AARM cryptographic receipts

AARM (Autonomous Agent Receipt Manifest) provides tamper-evident audit trails for AI tool calls using cryptographic primitives.

Enabling receipts

Pass a signingKeyPath / signing_key_path to init():

init({
  apiKey: "tap_abc123",
  signingKeyPath: "./keys/private.pem",
});

mcp_tap.init(
    api_key="tap_abc123",
    signing_key_path="./keys/private.pem",
)

The Python library requires the cryptography package:

pip install mcp-tap[aarm]

The TypeScript library uses the Node.js built-in crypto module — no extra dependencies needed.

When enabled, three fields are added to each event before it’s sent:

Field	Description
`output_hash`	SHA-256 hash of the event’s output (canonical JSON)
`context_hash`	SHA-256 hash chain linking events in sequence — `hash(previous_hash + canonical(event))`
`signature`	Ed25519 signature over the canonical event, with `algorithm`, `key_id`, and `value` (base64)

openssl genpkey -algorithm Ed25519 -out private.pem
openssl pkey -in private.pem -pubout -out public.pem