Proof

Receiptverification.Verifier-boundcheck.

Inspect receipt identity, governance binding, causal proof, and the supporting artifact surface without browser-local proof claims.

Two denial scenarios are available as walkable Evidence Pack Tours — OpenClaw and Behavior Governance. Inspect the receipt envelope, evidence pack, and supporting artifacts.

Verify receiptOpen terminal→Inspect evidenceOpen evidence module→Current denial tours2 launch proofs→Cognitive Density replayCollective reasoning before execution→Request accessEvaluation workspace→

Receipt envelope

Identity, governance binding, and receipt refs are inspectable on the public surface.

Evidence surface

Artifacts behind the evidence pack are visible instead of implied.

Fail closed

The verifier-bound policy check stops short of cryptographic success and reports unavailable when verifier response is missing.

/ openclaw unauthorized command denial — primary proof sample

decision: denied · execution: null · outcome: failed_closed

OpenClaw Unauthorized Command — Denial Receipt

Scenario

scenario_id:f47ac10b-58cc-4372-a567-0e02b2c3d479

scenario_name:OpenClaw Unauthorized Command Denial

fixture_mode:deterministic_static_fixture

actor_type:unauthenticated_external_principal

Request

requested_capability:mailbox.read.protected

protected_resource:mailbox://finance-approvals/inbox

Decision Receipt

status:DENIED

denial_reason:actor_not_authorized_for_protected_mailbox

receipt_ref:rcpt_openclaw_decision_001

Execution

status:null — not attempted

execution_occurred:false

Outcome Receipt

status:failed_closed

terminal:true

blocked_capability:mailbox.read.protected

receipt_ref:rcpt_openclaw_outcome_001

Evidence Pack

available:true

correlation_id:3b5d7f9b-1e3a-43b5-9d7f-9b1e3a3b5d7f

pack_id:3fa85f64-5717-4562-b3fc-2c963f66afa6

pack_name:OpenClaw Unauthorized Command Denial Evidence Pack

Denial Receipt is governance evidence — not a system error.

Primary Proof: OpenClaw Unauthorized Command Denial

OpenClaw-style agents operate over live systems through internet-exposed command interfaces. Without a governed execution boundary, an unauthorized command reaches its target. Here, the boundary held: the request arrived, the policy denied it, execution was not attempted, and the outcome is failed_closed. Inspect the decision, the null execution receipt, and the linked Evidence Pack to see what that boundary looks like as evidence.

Decision

DENIED

actor_not_authorized_for_protected_mailbox. The unauthenticated external principal had no authority over mailbox.read.protected.

Execution

null

Execution was not attempted. The execution receipt is null. No capability was exercised against the protected resource.

Outcome

failed_closed

Terminal. Governance held. A Denial Receipt is evidence that the boundary worked — not a system error. Evidence Pack available.

Open OpenClaw Evidence Pack Tour →

/proof - live gateway check

[ SAMPLE INPUT ]

