Agent Receipts

Your AI agent remembers everything — and you can prove it.

Persistent memory for AI agents, backed by cryptographic receipts. Every fact your agent learns is signed, traceable, and independently verifiable. No cloud required.

Try the Interactive Demo · Install in 30 Seconds · How It's Different

The Problem

You're building with AI agents. Claude Code refactors your auth module and says "done, all tests pass." Your agent generates a customer quote and says it applied the right pricing. Your assistant remembers your preferences from last week — but you can't see why it thinks that, or whether it's right.

Three things are broken:

1. Agents forget everything between sessions. Every conversation starts from zero. Context is lost. You re-explain the same things.

2. When agents do remember, you can't see inside. Platform memory is a black box. You can't see what it stored, when, or why. You can't correct it, export it, or verify it.

3. There's no proof of what agents actually did. Logs are mutable. Agents write their own logs. "I updated 3 files and all tests pass" — did it? You're trusting the agent's word about its own work.

What Agent Receipts Does

Memory that actually works

Your agent gets structured, persistent memory across sessions — people, projects, tools, preferences, facts. Not a flat key-value store. An entity-observation graph where every fact links to the conversation that created it.

# Your agent learns something
memory_observe → "User prefers TypeScript, uses Neovim, building a SaaS called ModQuote"

# Next session, it already knows
memory_context → loads everything: entities, observations, relationships, preferences

# You can search it
memory_recall → "what tech stack does the user prefer?" → structured results

# You can forget (and the forget itself is tracked)
memory_forget → soft delete with audit trail

The agent handles this automatically when you add the system prompt. You don't manage memory manually.

Proof that's actually proof

Every memory observation and every agent action produces a receipt — a signed JSON document with:

• Ed25519 signature — tamper-proof, independently verifiable
• Input/output hashes — proves exactly what went in and came out (raw data never stored)
• Timestamps — when it happened, when it completed
• Agent ID — which agent did it
• Provenance chain — trace any memory back to the conversation that created it

This isn't logging. Logs are mutable text files the agent writes about itself. Receipts are cryptographic proof that a third party can verify without trusting you, your server, or the agent.

Everything runs locally

npx @agent-receipts/mcp-server

That's it. No API key. No account. No cloud. No monthly fee. No data leaving your machine. SQLite database in ~/.agent-receipts/. Works offline.

Why This Exists

I was building ModQuote — a multi-tenant SaaS where AI agents generate quotes for automotive protection shops. Real money, real customers, real liability.

When Claude generated a $2,400 PPF quote, I needed answers: What vehicle data did it receive? What pricing rules did it apply? If a customer disputes the price, can I prove what happened — not with a log entry the agent wrote about itself, but with cryptographic proof?

I looked at the existing tools:

• Mem0 — great memory, but no proof. It remembers things, but can't prove when or why it learned them. Memories are mutable.
• Langfuse — great observability, but it's tracing, not proof. Logs are internal to your system, not verifiable by third parties.
• Zep — temporal knowledge graph, but hosted and opaque.

None of them could answer: "Prove to someone outside your system that this specific agent took this specific action with this specific input at this specific time."

So I built Agent Receipts. Now every quote generation is a signed receipt. Every memory has a provenance chain. And when someone asks "how did the agent come up with that number?" — I hand them a receipt they can verify themselves.

How It's Different

Agent Receipts isn't a better version of these tools. It's a different thing.

Mem0 answers: "What does my agent remember?" Langfuse answers: "What happened in my LLM pipeline?" Agent Receipts answers: "Can you prove it?"

Get Started

1. Add the MCP Server

Claude Code:

claude mcp add agent-receipts -- npx @agent-receipts/mcp-server

Claude Desktop (claude_desktop_config.json) / Cursor (.cursor/mcp.json):

{
  "mcpServers": {
    "agent-receipts": {
      "command": "npx",
      "args": ["@agent-receipts/mcp-server"]
    }
  }
}

2. Add the System Prompt

This tells your agent when to observe memories, recall context, and track actions — so it works automatically:

npx @agent-receipts/cli prompts claude-code

Copy the output into your project instructions or system prompt.

3. Start Using It

Your agent will now:

• Call memory_context at the start of sessions to load what it knows about you
• Call memory_observe when it learns something worth remembering
• Call track_action when it performs significant actions
• Sign everything with Ed25519

4. See What's Happening

npx @agent-receipts/dashboard    # Web UI at localhost:3274
npx @agent-receipts/cli stats    # Terminal overview
npx @agent-receipts/cli memory entities  # See what your agent remembers

5. Try Before Installing

Run the interactive demo → — experience memory, verification, and bundle export in 60 seconds. No install required.

What's Inside

• 24 MCP tools — memory, actions, verification, constraints, judgments, invoicing, bundles
• 21 SDK methods — full TypeScript API
• 14 CLI commands + 9 memory subcommands — terminal-first
• 18 dashboard pages — receipts, memory graph, chains, agents, constraints, judgments, invoices
• 492 tests — zero TypeScript any, zero ESLint warnings
• Ed25519 + SHA-256 — via @noble/ed25519 (audited, pure JS)
• SQLite + FTS5 — local-first with full-text memory search

Portable Memory Bundles

Export your agent's entire memory as a single verifiable file:

npx @agent-receipts/cli memory export > my-project.bundle.json

The bundle includes every entity, observation, relationship, the receipts that created them, and the public key needed to verify everything. Hand it to another agent, another team, or another Agent Receipts instance — they can verify every fact without trusting you.

Links

~/.agent-receipts/
├── keys/
│   ├── private.key    # Ed25519 private key (mode 0600)
│   └── public.key     # Ed25519 public key
├── receipts.db        # SQLite database (receipts + memory)
└── config.json        # Agent and org configuration

Packages

Roadmap

• Cloud tier — team dashboards, multi-agent memory sync, cross-org verification
• Semantic recall — embedding-powered memory search
• Framework adapters — LangChain, CrewAI, AutoGen integrations
• Cross-org trust bridges — two organizations verifying each other's agent receipts

License

MIT

Built by Amin Suleiman — building ModQuote and Agent Receipts.