Could your agent logs survive a dispute?
Paste logs, traces, JSON, or a signed record. See what is merely observable and what another party can independently verify. Signed records are signature-checked in your browser.
Logs help you debug. Signed records help others verify.
For incident review, disputes, payment questions, and audit evidence.
- Runs locally
- Native WebCrypto Ed25519
- Open source
- Portable record format
Could your logs survive an incident review?
Choose what happened. See what another party can verify.
Pick a workflow for a real sample, or paste your own below. Runs entirely in your browser.
This checker assesses whether your evidence is independently verifiable. It does not prove the underlying event happened unless you provide a valid signed record.
Structural scorecard for logs, traces, and JSON is heuristic. Paste a signed record (compact JWS) and its Ed25519 signature is verified in your browser. Nothing is uploaded; issuer-key lookups are opt-in and shown first. A valid signature does not assert the claims inside are true.
What this does not check
The structural scorecard does not confirm that claimed timestamps or policy bindings are authentic, and a valid signature proves only the issuer and integrity of a record, not that its claims are true.
This is a signed record. Verify its Ed25519 signature locally. Provide the issuer key by pasting a JWK or JWKS, or resolve it from the issuer (you will see the URL first).
Your key and record stay in your browser. Nothing here is uploaded.
Verification runs in your browser with native WebCrypto. A valid signature proves who issued the record and that it was not altered. It does not assert that the claims inside are true.
PEAC defines the portable signed-record shape (interaction-record+jwt) this verifier checks.
What good looks like: logs → signed record Same event, two evidence levels: internal logs vs a signed record another party can verify. View example
"peac_version": "0.2",
"kind": "evidence",
"type": "org.peacprotocol/agent-action",
"iss": "https://demo.whatdidmyagentdo.com",
"iat": 1748736000,
"jti": "019d7400-0000-7000-8000-000000000abc",
"ext": { "org.peacprotocol/agent-action": { "action": "tool.call", "tool": "search_customer_orders" } }
}
What your logs cannot settle
Did the agent actually accept those terms?
Your logs recorded a policy decision. Another party has no way to verify what terms were in effect.
Did the tool call happen before or after the policy changed?
Timestamps in your system are assertions, not proof. Without a signed record, ordering is disputable.
Which party can verify this without trusting your dashboard?
Internal traces are useful for debugging. They are not evidence for a counterparty, auditor, or regulator.
Can this survive an incident review?
When three teams and two vendors are involved, screenshots and log excerpts are not enough.
What was actually authorized vs what was charged?
Payment logs show intent and outcome. They do not prove what policy applied at the moment of authorization.
Where this helps
- Incident review
- Vendor and customer disputes
- Payment and authorization questions
- Audit and compliance evidence
How this checker works
Scoring rules, limits, and source code.
How scoring works
Read the exact classification rules, score ranges, and known limitations used by the analyzer.
Open methodologySource code
This tool and the open standard it builds on are both public, so anyone can inspect them.
Tool source PEAC standardPrivacy boundary
Local-only diagnostic. The analyzer runs in your browser and does not upload pasted input.
Privacy policy
[](https://whatdidmyagentdo.com)
Frequently asked
What does this analyzer actually do?
It classifies pasted input and scores evidence-related structure such as issuer fields, timestamps, policy references, and signed-record shape. It helps separate local observability from independently verifiable evidence.
Does this page verify cryptographic signatures?
Yes, for signed records. Paste a compact JWS interaction record and the page verifies its Ed25519 signature in your browser using native WebCrypto, against a key you paste or an issuer key you choose to resolve. A valid signature proves who issued the record and that it was not altered; it does not assert that the claims inside are true. The structural scorecard for logs, traces, and JSON is heuristic.
Does this replace auth, observability, or payment systems?
No. Signed records are additional evidence that can travel across parties. They complement auth, payment rails, observability platforms, and runtime infrastructure.
Who is this for?
Teams handling incidents, customer disputes, payment questions, or audits where another party needs independently verifiable records.
Is this tied to PEAC or Originary?
You do not need to adopt PEAC or buy anything to use this checker. The page is a standalone public utility. It uses PEAC-style signed-record concepts in the sample format, and the source is public. Built by Originary.
What happens to my pasted data?
Analysis and signature verification run entirely client-side. Your pasted input is never uploaded, stored, or sent to any server. The only network request the page can make is an issuer-key lookup you explicitly trigger, and the exact URL is shown before your browser requests it.
Technical background
How signed records work in practice
Publish policy
Services expose machine-readable policy and terms so behavior can be interpreted consistently.
Return a signed record
After processing an agent request, the service returns a signed record of what happened.
Verify independently
Another party can verify the record using issuer keys and local verification tooling.
Use in review or disputes
Records can support incident review, dispute resolution, audit, and compliance workflows.