{
  "receipt_id": "e5f1a3c7-9b2d-4e5f-81a3-c79b2de5f1a3",
  "receipt_name": "keon_rcpt_7f3a9b2c1d4e5f60",
  "receipt_type": "governed_effect_receipt",
  "receipt_version": "keon.receipt.v1",
  "tenant_id": "c7a9e1f3-b5d7-4c7a-b9e1-f3b5d7c7a9e1",
  "tenant_name": "tnt_acme_demo",
  "actor_id": "a1e3c5a7-f9b1-4a1e-b3c5-a7f9b1a1e3c5",
  "actor_name": "usr_demo_actor",
  "correlation_id": "f3b5d7a9-e1c3-4f3b-b5d7-a9e1c3f3b5d7",
  "correlation_name": "c01ff9b245aa7e31",
  "policy_hash": "sha256:9f72c41a77b1e08cdd4a11f5e2a0c8f0b6c9471d9f54a02e4b8c31dd66b91f20",
  "merkle_root": "0x8f9c4b2a1d3e7f56a892cd01b3e4f5a678901234b5c6d7e8f91a02bc44dd6f12",
  "spine_ref": "spn_00041872_canon_9f72",
  "receipts": {
    "directive": "b5d7a9e1-c3f5-4b5d-a7a9-e1c3f5b5d7a9",
    "directive_name": "rcpt_dir_01J9Z9",
    "intent": "d7a9e1c3-f5b7-4d7a-b9e1-c3f5b7d7a9e1",
    "intent_name": "rcpt_int_01J9Z9",
    "decision": "f9e1c3f5-b7d9-4f9e-b1c3-f5b7d9f9e1c3",
    "decision_name": "rcpt_dec_9f72c41a77b1",
    "execution": "b1c3f5b7-d9f1-4b1c-b3f5-b7d9f1b1c3f5",
    "execution_name": "rcpt_exe_44dd6f12e91a",
    "outcome": "d3f5b7d9-f1b3-4d3f-b5b7-d9f1b3d3f5b7",
    "outcome_name": "rcpt_out_c01ff9b245aa",
    "evidence_pack": "f5b7d9f1-b3d5-4f5b-b7d9-f1b3d5f5b7d9",
    "evidence_pack_name": "evp_01J9Z9_SAMPLE"
  },
  "decision": {
    "status": "approved",
    "decided_at_utc": "2026-03-05T15:59:58.000Z",
    "authority": "keon.runtime",
    "effect_boundary": "external_system_invocation"
  },
  "execution": {
    "status": "executed",
    "executed_at_utc": "2026-03-05T16:00:00.000Z",
    "capability": "summarize.mailbox.sent",
    "target_ref": "mcp_tool:keon.governed.execute.v1"
  },
  "artifacts": [
    {
      "artifact_id": "c2e4a6c8-e0a2-4c2e-84a6-c8e0a2c2e4a6",
      "artifact_name": "art_doc_01",
      "artifact_type": "document",
      "title": "Source policy memo",
      "source": "internal",
      "uri": "keon://cortex/documents/doc_7a91",
      "content_hash": "sha256:3a6f0f7a9e2c4b8d1f62e90a1e0f9d2b7cc4e15f6a2b4d90d8c3c1007a7ef41a",
      "classification": "tenant_internal",
      "evidence_role": "input_support"
    },
    {
      "artifact_id": "a4c6e8a0-c2e4-4a4c-86e8-a0c2e4a4c6e8",
      "artifact_name": "art_video_01",
      "artifact_type": "video",
      "title": "Operator approval recording",
      "source": "internal",
      "uri": "keon://evidence/media/vid_9012",
      "content_hash": "sha256:a8d20e91c7f1b44240cdd82920de4e4d91fe36d6bdbdcf24d3e0d08a3e29d8f4",
      "classification": "restricted",
      "evidence_role": "human_authority_delegation"
    },
    {
      "artifact_id": "e6a8c0e2-a4c6-4e6a-88c0-e2a4c6e6a8c0",
      "artifact_name": "art_ext_01",
      "artifact_type": "external_url",
      "title": "Vendor system audit record",
      "source": "external",
      "uri": "https://vendor.example/audit/events/8841",
      "content_hash": "sha256:91c2e8d1a44b09fd7c0c2f4bd68cb6a1e45e1b669f2c879fd5913cfb4d8f26a0",
      "classification": "external_reference",
      "evidence_role": "outcome_support"
    }
  ],
  "verification": {
    "signature_algorithm": "ed25519",
    "canonicalization": "jcs-rfc8785",
    "hash_algorithm": "sha256",
    "offline_verifiable": true
  },
  "timestamp_utc": "2026-03-05T16:00:00.000Z",
  "signature": "ed25519:7f3a9b2c18e47df6310af8a5e78aa5c3f42d087f11a3d95ce20f1cb8a4dd1192"
}

Policy hash checkawaiting gateway

Merkle / spine anchor checkverifier required

Signature validationverifier required

Evidence pack receiptevidence pack required

Artifact referencesartifact refs present in sample envelope

[ ENDPOINT RESPONSE ]

No live gateway check has been requested.

