INFRASTRUCTURE01
Trace.
every action.
Governance layer for autonomous systems. Trace intercepts every subprocess call before it executes, evaluates it against the active rules, and produces a cryptographically signed receipt. The agent cannot disable it, route around it, or see past it.
Before execution
Actions are captured at the infrastructure level before they run. No agent co-operation required. The interception cannot be disabled by the agent.
Allow or deny
Governance rules are evaluated against the intercepted action before it reaches the system. Every action gets a decision: allow or deny. If no session is active, the action is unlinked from the receipt chain.
Signed, immutable record
Each decision becomes a signed receipt: what was proposed, what authority was present, what policy decided, and the outcome. Append-only. Cannot be rewritten.
LIVE02
46,916
RECEIPTS CAPTURED
279
PATTERNS OBSERVED
Distinct action patterns classified
7.7%
DENY RATE
Actions blocked by active policy
5
PACKAGES COVERED
messaging / filesystem / code / privilege / shell
MODES03
Three operating modes
Trace adapts to deployment context. Start in audit mode to observe without blocking and build a receipt corpus. Graduate to strict when the governance rules are ready to enforce.
Records everything. Never blocks. Default.
Every action is intercepted and receipted. Nothing is blocked. Use audit mode to observe what an agent does before introducing enforcement. It builds the receipt corpus that governs the next phase.
Logs violations but never blocks.
Governance rules are evaluated and violations are flagged in the receipt, but the action proceeds regardless. Use permissive mode for testing policy rules without disrupting the agent.
Blocks on policy violations before the action executes.
Any action that violates the active governance rules is stopped before it reaches the system. The receipt records the denial. Recommended for production deployments.
THE LOOP04
Receipts become training data
Every receipt Trace produces is a labelled governance decision: action, context, authority state, outcome. At sufficient volume, that corpus becomes training material for a specialised governance model.
Rocky-α was trained on real Trace receipts from software deployments. Rocky-DAM-α was trained on synthetic receipts generated from real infrastructure schemas. Both models learned to make allow, deny, and freeze decisions on scenarios they had never seen, because the receipt corpus demonstrated the boundary rather than described it.
An organisation running agents under Trace for a year accumulates a year of labelled, domain-specific decision history. There is no shortcut to that.
THE LOOP
An agent takes an action. Trace intercepts it before execution.
Governance rules are evaluated. Decision: allow or deny.
A signed receipt is produced. Immutable record of the decision.
Receipts accumulate into a labelled corpus of governance decisions.
A specialised model trains on the corpus. Learns the permission boundary from demonstration.
The trained model governs the next generation of actions. The loop continues.
HOW IT WORKS05
Outside the agent. Below the framework.
Trace wraps the agent process. It does not sit inside it. Interception happens at the process boundary before any action reaches the system. The agent has no visibility into Trace, no handle on it, and no path around it.
The receipt chain begins the moment a session is created and closes when it ends. Every governed action is linked to the chain. Actions taken outside a Trace session are unlinked and ungoverned. There is no partial coverage: the session either runs under Trace or it does not.
The receipt corpus is independently auditable. Signed with Ed25519, each receipt is verifiable by any party with no dependency on the issuing system. Compliance attestation reports can be generated directly from the receipt chain, covering OWASP Agentic and EU AI Act frameworks.
GET ACCESS06
Become a design partner
Trace is in active deployment with early partners. If you are building or running autonomous agents and need infrastructure-level governance, get in touch. Design partners work directly with the team and get early access to the Rocky model series.