Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.visiqlabs.com/llms.txt

Use this file to discover all available pages before exploring further.

Every governance decision — tool authorizations and context filtering — emits a signed envelope capturing the action. There is no additional code; the audit trail activates automatically from the same visiq() call.

What gets recorded

Each decision produces a RecordEnvelope: 
interface RecordEnvelope {
  id: string;                           // UUIDv4
  source: "allow" | "recall";           // Which governance layer
  vendor_id: string;                    // Your organization
  decision_id: string;                  // Links to the ALLOW/RECALL decision
  actor_id: string;                     // Agent identity (agentId)
  decision: string;                     // "permit", "deny", "approval_required", "redact"
  event: Record<string, unknown>;       // Tool name + args, or document metadata
  attestation: {
    signature: string;                  // Ed25519 signature (base64url)
    public_key: string;                 // Ed25519 public key (base64url, raw 32-byte)
    payload_hash: string;               // SHA-256 hash (hex, 64 chars)
  };
  emitted_at: string;                   // ISO-8601 timestamp
}

How signing works

  1. The decision payload (decision ID, vendor, customer, action, data hash, timestamp) is serialized to canonical JSON
  2. SHA-256 hash of the payload is computed
  3. The hash is signed with an Ed25519 private key
  4. The signature, public key, and payload hash are bundled into the attestation field
Envelopes are hash-chained — each envelope references the previous envelope’s hash, creating a tamper-evident sequence. If any envelope is modified or removed, the chain breaks.

Verification

Import verification types from the @visiq/sdk/record subpath: 
import type {
  RecordEnvelope,
  RecordDecisionPayload,
  SigningResult,
  ReceiptVerificationInput,
} from "@visiq/sdk/record";
To verify an envelope’s integrity:
  1. Recompute the SHA-256 hash of the decision payload
  2. Verify the Ed25519 signature against the public key and payload hash
  3. Walk the hash chain to confirm no envelopes are missing or tampered

What RECORD proves

QuestionEvidence
Did the agent attempt this action?event field with tool name and arguments
Was the action authorized?decision field: permit, deny, or approval_required
What context did the agent see?RECALL envelopes log each document’s allow/deny/redact verdict
When did it happen?emitted_at timestamp in the signed payload
Has the record been tampered with?Hash chain integrity + Ed25519 signature verification

Next steps

ALLOW

How tool-call authorization decisions are made.

RECALL Receipts

Detailed receipt verification with code examples.

SDK Reference

Complete visiq() API and @visiq/sdk/record types.