Skip to main content
Drako records every agent action in a tamper-evident audit trail. Each entry includes the action taken, the policy decision, the policy snapshot active at the time, and a cryptographic link to the previous entry.

What gets recorded

Every entry in the audit trail captures:
  • Agent identity — DID of the acting agent
  • Action — tool name and arguments
  • Policy decision — allowed, blocked, or escalated, with the reason
  • Policy snapshot reference — the exact SHA-256 snapshot ID of the .drako.yaml in effect at the time of the action
  • Intent proof — the Ed25519-signed intent token from Gate 1 and Gate 2 of the enforcement pipeline
  • Cost — token usage and estimated USD cost
  • Timestamp — RFC 3339, UTC

Cryptographic properties

With cryptographic: true, the audit trail cannot be altered after the fact without detection:
  • SHA-256 hash chain — each entry includes the hash of the previous entry; tampering with any record breaks the chain
  • Ed25519 signatures — each entry is signed with Drako’s private key; signatures can be verified independently
  • Tamper-evident — any modification to a historical record is detectable by re-running the chain verification
This produces an audit log that is acceptable as evidence to regulators and SOC 2 auditors.

Configuration

policies:
  audit:
    enabled: true
    cryptographic: true            # SHA-256 hash chain + Ed25519 signatures
    retention_days: 365
FieldDefaultDescription
enabledtrueEnable audit logging
cryptographicfalseEnable SHA-256 hash chain and Ed25519 digital signatures
retention_days7How long to retain audit records
cryptographic: true is required for EU AI Act Article 12 (record-keeping) and SOC 2 Type II audit evidence. The eu-ai-act and enterprise policy templates enable it by default.

Context versioning

Every time you push a new .drako.yaml, Drako creates an immutable SHA-256 snapshot of the policy. Audit log entries reference the snapshot ID — not the current config — so you can always determine exactly which policy was in effect when any action occurred. 
drako history           # view policy snapshot history
drako diff v2 v3        # compare two policy versions
drako rollback v2       # restore a previous policy
This means a config change never retroactively alters the interpretation of past audit records.

Exporting for compliance

The audit trail can be exported for regulators, external auditors, and SIEM/observability platforms.
Pipe traces via OpenTelemetry to any OTEL-compatible backend:
policies:
  observability:
    otel:
      enabled: true
      endpoint: https://otel.datadoghq.com
      headers:
        DD-API-KEY: ${DD_API_KEY}

EU AI Act Article 12

Article 12 of the EU AI Act requires high-risk AI systems to automatically log events for the lifetime of the system. Drako’s audit trail satisfies Article 12 by:
  • Recording every action automatically, without requiring agent code changes
  • Linking each record to the exact policy version active at the time
  • Providing cryptographic integrity guarantees
  • Supporting configurable retention (set retention_days: 365 or higher for systems subject to Art. 12)
  • Generating exportable compliance reports from real runtime data

Build docs developers (and LLMs) love

Get started for freeTalk to us