verification status

ready

receipt identity

governed_effect_receipt / keon.receipt.v1

governance binding

c7a9e1f3-b5d7-4c7a-b9e1-f3b5d7c7a9e1 / a1e3c5a7-f9b1-4a1e-b3c5-a7f9b1a1e3c5 / f3b5d7a9-e1c3-4f3b-b5d7-a9e1c3f3b5d7

causal anchors

0x8f9c4b2a1d3e7f56a892cd01b3e4f5a678901234b5c6d7e8f91a02bc44dd6f12 / spn_00041872_canon_9f72

evidence pack

f5b7d9f1-b3d5-4f5b-b7d9-f1b3d5f5b7d9

verification block

ed25519 / jcs-rfc8785 / sha256

offline verifiable

true

timestamp

2026-03-05T16:00:00.000Z

[ WHAT THIS PAGE ESTABLISHES ]

Receipt identity is inspectable — type, version, tenant, actor, and correlation are exposed on the public surface.

Governance binding is inspectable — policy hash, actor, and correlation anchor the decision to its context.

Evidence-pack and artifact references are visible — not implied.

Verification posture is explicit — algorithm, canonicalization, and offline-verifiable flag are in the envelope.

Cryptographic validation remains verifier-bound — no browser-local verification success is claimed.

Run the live check to send a governed request to the MCP Gateway and see the policy decision.

Evidence Packs

What an Evidence Pack is.

Evidence Packs are portable inspection artifacts governed by CAES v0.2.0 — the standard for how consequential AI actions are authorized before effect. The receipt envelope supports verifier review, the evidence pack groups the support, and artifacts identify the supporting material behind the pack.

EvidencePack receipt

Receipt reference that groups the support surface for verifier review and offline-verifiable export.

artifacts[]

Documents, recordings, URLs, attestations, or system records inside or behind the evidence pack.

Trust Bundle

Verification material expected by the runtime verifier for full receipt validation.

Verification block

Signature algorithm, canonicalization, hash algorithm, and offline-verifiable posture for recomputation.

Artifacts

artifacts[] references the documents, recordings, external records, screenshots, attestations, or transcripts that sit inside or behind the evidence pack.

documentinternal

Source policy memo

c2e4a6c8-e0a2-4c2e-84a6-c8e0a2c2e4a6

input_support

tenant_internal

keon://cortex/documents/doc_7a91

videointernal

Operator approval recording

a4c6e8a0-c2e4-4a4c-86e8-a0c2e4a4c6e8

human_authority_delegation

restricted

keon://evidence/media/vid_9012

external_urlexternal

Vendor system audit record

e6a8c0e2-a4c6-4e6a-88c0-e2a4c6e6a8c0

outcome_support

external_reference

https://vendor.example/audit/events/8841

Proof has to survive review.

Two Evidence Pack Tours are publicly available: OpenClaw unauthorized command denial and Behavior Governance helpdesk unauthorized action denial. Each shows a governed boundary stopping an unauthorized action before execution.

Current launch-proofDenied unauthorized action

OpenClaw / Unauthorized Command Denied

Internet-exposed autonomous command fails closed before execution

openclaw-unauthorized-command-001

Open Evidence Pack Tour →

Current launch-proofDenied unauthorized action

Behavior Governance / Unauthorized Help Desk Action Denied

Password reset and account disclosure request fails closed before execution

behavior-governance-helpdesk-unauthorized-action-001

Open Evidence Pack Tour →

Saved evidence. Receipt envelopes and linked artifacts are inspectable. Live gateway checks run separately when configured.

Regulatory / Compliance View

Evidence Pack — Execution RecordINSPECTION

This execution record documents a sample AI decision governed by Keon. The public envelope shows receipt identity, governance binding, decision state, execution state, evidence-pack linkage, and verification metadata.

The receipt envelope supports verifier review, the evidence pack groups the support, and artifacts identify the supporting material. Verification remains verifier-bound until a Keon Systems verifier returns status for the envelope and its artifacts.

