Back to Glossary
VEX

Evidence Capsule

VEX Protocolgoverned executionagentic provenance

The Evidence Capsule is one cryptographic evidence construct in the VEX Protocol family — a tamper-evident record that preserves the governance context of a governed execution event.

WHY THIS EXISTS

Without a structured evidence model, agentic AI systems produce no verifiable record of why an action was taken, who authorized it, or what actually occurred. Evidence Capsules are one approach to closing this accountability gap.

PROTOCOL CONTEXT (VEX — EVIDENCE MODEL)

The VEX Protocol produces cryptographically verifiable evidence of governed execution. The Evidence Capsule is one artifact in a broader evidence model:

Intent

The declared or system-inferred goal that authorized the execution. Governed execution validates that actions remain within the scope of the authorized goal.

Authority

The authorization context that governed the execution — including permitted tools, data categories, and action types.

Identity

The trust context of the agent instance. Current deployments may use different trust configurations, including hardware-backed and software-backed approaches.

Witness

The tamper-evident execution record preserving what crossed the boundary during governed execution.

ProvnAI Mitigation

VEX produces governed execution evidence that can be preserved, inspected, and verified. McpVanguard can feed selected security observations into VEX-integrated deployments for optional evidence preservation, and VEX can generate verifiable records of governed actions at the execution boundary.