API Reference.
Receipts on demand.
Trust Gate is the cryptographic accountability layer for AI agents. Every customer-facing endpoint requires authentication. Internal endpoints, policy authoring, telemetry ingestion, and autonomous code-generation interfaces are not exposed publicly — contact sales for SDK + production credentials.
Need a production credential? Book a 30-min onboarding or email apps@cyberwarriornetwork.com.
Authentication.
Every request requires a Bearer token in the Authorization header. Tokens are scoped to a single tenant, audited on every call, and rotate on a 90-day cycle (or on-demand via the customer portal).
Authorization: Bearer <your-api-key>
Content-Type: application/json
X-Tenant-Id: <your-tenant-id>| Scope | Grants |
|---|---|
decisions:write | Mint TrustAtom receipts via /api/decision/evaluate |
decisions:read | Query the evidence graph (recent, denied, lineage, range, analytics) |
receipts:verify | Verify cryptographic signatures on any TrustAtom (read-only, audit-friendly) |
explain:read | Generate human-readable policy explanations for a decision ID |
429 Too Many Requests on overflow with a Retry-After header.High Availability.
Trust Gate runs with graceful degradation — the receipt pipeline never goes down, even when downstream services do. Decisions and receipts are always minted and always cryptographically signed.
| Mode | Behaviour |
|---|---|
| Full | All services nominal. Receipts written to evidence graph synchronously. |
| Degraded | One downstream service unavailable. Receipts continue, written to durable queue, replayed on recovery. |
| Sandbox | Evaluation tier. Returns watermarked demo receipts that are not production-grade evidence. |
SLA: 99.99% uptime on Enterprise tier with <120ms p99 latency. Status: status.cyberwarriornetwork.com.
Decision Engine.
Three customer-facing endpoints: gate a decision, verify a receipt, explain a verdict.
Gate a request through your tenant's policy. If allowed, mints a court-admissible notarization (hybrid post-quantum signature, evidence-hashed) and writes to the immutable evidence graph. If denied, returns the policy reasoning — no notarization is minted.
{
"tenant_id": "<your-tenant-id>",
"decision_id": "<client-supplied-uuid>",
"principal_id": "<the-human-or-system-actor>",
"agent_id": "<the-AI-agent-acting>",
"action": "READ_EVIDENCE",
"resource_id": "<the-resource-being-acted-on>",
"request_category": "GRAPH_READ"
}{
"decision": {
"decision": "ALLOW",
"reasons": ["action_in_safe_categories"],
"policy_version": "<tenant-policy-hash>"
},
"trustatom": {
"id": "ta_<hex>",
"evidence_hash": "<sha-256>",
"signature_b64": "<ed25519-signature>",
"pq_signature_b64": "<ml-dsa-65-signature>",
"minted_at": "2026-05-06T13:56:40Z"
},
"timing": { "total_ms": 87 }
}{
"decision": {
"decision": "DENY",
"reasons": ["policy_constraint_violated"],
"policy_version": "<tenant-policy-hash>"
},
"trustatom": null
}Verify the hybrid post-quantum signature and evidence hash of a notarization. Verification is independent of the issuer — auditors verify any notarization with the public key alone, no Trust Gate access required. Court-admissible under ESIGN and eIDAS.
{
"evidence_hash": "<sha-256>",
"signature_b64": "<ed25519-signature>",
"pq_signature_b64": "<ml-dsa-65-signature>",
"receipt_payload": { "...": "the original receipt JSON" }
}{
"ok": true,
"ed25519": { "valid": true },
"ml_dsa_65": { "valid": true },
"evidence_hash": { "match": true },
"verified_at": "2026-05-06T14:02:11Z"
}Generate a human-readable explanation for a decision by ID. Returns reasoning + compliance framework alignment.