Governed effect receipt

Receipt identity

receipt_id:e5f1a3c7-9b2d-4e5f-81a3-c79b2de5f1a3

receipt_type:governed_effect_receipt

receipt_version:keon.receipt.v1

Governance binding

tenant_id:c7a9e1f3-b5d7-4c7a-b9e1-f3b5d7c7a9e1

actor_id:a1e3c5a7-f9b1-4a1e-b3c5-a7f9b1a1e3c5

correlation_id:f3b5d7a9-e1c3-4f3b-b5d7-a9e1c3f3b5d7

policy_hash:sha256:9f72c41a77b1e08cdd4a11f5e2a0c8f0b6c9471d9f54a02e4b8c31dd66b91f20

Causal proof

spine_ref:spn_00041872_canon_9f72

merkle_root:0x8f9c4b2a1d3e7f56a892cd01b3e4f5a678901234b5c6d7e8f91a02bc44dd6f12

evidence_pack:f5b7d9f1-b3d5-4f5b-b7d9-f1b3d5f5b7d9

Decision + execution

decision.status:approved

execution.status:executed

execution.capability:summarize.mailbox.sent

Verification block

signature_algorithm:ed25519

canonicalization:jcs-rfc8785

offline_verifiable:true

document

Source policy memo

input_support

tenant_internal

keon://cortex/documents/doc_7a91

video

Operator approval recording

human_authority_delegation

restricted

keon://evidence/media/vid_9012

external_url

Vendor system audit record

outcome_support

external_reference

https://vendor.example/audit/events/8841

Decision

APPROVED

Policy-authorized outcome

Evidence pack

Referenced

f5b7d9f1-b3d5-4f5b-b7d9-f1b3d5f5b7d9

Artifacts

3 refs

Inspectable support surface

Browser-local cryptographic validation is not claimed here. Verification requires a verifier response; unavailable remains unavailable, never verified.

Embedded inspection surface. Use the proof actions below for full tour access.

Open Evidence Pack Tour View Cognitive Density Replay Request Access

Artifact Inspection

What each surface contains.

Select an artifact component to inspect what it contains, what it proves, and what remains verifier-bound.

ARTIFACTS panel

Pack-level receipt

The EvidencePack receipt is the envelope that ties together the decision, outcome, PolicyHash, artifact references, and verifier posture. It is the artifact a verifier inspects to confirm that a governed action was evaluated under a specific policy before effect.

decision receipt reference

outcome receipt reference

policy_hash — binds the decision to canonical policy state

artifact[] — identifiers of the supporting evidence

verifier posture — offline-verifiable or requires runtime

Logs vs Receipts

This is not a feature comparison. It is a question of what is provable.

Can it establish the action was authorized?

No. A log records what happened. It does not establish that it was permitted.

A receipt can support authorization review only when validated by the verifier that issued or recognizes the proof chain.

Can it be independently verified?

No. Verification requires access to the original system to confirm the log is authentic.

Yes, when a valid evidence pack, artifact set, and recognized verifier are available. The configured decide_only policy check surface shown here is not full receipt verification.

Is it tamper-evident?

No. Logs are mutable. A modified log is indistinguishable from an original without external controls.

Tamper evidence depends on backend signature and anchor validation, not browser-local comparison.

Does it bind to a specific policy version?

No. A log entry cannot establish which policy version was active at execution time.

The PolicyHash, evidence-pack reference, and artifact bindings are present in the sample envelope and must be checked by the verifier before verification can be claimed.

PolicyHash binds a decision to canonical policy state at evaluation time — a concept defined by CPP v1.0 — the protocol for deterministic, verifiable, independently reproducible policy decisions. The Governed Spine is the append-only, tenant-scoped causal evidence chain that records all governed events.

What this page establishes

Receipt identity is inspectable — type, version, tenant, actor, and correlation are exposed on the public surface.

Governance binding is inspectable — PolicyHash, actor, and correlation anchor the decision to its policy context.

Evidence-pack and artifact references are visible, not implied.

Verification posture is explicit — algorithm, canonicalization, and offline-verifiable flag are in the envelope.

Cryptographic validation remains verifier-bound — no browser-local verification success is claimed here.

What comes next

The public sample now shows the receipt envelope, the evidence-pack reference, and the supporting artifacts. Full signature and artifact verification still depends on verifier runtime and trust material.

Request Access View Cognitive Density Replay Read the standard