Impossible Replay

Watch causality prove itself.

Most systems prove that an action happened. This plays one governed decision's signed chain backward — from the recorded outcome to the originating request — and lets you verify each link independently.

The rule this page obeys: every node shows only what it can prove for this decision right now. 1 verified just now against an ephemeral demo key; 2 recorded server-side (not independently re-checkable); 6 honestly marked not-applicable, roadmap, or unattested. A walk where every node turns green is the one to distrust.

What happened

An AI agent (refund_bot_v3) attempted billing.issue_refund for $4,200.

It was HIGH-risk and exceeded the agent's autonomy, so Strix required human approval (cfo@acme) before it could execute. Below is that decision's signed chain, replayed backward — verify any link yourself.

Outcome → originating intent. Each node shows only what it can prove.
  1. Transparency-log inclusionROADMAP

    Would prove inclusion in an append-only transparency log (roadmap).

    Strix-CT STH / inclusion proof

    Strix-CT is reference-impl only (not production-wired).

  2. Enforced at executionROADMAP

    Would bind the actual tool execution to this decision (CP-K-001 — roadmap).

    execution_receipt_v1 (CP-K-001)

    execution_receipt_v1 (CP-K-001) is not production-wired; rendered, never greened.

  3. Proof-chain linkageN/A FOR THIS DECISION

    This record is linked into the tenant's append-only hash chain.

    proofChainHash (signed field) + chain walk

    This demo record is a chain genesis (no prior link).

    artifact: demo-ev-0004

  4. Signed evidence recordVERIFIED

    The executed billing.issue_refund ($4,200) was recorded as a signed evidence record.

    DecisionEvidence — SE v1, 13-field canonical, Ed25519, proofChainHash

    Verify it yourself: <strix-verify> WebCrypto · /api/public/verify · npx @strixgov/verifier <id> · Python

    Verified now against the ephemeral demo key (strix-demo-ephemeral-2026-06) — real Ed25519 over the canonical payload.

    artifact: demo-ev-0004

  5. Execution token redemptionSERVER-ATTESTED

    A single-use token was issued for the refund tool call, then redeemed once.

    execution_token — HMAC-SHA256, single-use, atomic redemption (tokens.ts)

    HMAC keyed by a server secret — recorded server-side, no public per-decision artifact.

  6. Approval(s) / quorumN/A FOR THIS DECISION

    Approved by cfo@acme — separation of duties (approver ≠ requesting agent).

    SalesApprovalArtifact — Ed25519, chain-hashed (sequenceNum + previousArtifactHash)

    This demo records the approval gate as a signed decision record, not a separate chain-hashed SalesApprovalArtifact. Mint a quorum decision (Mode A) for a verifiable approval chain.

  7. Policy versionN/A FOR THIS DECISION

    The action was matched to a content-addressed policy version at decision time.

    content-addressed sha256 of the ruleset (policy.ts)

    The content-addressed policy version is bound on the approval artifact; this demo mints none. Mode A surfaces it.

  8. Decision state machineSERVER-ATTESTED

    Evaluated as HIGH-risk → human approval required → approved → executed.

    DecisionService PROPOSED→EVALUATED→APPROVED→EXECUTED audit trail

    Recorded server-side (audit trail), not a public-key artifact.

  9. Originating request & actorUNATTESTED

    refund_bot_v3 (agent) requested billing.issue_refund for $4,200.

    decision intent + actorClass block

    actorClass reads CLASS_UNATTESTED — actor attestation (AA-1) is dormant; no claim about which agent acted under whose authority.

Signed + verified the moment this page loaded with an ephemeral demo key (strix-demo-ephemeral-2026-06) — never the production key. This proves the mechanism; the panel below verifies a real production record the same way.

Same verification, production key

A real record, checked live in your browser

The walk above runs on a demo key so it works with no setup. Here is the identical check against a real production evidence record, resolved against the public key set — not by us, by you.

Verify a real record — right now

Production evidence record 5686, re-checked live in your browser against the public verification API.

Checking…

Don't take our word for it — run the same check

npx @strixgov/verifier@latest 5686

Open-source verifier, standard Ed25519 + JWKS primitives, zero Strix dependencies. The signature is checked against the public keys at /.well-known/strix-jwks.json— the math doesn't require us to be in the loop.

npx @strixgov/verifier@latest 5686npx @strixgov/verifier@latest quorum <decisionId>