AlphaBitCore
Sample artifact

What an Execution Attestation Certificate looks like.

Every PoE-valid execution issues an EAC. Below is one, rendered for the worked example in Proof of Execution(Rhodes & Kang, 2026), §3: a two-step agent task that extracts Apple’s ticker and retrieves its two-week price performance. The certificate binds the contract, the sealed trace root, the replay context hash, and the signing key id into a single Ed25519-signed artifact. Independently verifiable.

Sample — not a real customer execution
ALPHABITCORE
AI Control Plane · Provable by Design
Execution Attestation Certificate
EAC · v1.2
EAC-2b48aa60a4d8c9f1-20260424-152448
ATTESTED · PoE(C, T, R) = 1 · Within Budget
All 5 runtime invariants + 2 operational constraints verified · Deterministic replay reproducible
VALID
1. Execution Identity
EAC SerialEAC-2b48aa60a4d8c9f1-20260424-152448
Certificate VersionEAC v1.2 · PoE-Core + Gas-Extension
Issued At2026-04-24T15:24:48.903Z
Issuing AuthorityGateway Signing Root (Kgw)
Issuer Key IDgw-prod-2026-q2
ValidityNon-expiring attestation of a bounded execution
2. Contract Binding · id(C) = H(C)
Contract ID2b48aa60…a37e6f57
TaskExtract AAPL ticker and retrieve 2-week performance
Principaluser_292706281397268480
Tenant1001
Activated2026-04-24T15:24:06.134Z
Expires2026-04-24T15:39:06.134Z (not reached)
Policy Snapshot7a3f8c9d…fe41
Planner Versionplanner-v4.7.2
Modelsgpt-4o · claude-sonnet-4-5
Capability Funnelrequested 4 → authorized 13 → used 2
3. Compliance Attestation · PoE Validity Predicate
I1
Zero-trust start. Unique root allow bound to H(C).
I2
Gateway scope. Each effect authorized in-scope.
I3
Null effect on deny. No deny branches present.
I4
Immutability. Hash chain + seal root verified.
I5a
Envelope closure. Replay context binds all declared inputs.
  Operational Constraints · Cost Attestation
O1 Budget Closure
Σ per-event cost ≤ contract total budget across all 7 dimensions.
O2 Cost Monotonicity
Cumulative cost field non-decreasing; matches replay recompute.
4. Causal Event Chain · ECES (5 events)
#Event IDTypeUTC TimestampEffectCapabilityCost (this event)
1evt_4e8222TASK_CREATED (root)15:24:06.134none
2evt_011EB_COMPLETE15:24:13.421noneplanner.compile6,777 tk · 7.3s
3evt_gw_a4f2GATEWAY_DECISION (allow)15:24:28.058noneweb.fetch.market_price
4evt_006CAPABILITY_RESULT15:24:38.567externalweb.fetch.market_price$0.002 · 1 call · 10.1s
5evt_012TASK_COMPLETED15:24:48.912noneanalysis.pct_change994 tk · 1.2s
Hash-link verified on all 5 events. Trace sealing root committed at 4f8c2a9b…d719.
5. Cost Ledger · Signed Execution Bill
Total (USD Equivalent)
$0.0213
Tokens + API + Compute (imputed)
Budget Utilization
38.9%
Max dimension: LLM tokens
Compliance Cost
$0.0004
Attestation overhead (1.9% of exec)
DimensionConsumedBudgetUtilizationChargeable To
LLM input tokens7,06415,000
47.1%
tenant:1001 / cc:research
LLM output tokens7075,000
14.1%
tenant:1001 / cc:research
Tool invocations15
20.0%
tenant:1001 / cc:research
External API (USD)$0.0020$0.1000
2.0%
tenant:1001 / vendor:datafeed
Compute time41.1s60.0s
68.5%
tenant:1001 / cc:platform
Storage (bytes sealed)14,092100,000
14.1%
tenant:1001 / cc:compliance
Risk units6100
6.0%
tenant:1001 / cc:risk
Cost attestation hash 8d3fa74e…2c91 co-verifies three independent sources: LLM provider usage receipt, data-feed invoice, and internal meter trace.
