust isn't a policy document — it's the architecture. Humans and agents are equally accountable, and every decision is replayable end to end.

action lifecycle · every arc operation
human gateimmutable
Propose

Agent drafts an action with full context

Sign

OAS DID · Ed25519 signature attached

Authorize

Per-scope capability token verified

Approve

Human gate for high-risk actions

Commit

Immutable beat written to the arc

Audit

Replayable · hash-chained · attributed

No-amplification rule: delegated tokens carry at most the authority of the delegator — capability can only narrow, never expand.

Every operation flows through the same six stages — whether it's a human click or an agent running autonomously at midnight. The Approve gate activates for high-risk actions; every Commit lands as an immutable, signed beat.

Six guarantees that don't depend on process.

Cryptographic identity

Every actor — human or agent — carries an OAS DID backed by Ed25519 keys. No anonymous actions.

Per-scope capability tokens

Signed ACTs grant exactly the operations required, nothing more. Delegation can only narrow, never amplify.

Tenant isolation

Data is namespaced and access-controlled at the platform level. One tenant cannot read another's arcs.

Encryption everywhere

AES-256-GCM at rest. TLS 1.3 in transit. Keys rotated on schedule and on demand.

Immutable audit log

Every beat is hash-chained to its predecessor. History cannot be edited — only extended.

SSO & SCIM

SAML 2.0 and OIDC for enterprise SSO. SCIM 2.0 for automated provisioning and deprovisioning.

Accountable all the way down.

Every decision, replayable.

The audit log isn't a separate system bolted on after the fact. Every beat is hash-chained, actor-attributed, and traceable to a human root — so you can replay exactly what happened, who authorized it, and which capability token was in scope at the time.

  • Human actors — direct accountability
  • Agent actors — traceable to spawning human
  • No-amplification delegation — capability only narrows
  • Full provenance replay — any point in time
audit log · immutablereplayable
#9f2a…c12025-03-14 · 09:41:03Z
agent:renewal-ops·beat.append·acme_corp
#b740…8e2025-03-14 · 11:02:57Z
j.rivera·mode.set → propose·northwind_eu
#4ad9…022025-03-14 · 14:17:30Z
agent:watcher·context.read·techflow_inc
prev_hash chained ↑Ed25519 signed

Keep reading

Agents

Signed agent identity, capability tokens, and the OAS DID that ties every action to a human root.

Modes

Control how much authority an agent has — read-only, propose, or execute — and when the human gate fires.

Context documents

Versioned, signed snapshots that agents read in one shot — every revision is itself an attributed beat.

Trust built into the architecture.

Cryptographic identity, scoped delegation, and an immutable audit trail — not bolted on, but inherent to every action.

Open ScopesSee pricing