VEX
Evidence Capsule
VEX Protocolfour-pillar attestationagentic provenance
The Evidence Capsule is the foundational data structure of the VEX Protocol — a cryptographically signed, tamper-evident record that attests to the complete governance context of a single agentic execution event.
WHY THIS EXISTS
Without a structured evidence model, agentic AI systems produce no verifiable record of why an action was taken, who authorized it, or what actually occurred. The Evidence Capsule closes this accountability gap.
PROTOCOL CONTEXT (VEX PROTOCOL — CORE STRUCTURE)
The VEX Protocol specifies the Evidence Capsule's schema and lifecycle:
Intent
The user-declared or system-inferred goal that authorized this execution. Signed at session initiation.
Authority
The cryptographic scope manifest listing permitted tools, data categories, and action types for this session.
Identity
A hardware-attested identifier for the agent instance — rooted in TEE or TPM 2.0.
Witness
The tamper-evident execution log: every tool call, parameter, result, and timestamp. Merkle-linked for integrity.
ProvnAI Mitigation
Evidence Capsules are produced by vex-core and consumed by McpVanguard for enforcement. Capsule signatures are rooted in the agent's Silicon-Rooted Identity, ensuring forgery requires compromising the hardware layer.