6. Terminal Output · Bounded Response
“The two-week performance for AAPL is approximately +4.97%, computed from closing prices of $273.43 on 2026-04-23 and $260.49 on 2026-04-09.”
Output reproduced on independent replay — bitwise match of terminal state.
7. Cryptographic Proofs
Contract ID · H(C)
2b48aa60a4d8c9f13e7b2f8d6c5a9e4138229a7d91cbf48e2f3b95d10ca37e6f57
Trace Merkle Root · root(T)
4f8c2a9b8e1d7053f62a4e8b9c5d7f13a8e2b4c9d617f8e3a2b7c4d91e5f8a0d719
Replay Context Hash · H(R)
e2d78c3f5a9b6d142f8e7c1b0a4d9e8f5c3b7a2e6d1f8c4b9a3e7d2f16b5a8e6b41
Cost Attestation · H(cost proof)
8d3fa74e1b9c8d2e7f4a6b3c5d9e1f8a7b4c2d6e3f5a9b8c1d7e4f2a6b3c9d2c91
External Anchoring
RFC 3161 TSA · DigiStamp #DS-2026-04-24-0040217
rfc6962:ctl-alphabit · leaf 847,291
8. How to Independently Verify This Certificate
  1. Fetch contract · GET /poe/contracts/2b48aa60a4d8c9f1
  2. Fetch sealed trace · GET /poe/traces/2b48aa60a4d8c9f1
  3. Fetch replay context · GET /poe/replay/2b48aa60a4d8c9f1
  4. Fetch Gateway public key · GET /poe/gateway-keys/gw-prod-2026-q2
  5. Verify Ed25519 signature over this certificate payload · abc-verify eac <SERIAL>
  6. Re-run ValidatePoE(C, T, R) — must return valid · invariants I1–I5a and constraints O1–O2
  7. Optionally re-run Replay(C, T, R) — terminal output must match §6 bitwise
  8. Confirm Merkle root inclusion at the external anchor (see §7)
Gateway Signature · Ed25519
MEUCIQDk3z8fH9sL2MpN4rQ8vT1xY7aB5cD6eF3gH2iJ4kL9mAIgA+B/C=DxYzPq7rS4tU1vW2xY8zB3cD5eF6gH4iJ9kL+mNoPqRsTuVwXyZ0==
Issuer fingerprint · sha256:b7d2c4f8a6e3d1c9b5…
Issued by AlphaBitCore AI Control Plane
Authority: Gateway Signing Root (Kgw)
Key ID: gw-prod-2026-q2
Certificate standard: EAC v1.2
This Execution Attestation Certificate is cryptographically sealed. Any modification to its payload invalidates the attached Ed25519 signature and breaks the Merkle inclusion at the external anchor. This certificate does not assert the wisdom of the authorized contract C, nor the safety of the authorized capabilities; it asserts only that the execution stayed within C under the PoE validity predicate and within the stated budget. See Rhodes & Kang (2026), §10 Limitations.
ALPHABITCORE · EAC v1.2 · PoE-Core (Rhodes & Kang 2026) + Gas-Extension · Sample
Reading the certificate

Eight sections, three classes of evidence.

Identity & Binding

Sections 1–2

Who ran what, under which contract. Issuer key id, contract hash, principal, tenant, validity window, and the capability funnel (4 requested → 13 authorized → 2 used) that illustrates scope narrowing.

Compliance evidence

Sections 3–6

Five safety invariants (I1–I5a) plus two operational constraints (O1: Budget Closure, O2: Cost Monotonicity), all passed. The causal event chain, the signed cost ledger across seven dimensions, and the bitwise-reproducible terminal output.

Cryptographic proof

Sections 7–8

Contract hash, trace Merkle root, replay-context hash, cost attestation hash, external anchoring (RFC 3161 TSA + RFC 6962 CT log), Ed25519 signature over the canonicalized payload. Section 8 is the verification recipe anyone can run.

Want to see an EAC against your workloads?

The research briefing includes a live demo of EAC issuance, verification, and replay against representative executions from your environment.

Request the research briefing How Prove works