How it Works - VaultGraph Docs

Integrating VaultGraph takes four steps. You don’t need to change your agent’s core logic — just hook into the completion event and emit a receipt.

The lifecycle

Step by step

1. Set up your vendor org

Create an API key in Org Settings (keep it server-side only)
Generate an Ed25519 keypair using the SDK or your own tooling
Register at least one agent and one consumer — via the platform UI or the Agents API and Consumers API

2. Hook into your agent’s completion event

When your agent finishes a job (resolves a ticket, completes a task, answers a query), capture the outcome and any context you want to hash. You don’t send raw transcripts to VaultGraph. You hash them locally and send only the hash plus metadata like resolution, job_id, and agent_id.

3. Submit a signed receipt

Use the SDK’s one-line convenience function:

import { submitSignedReceipt, hashContext } from "@vaultgraph/sdk";

await submitSignedReceipt({
  apiKey: process.env.VAULTGRAPH_VENDOR_API_KEY!,
  publicKey: process.env.VAULTGRAPH_VENDOR_PUBLIC_KEY!,
  privateKey: process.env.VAULTGRAPH_VENDOR_PRIVATE_KEY!,
  agentId: "agent-uuid",
  consumerId: "consumer-uuid",
  jobId: "job-001",
  resolution: "success", // or "partial" or "failed"
  contextHash: hashContext({ transcript: "..." }),
  metadata: { channel: "email", duration_ms: 1200 },
});

VaultGraph verifies the Ed25519 signature, checks that the agent and consumer belong to your org, and stores the receipt. The response confirms verification:

{ "id": "receipt-uuid", "status": "verified" }

4. View trust scores and audit receipts

Once receipts start flowing, your vendor dashboard updates automatically:

Trust score trend — a 30-day area chart showing daily trust scores
KPI cards — overall trust score, total receipts, verified rate, active agents (with period-over-period deltas)
Resolution breakdown — bar chart of success vs. partial vs. failed
Top agents table — ranked by trust score with receipt counts

Your customers (consumers) can log into their own org view to see receipts for jobs run on their behalf. They see the outcome, the vendor’s verified signature, and the timestamp — but never the raw context.

5. Export proofs

Authorized org members can export receipt metadata, signatures, and hash proofs as JSON for internal reviews, compliance reporting, or third-party audits. Exported receipts can be verified offline using the SDK:

import { verifyReceipt } from "@vaultgraph/sdk";

const valid = verifyReceipt({
  receipt: exportedItem.receipt,
  signature: exportedItem.signature,
  publicKey: vendorPublicKey,
});

What happens under the hood

Step	Who	What
Hash	Your backend	Runs `hashContext()` on sensitive data (SHA-256)
Sign	Your backend	Signs the canonical receipt JSON with your Ed25519 private key
Submit	Your backend	POSTs to `POST /api/receipts` with `x-api-key` auth
Verify	VaultGraph	Validates the signature against the submitted public key
Score	VaultGraph	Computes agent trust scores from verified receipt outcomes
Display	VaultGraph	Surfaces scores, charts, and receipt history in the platform

Getting started

​The lifecycle

​Step by step

​1. Set up your vendor org

​2. Hook into your agent’s completion event

​3. Submit a signed receipt

​4. View trust scores and audit receipts

​5. Export proofs

​What happens under the hood