The attestation layer for autonomous execution.

Every governed AI action leaves a signed, independently verifiable record of what was attempted, what authority applied, and how it resolved.

✓ Verified offline — no callback to Lyhna.

{
  "receipt_id": "lrv2_1747… (truncated)",
  "action_type": "deploy_release",
  "intent": "ship_v2",
  "intent_version": "1.0",
  "outcome": "APPROVED",
  "authority_tier": 2,
  "canonical_hash": "9f2c… (truncated)",
  "signature": "ed25519:3a8b… (truncated)",
  "public_key": "MCowBQYD… (truncated)"
}

THE PRIMITIVE

Before an agent deploys code, sends money, issues a refund, binds coverage, changes policy, or alters production state, it calls bind(). Lyhna returns APPROVED, ESCALATED, or REFUSED — and records every outcome.

import { bind } from '@lyhna/bind';

const receipt = await bind({
  action_type: "test_ping",
  action_payload: {},
  intent: "verify_install",
  intent_version: "1.0"
})
console.log(receipt.outcome)
console.log(receipt.receipt_id)

One call. One signed receipt. One more entry in the corpus.

Approved

Authority verified. Execution licensed. Receipt recorded.

Escalated

Higher authority required. Escalation receipt recorded.

Refused

Execution blocked. Refusal receipt recorded.

Each call returns APPROVED, ESCALATED, or REFUSED — with a signed, offline-verifiable receipt on every outcome. Every receipt strengthens the corpus.

The right data is proof. The right moment is before action becomes real.

Lyhna is not just a gate. It is the corpus every governed action builds.

THE ARTIFACT

Every outcome becomes institutional evidence.

Lyhna emits a signed receipt on every bind() call, regardless of outcome. Each records what was attempted, what authority applied, what policy governed the decision, and the signature that makes it tamper-evident. Because receipts verify offline, the record stays useful to boards, insurers, regulators, and counterparties that do not have to trust Lyhna or the operator.

Offline verifiable

Public-key signature. No callback to Lyhna required to prove a receipt is authentic.

Tamper evident

Canonical hashing of every field. Any modification invalidates the signature.

Replay protected

Approved action hashes cannot be reused silently. Re-submission produces a refusal receipt.

Authority lineage

Every receipt records the authority tier that resolved the action and the policy hash in effect at decision time.

Authority, not content

Lyhna records that authority was rendered, never the content of the action.

THE DATA CLASS

Not exhaust. Attestation.

Most AI systems capture exhaust: prompts, clicks, traces, tool calls, usage residue — useful only to the platform that holds it. Lyhna captures proof: signed records created at the moment of consequence, verifiable by outsiders, impossible to manufacture after the fact.

Captured at consequence

Created when an action would become real, not reconstructed later.

Verifiable by adversaries

Receipts verify offline. The reader trusts no one.

Impossible to backfill

Authority was captured under signature at the moment of action, or it was not. History cannot be regenerated.

THE ASSET

From signed receipts to Institutional Judgment Layer.

Every governed action leaves a signed record. Over time, those records form a population-complete account of how an organization exercised authority under agent velocity. The IJL is what that corpus means: a durable, cryptographically verifiable memory of what the company allowed, refused, escalated, and governed. Not a log. Not a dashboard. A durable, queryable asset.

Governance tools surface exceptions. Lyhna records the population.

WHO IT'S FOR

For boards

Evidence that authority was exercised, not merely documented.

For insurers

A claims-grade control record: what was attempted, whether authority existed, and what outcome was rendered.

For regulators

Offline-verifiable evidence of authority enforcement across audit windows.

For courts

A tamper-evident authority chain for any contested autonomous action.