Like SSL certificates for websites — but for autonomous AI systems. Every agent gets a verified identity. Every action gets a cryptographic receipt. Anyone can verify it independently, without trusting anyone.
Every AI agent gets a verified, cryptographic identity before it can operate. Like a passport — issued once, verified always.
Every time an agent makes a decision (approve, block, process), TBN signs a receipt. One API call. ~200ms. Immutable proof.
Anyone can verify any receipt — regulators, auditors, your customers — without trusting TBN or the agent's operator. Fully offline.
Simple & Detailed Explanation — 8 Steps
STEP 1 A Bot Developer Builds a Bot
A developer (BD) writes an AI program. The bot handles actions — answering questions, approving loans, writing to databases, making decisions autonomously. The BD gives the bot instructions: what it should do, what data it can access, what boundaries it must respect.
The bot is theirs. Their code. Their logic. Their instructions. TBN doesn't build it or modify it.
STEP 2 The BD Registers Their Bot With TBN
The BD comes to TBN and says: "I have a bot. Here's what it does. Here are its boundaries." We register the bot with a unique identity — like giving it a passport. Now we know who it is and what it claims to do.
Registration = identity. We know the bot exists and who operates it.
STEP 3 TBN Tests the Bot (6 Security Challenges)
Before we certify anything, we test the bot from the OUTSIDE. We don't touch its code — we just send it messages and check how it responds.
🔴 Prompt Injection — Can we trick it into breaking its rules?
🔴 Hallucination — Does it make stuff up when it doesn't know?
🔴 Data Boundary — Does it stay in its lane?
🔴 Sensitive Data — Does it leak private information?
🟡 Budget & Limits — Does it respect its operational limits?
🟢 Instruction Following — Does it do what it's told accurately?
STEP 4 Pass? Certificate Issued.
If the bot passes all critical tests, TBN issues a certificate confirming: "This bot was tested. It passed. It is certified to operate within its declared boundaries." If it fails, we tell the BD exactly what went wrong. They fix their bot. They come back for re-testing.
The certificate proves the bot WAS capable of staying within boundaries at the time of testing.
STEP 5 TBN Starts Recording Every Action
Once certified, the bot goes into production. From now on, every time it makes a decision — approve, deny, escalate, write, send — it reports that action to TBN. TBN signs each action with a cryptographic receipt. A unique number, a timestamp, what happened, who did it. Signed and sealed.
One action = one receipt. Every receipt is independently verifiable by anyone. This continues forever, for every action.
STEP 6 The Only Escape: Stop Using TBN
The only way for the bot to escape being documented is if the operator stops using our service. They can disconnect — but all receipts already issued remain permanently on our server. They can't delete past evidence. They can't modify receipts. They can't ask us to remove them.
If a certified bot suddenly goes silent (stops reporting), TBN detects the gap and can flag it. Like a dashcam being unplugged before a crash — suspicious.
STEP 7 Anyone Can Verify Any Receipt
Receipts are not locked to the customer. Anyone can verify them: the bot operator can audit their own actions, a regulator can check any receipt independently, an auditor can review the full history, a partner or client can confirm actions happened. No login required. No trust required. Offline verification with our published public key.
The receipts prove THAT something happened. They don't reveal WHAT the private content was.
STEP 8 What We Know vs What We Don't
✅ What TBN CAN tell you:
• This bot exists and is certified
• An action happened at this time
• The action was: approved / denied / escalated
• This receipt is genuine and untampered
❌ What TBN CANNOT tell you:
• What exactly the customer asked
• The full text of the bot's response
• The internal data the bot processed
We prove the ACTION happened. We don't expose the CONTENT. This protects privacy while maintaining accountability.
AI agents approving loans, processing claims, making investment decisions. Every decision needs a provable audit trail for regulators (FCA, PRA, ECB).
AI agents triaging patients, processing referrals, interpreting results. Clinical governance requires proof of every automated decision.
Companies like Beyond Guard, ActTrident, and Airia that enforce AI policies — TBN makes their governance independently verifiable.
Any company using AI agents to write to CRMs, databases, ticketing systems. When the auditor asks "prove what your AI did" — show them the receipts.
Every receipt is independently verifiable. Try it right now:
Verify a real production receipt:
GET https://tbn.hardinai.co.uk/api/v1/verify/tbn_vr_0af954b9c2bf6f2645c64536cb4f4c9f
Get our public signing key (for offline verification):
GET https://tbn.hardinai.co.uk/api/signing/public-key
Check system health:
GET https://tbn.hardinai.co.uk/api/v1/health
Offline verification: Extract 8 receipt fields → canonical JSON (sort_keys, no whitespace) → RSA-PSS / SHA-256 / MGF1 / salt=MAX against published key. No server call needed.
Integration takes hours, not months. One API call per decision. First 1,000 receipts free.
TBN Protocol is an independent certificate authority for AI agents — the trust infrastructure that the AI agent economy needs to operate safely and accountably. Just as SSL certificates enabled e-commerce by verifying website identity, TBN Protocol enables governed AI by verifying agent identity and certifying agent actions with cryptographic proof.
AI agents are increasingly autonomous — making decisions, writing to business systems, processing sensitive data without human intervention. The EU AI Act (effective August 2026), NY SB8420, California SB942, and South Korea's AI Basic Act all require transparency and accountability for AI-generated actions. Without independent certification, companies rely on self-reported logs that can't be independently verified by regulators or auditors.
TBN Protocol operates at two points: before the agent acts (identity certification) and after each action (attestation receipt). Every receipt is signed with RSA-PSS-SHA256 using a 2048-bit key. The signature covers a canonical JSON of eight fields and can be verified offline by anyone with the published public key — no server call, no trust required.
TBN Protocol serves AI governance tools, enterprise companies deploying AI agents, financial services firms requiring audit trails, and any organisation that needs to prove AI decisions are governed. Our first production partner, Shango MID, has verified 1,000+ receipts in production — TBN attests, Shango enforces. Every receipt is independently verifiable.
A log written by the same system that performed the action is not oversight — it's documentation. TBN provides independent, cryptographic proof signed by a third party. The receipt exists outside the operator's control, can't be edited, and is verifiable by anyone. That's the difference between "we say we governed it" and "here's the proof anyone can check."
TBN receipts include the compliance frameworks evaluated against each decision — including EU AI Act, ISO/IEC 42001, GDPR, SOC2, and others. The framework context travels inside the signed receipt, so compliance evidence is embedded in the cryptographic proof itself.
Yes. TBN Protocol is open source under AGPL-3.0, available on GitHub and installable via PyPI (pip install tbn-protocol). The signing specification is published, the public key is available at /api/signing/public-key, and offline verification is documented — ensuring no single point of trust.
Trusted by governance teams building the future of AI accountability.
Write-governance & memory custody for enterprise AI. Shango validates every write at the middleware boundary. TBN attests upstream identity and cryptographic proof.
TBN attests. Shango enforces. Together: the only end-to-end governance stack for enterprise AI.
Learn more about Shango →