A record no one can quietly rewrite.
Every decision your agents' actions receive — allow, hold, or block — lands in a tamper-evident record built to be shown to a client, an auditor, or a regulator. That record is free. Forever.
What the record is, mechanically.
Trust isn't a promise; it's a construction. Every decision GaaS makes is recorded so that tampering is visible by design:
Hash-chained
Each audit entry cryptographically commits to everything before it. Rewrite one record and the whole chain shows the break.
DLT-anchored
Chain checkpoints are anchored to a distributed ledger, so the record's integrity doesn't depend on trusting GaaS's own storage.
Signed verdicts
Every decision carries a co-signed governance proof token (ECDSA P-256) and the exact policy version it was judged against.
The result: every verdict is explainable, verifiable, and non-repudiable — including the ones that never made the news because the action never ran.
"Show me your safeguards" — already written.
The record isn't for you alone; it's for everyone who will eventually ask. A client wants proof their brand rules ran on every post — show the receipts. An auditor wants evidence the controls operated all year, not just during the audit — export the chain. A regulator asks how agent actions are supervised — point to a record where every consequential action carries its verdict, its reasoning, and the policy version that produced it.
Complete reasoning chains come standard: when something is blocked, the record says which policy triggered, which condition failed, and what would have made the action compliant. Nothing is blocked silently, and nothing is approved invisibly.
The record is free. Forever.
Not freemium. Not a trial that expires into a paywall. The audit record — the thing that earns your trust and answers your auditor — is free for every GaaS account, permanently. You pay for enforcement when you're ready to gate actions; you never pay for the truth about what your agents did.
The record is how trust in governed agents spreads — putting a price on it would be pricing the category's own foundation. Enforcement, attestation, and compliance mappings are the business; the record is the ground it stands on.
Governance is becoming a file you can read.
The agent ecosystem has settled a pattern: the things that matter live in plain-text files both people and machines read — agents.md for instructions, llms.txt for guidance, SKILL.md for skills, MCP for tools. There is no agreed file for governance. That's the gap auth.md closes.
auth.md declares, in a readable, version-controlled, signable file: who or what an agent may act as, its scopes and credential boundaries, and the actions that require a human's yes. Around it, a small family completes the picture — policy.md for the rules, audit.md for what must be recorded, escalation.md for when to stop and ask, and attestation.sig for the portable, signed proof of how the agent actually behaved.
GaaS is publishing auth.md as an open convention — free to adopt, with GaaS as its reference runtime. Governance you can diff in a pull request and enforce at runtime. The spec lands here when it ships; the record above is the proof the approach already works.
The auth.md spec will be announced on the blog and published on this page. Until then, the immutable record is live today for every account — including free Shadow Mode.
A record that compounds into trust.
The record isn't just defensive — it accrues. Agents governed through GaaS climb trust tiers: Registered (SDK integrated, policies active), Verified (30 days of compliant operation on the record), and Certified (independent audit, full deliberation enabled). A verifiable history is becoming what buyers, insurers, and procurement teams ask agents to present — and the record is how an agent has one to show.
Every objection, answered.
No — that is the point of its construction. Records are hash-chained (each entry cryptographically commits to everything before it), anchored to a distributed ledger for tamper-evidence, and verdicts carry signed governance proof tokens (ECDSA P-256) with policy epoch versioning. Altering a past record would break the chain visibly; that visibility is the guarantee.
auth.md is an open convention GaaS is publishing for declaring an agent's governance in a readable file: who or what the agent may act as, its scopes and credential boundaries, and the actions that require a human's yes. It follows the pattern the agent ecosystem already trusts — agents.md for instructions, llms.txt for guidance, SKILL.md for skills — and GaaS ships as its reference runtime.
An external layer that checks what your AI agents are about to do and allows, holds, or blocks it against your rules, keeping an immutable record of every decision.
No. GaaS is for any operator running agents. Regulated teams get framework mappings; everyone else gets control over what their agents do.
No. Start in Shadow Mode with just an email; it runs the full pipeline on real actions without enforcing anything, so there is zero operational risk. A developer wires the SDK in an afternoon, and you author policies in plain language.
Start free in Shadow Mode, no card. There is a free tier, then plans from $99 a month, and under a cent per governed action at scale. Nonprofits, NGOs, and veteran-owned businesses govern free for life. See pricing.
Routine actions clear in well under a tenth of a second. Only high-stakes decisions take longer, and only because you asked them to.
No. GaaS sits outside the agent and needs no model changes and no cooperation from the agent to work.
The opposite. Prompt guardrails cost 23,000 to 65,000 tokens per governance cycle; GaaS costs 200 to 500 and returns 30 to 60% of your context window. See The Context Dividend.
Prompt guardrails live inside the model, get re-read on every call, and can be argued away. GaaS is external and enforced; the agent cannot talk it out of a block.
Start the record today. It costs nothing, forever.
Start free in Shadow Mode — the full pipeline runs on your real agent actions, and every decision starts landing in your immutable record from day one. No credit card.
Start Free Shadow ModeHow the record gets written: How It Works · the architecture: Technical Specifications.