Real-Time Attestation
Protocol
Continuous cryptographic compliance at sub-8ms latency. Every agent action generates a STARK proof, chains into a verifiable timeline, and aggregates into a single tamper-proof commitment — in real time.
Protocol Architecture
From behavioral barriers to a tamper-proof compliance passport — four stages, fully automated, cryptographically linked.
Barriers
Define behavioral limits — baseline, UCL, LCL. The agent must stay within bounds.
Proofs
Each observation generates a STARK proof in < 8ms. Zero-knowledge — data never leaves the prover.
Chains
Proofs link via hash references. Each proof contains the previous proof's hash — a verifiable behavioral timeline.
Aggregates
Compress entire chain into a single Merkle commitment. Constant-time verification at any scale.
1. Configure Barriers
Define what "well-behaved" means for your agent. Set a baseline mean, upper and lower control limits, and the metrics you want to attest. SRTAP uses Integer EWMA for statistically rigorous behavioral tracking.
// MCP tool: sentinel_srtap_configure { "baseline_mean": 96, "ucl": 110, "lcl": 80, "security_level": 96 }
2. Observe & Prove
Feed behavioral observations into SRTAP. Each observation triggers a STARK proof that attests the agent stayed within barriers — without revealing the raw data. Proofs automatically chain to the previous one.
// MCP tool: sentinel_srtap_observe { "values": [95, 98, 92, 97] } // Returns: proof + chain position
3. Chain & Verify
Each proof links to the previous via previous_proof_hash. Auditors walk the chain from genesis to present, verifying cryptographic continuity. Any tampering breaks the hash chain.
// Chain structure genesis → proof#1 → proof#2 → proof#3 hash_a hash_b hash_c hash_d ↑prev_a ↑prev_b ↑prev_c
4. Aggregate & Commit
Compress an entire proof chain into a single Merkle commitment. Verify 10,000 proofs in one call — constant-time, regardless of chain length. Publish the commitment to the Proof Registry.
// Merkle aggregation root_hash / \ hash_ab hash_cd / \ / \ p1 p2 p3 p4
Attestation Stapling
Like TLS certificate stapling — but for behavioral compliance. Your agent carries its proof.
TLS / OCSP Stapling
A web server staples its OCSP response (certificate validity proof) to the TLS handshake. The client verifies locally — no separate call to the Certificate Authority needed.
SRTAP Attestation Stapling
An AI agent staples its latest STARK proof (behavioral compliance attestation) to every output. The consumer verifies locally via WASM verifier — no call to SENTINEL needed.
Zero Network Calls
Consumer verifies the stapled proof locally. No round-trip to SENTINEL's API or the Proof Registry. Verification works offline.
Maximum Freshness
The stapled proof is from this response — not a cached result from minutes ago. Every output carries proof of compliance at the moment it was generated.
Privacy Preserved
The proof attests to compliance without revealing raw behavioral data. The consumer knows the agent is within bounds — but not the specific observations.
3 Dedicated MCP Tools
Configure, observe, and monitor — three tools that turn any MCP-compatible agent into a continuously attested system.
sentinel_srtap_configure
Set behavioral barriers — baseline mean, upper/lower control limits, security level, and chain parameters. Called once per agent session to establish the compliance contract.
sentinel_srtap_observe
Submit behavioral observations and receive a chained STARK proof. Each call extends the chain — proofs auto-link via previous_proof_hash. Supports 1-100 observations per call.
sentinel_srtap_status
Query the current SRTAP session state — chain length, latest proof hash, configuration, and aggregate readiness. Use for monitoring dashboards and health checks.
Consumer SDK
sentinel-srtap@0.3.0 — a TypeScript SDK for integrating SRTAP into your agent pipeline. Zero runtime dependencies.
SRTAPClient
Full protocol client — configure barriers, observe behavior, get proofs, query chain status. Handles proof chaining automatically. One import, one class, full protocol access.
HttpPool
Connection pooling via node:https with keepAlive: true. Configurable maxSockets (default 6). Eliminates TCP handshake overhead for co-located deployments.
ProofCache
TTL-based LRU cache (default 30s / 100 entries). SHA-256 cache key covering all prove inputs. Chain-linked proofs automatically bypass cache — they're inherently unique.
Express Middleware
Drop-in middleware that generates and staples a STARK proof to every API response. Your consumers get attestation transparency with one line of middleware.
Dual ESM/CJS · TypeScript-first · Zero runtime deps · 18.7KB packaged
The SDK is distributed under controlled access. Not published to public npm.
Request Access →Empirical Performance
Real numbers from production. Measured via IRONCLAD — at the destination, not the source.
| Metric | Value | Conditions |
|---|---|---|
| P50 prove latency | 0ms | Cached genesis proofs (ProofCache hit) |
| P95 prove latency | 5.3ms | Mixed genesis + chained, 2-30 observations |
| P99 prove latency | 7.5ms | 19 sequential calls, diverse parameters |
| Mean prove latency | 1.05ms | Across all call types |
| Proof size | 5.9 KB | 96-bit security level |
| Verification time | 158ms | WASM client-side verifier |
| SDK package size | 18.7 KB | npm pack, zero runtime deps |
| Test assertions | 126 | sentinel-srtap@0.3.0 test suite |
Benchmarked 2026-04-04 against production API (api.starksentinel.com). 19 sequential prove calls with 96-bit and 128-bit security levels, 2-30 observations per call, genesis and chained proofs.
See SRTAP in Action
Try the interactive demo on our homepage — generate a real STARK proof, chain additional proofs, and watch the behavioral timeline grow.
Get Started with SRTAP
Start with the free tier — 100 proofs per month. Chain, aggregate, and staple without limits. SDK access by request.