{
"decision_id": "<previously-minted-decision-id>",
"mode": "why_allowed"
}Modes: why_allowed · why_denied · constraints · similar_decisions
{
"ok": true,
"explanation": {
"summary": "<natural-language-summary>",
"policy_rules": ["<rule-name>"],
"compliance_alignment": {
"nist_ai_rmf": ["<applicable-control>"],
"soc2": ["<applicable-control>"],
"eu_ai_act": ["Article 50 transparency"]
}
}
}Evidence Graph.
Read endpoints over the immutable receipt graph. All endpoints honour X-Tenant-Id — you only see receipts for your tenant.
Tenant-scoped aggregates — total decisions, allow/deny split, receipt count, principal + agent counts.
Recent decisions with receipt IDs, descending by timestamp. Query params: limit (default 20, max 100).
Denied decisions with policy reasoning. Useful for compliance review + auditor walk-throughs. Query params: limit (default 20, max 100).
Full lineage for a single decision — decision node + receipt + policy verdict + actor chain. The artifact auditors actually ask for.
Analytics.
Operational dashboards over the receipt graph. Per-tenant, time-bounded.
Time-range filtered decisions. Defaults to last 24 hours. Query params: since_ms · until_ms · limit (default 100, max 1000).
Per-agent decision statistics: total, allow count, deny count, deny rate. Anomaly surface for security review. Query param: limit (default 20).
Compliance-framework coverage distribution — which frameworks are most exercised by your tenant's decisions. Useful for audit prep.
Receipt Fields.
Every TrustAtom receipt includes provenance fields so auditors can trace lineage, environment, and risk category for each decision.
| Field | Type | Description |
|---|---|---|
env | enum | SANDBOX · STAGING · PRODUCTION |
parent_decision_id | string | Links to the parent decision in a causal chain (empty if root) |
compliance_tags | string[] | Compliance framework alignment tags (NIST AI RMF, SOC 2, EU AI Act, CMMC 2.0, HIPAA) |
risk_category | enum | SAFE · MODERATE · HIGH · CRITICAL — computed from action class |
ttl_ms | int | Time-to-live for time-bounded decisions. 0 = permanent |
Risk categorisation is policy-driven and tenant-configurable. Default category mappings ship with the SDK; custom risk policies are authored via the customer portal (Enterprise tier) or scoped during onboarding.
Error Handling.
All endpoints return structured errors with a consistent shape. Internal stack details are redacted from production responses.
{
"ok": false,
"error_code": "AUTH_REQUIRED",
"message": "Authentication required.",
"request_id": "<opaque-trace-id>"
}| Error Code | When |
|---|---|
AUTH_REQUIRED | Missing or invalid Bearer token |
SCOPE_DENIED | Token lacks the required scope for this endpoint |
TENANT_MISMATCH | X-Tenant-Id does not match the token's scope |
INVALID_REQUEST | Missing or malformed request body fields |
NOT_FOUND | Decision ID or resource not found in your tenant |
RATE_LIMITED | Per-tenant rate limit exceeded; retry after Retry-After header |
SERVICE_UNAVAILABLE | Transient downstream issue; receipt is queued and will be replayed |
Every error response includes a request_id. Quote it when contacting support — it lets us correlate your request to the audit trail without exposing internal trace data.
SDK + MCP.
Drop-in language SDKs and an MCP server for direct AI agent integration.
Python and TypeScript libraries. One-line decorator gates a function call through Trust Gate, mints a receipt, and returns the wrapped result. Available to onboarded customers via private GitHub repo.
from cwn_trust_gate import trust_gate
@trust_gate(policy="data_pii", tenant_id="<your-tenant-id>")
def export_customer_records(query: str) -> list:
return db.query(query)
# Every call is gated, signed, receipted automatically.Model Context Protocol server — lets Claude / GPT / any MCP-compatible agent invoke Trust Gate directly. Available on the MCP registry for onboarded customers.
Wraps every Stripe Agent Toolkit operation with Trust Gate so AI agent payments produce a dual receipt — one from Stripe (the money moved), one from Trust Gate (the decision was authorised).
Get the SDK: Book onboarding or email apps@cyberwarriornetwork.com. Production credentials are issued at cohort onboarding.