What is the difference between a Reasoning Ledger and a decision log?

A decision log records that a decision occurred — timestamp, action, status. A Reasoning Ledger records the full reasoning process: intent, context snapshot, options considered, chosen action, confidence, outcome, and provenance. A decision log answers 'what happened.' A Reasoning Ledger answers 'how the agent reasoned to that conclusion — and can you prove it has not been altered?'

How does a Reasoning Ledger differ from LLM tracing in LangSmith or LangFuse?

LLM tracing (LangSmith, LangFuse) captures LLM API calls — prompts, completions, token counts, latency. This is development-time observability for ML engineers. A Reasoning Ledger captures the business reasoning behind a decision in compliance-structured format, with tamper-evident signing. The target audience is compliance/legal (not ML engineers), the data model is different, and the tamper-evidence requirement is different.

Does a Reasoning Ledger need to be cryptographically signed?

Yes, for compliance purposes. A Reasoning Ledger that can be modified after the fact is not evidence — it is a mutable record. Cryptographic signing (SHA-256 hash + Ed25519 signature) means any modification to the record after capture changes the hash, causing signature verification to fail. This transforms a record into evidence.

Can a Reasoning Ledger be used for deterministic replay?

Yes — this is one of the primary use cases. The Reasoning Ledger stores a complete context snapshot at the time of each decision. Deterministic Replay re-executes any past decision against the current agent state using that stored snapshot. If the agent reasons differently now than it did when the original decision was made, the Semantic Diff identifies exactly where the reasoning diverged.

What regulations require a Reasoning Ledger?

No regulation uses the term 'Reasoning Ledger,' but several require its functional equivalent. EU AI Act Article 12 requires automatic logging enabling post-hoc reconstruction — which requires capturing the reasoning chain. HIPAA §164.312(b) requires audit controls for systems containing ePHI. GDPR Article 22 requires meaningful individual explanation of automated decisions. SOC 2 CC7.2 requires anomaly detection across AI decision patterns.

How does a Reasoning Ledger help with GDPR Article 22?

GDPR Article 22 requires meaningful explanation when automated decisions with significant effects are made. A Reasoning Ledger captures the specific factors the agent considered, how it weighted them, and why it reached the conclusion it did for the specific individual. This structured reasoning record is the source material for generating GDPR-compliant individual explanations — not generic model descriptions.

Is a Reasoning Ledger the same as an audit trail?

A Reasoning Ledger is a specific type of audit trail designed for AI agent decisions. A general audit trail captures system events chronologically. A Reasoning Ledger captures decision events at the semantic level — the full reasoning process, not just event metadata. Every Reasoning Ledger record is an audit trail entry, but not every audit trail entry is a Reasoning Ledger record.

How many decisions per second can a Reasoning Ledger handle?

Tenet's Ghost SDK fire-and-forget architecture means the SDK call returns in under 0.3ms regardless of decision volume. Background I/O (signing, network write, storage) is handled asynchronously and queued if the backend is unavailable. For high-volume scenarios (real-time fraud detection, trading recommendations), the in-process queue handles throughput spikes without affecting agent latency. Enterprise plans support hundreds of decisions per second.

What Is a Reasoning Ledger for AI Agents? (And How Does It Help Compliance?)

A Reasoning Ledger is an immutable, tamper-evident record of every step in an AI agent's decision-making process — not just what it decided, but how it reasoned. Each record captures seven layers: intent, context snapshot, reasoning chain, options considered, decision, outcome, and provenance. Every record is SHA-256 hashed and Ed25519 signed at capture time. The term "ledger" reflects the core design: append-only, authoritative, and provably unaltered — like a financial ledger, but for AI reasoning.

What Is a Reasoning Ledger?

A Reasoning Ledger is an append-only, tamper-evident record store for AI agent decisions. Each entry captures the full reasoning process: intent (what triggered the decision), context snapshot (complete input state), reasoning chain (how the agent evaluated options), options considered (all alternatives with scores and rationales), chosen action and confidence, outcome, and provenance (agent ID, model version, timestamp). The term ledger is deliberate — like a financial ledger, it is append-only, authoritative, and cannot be retroactively modified.

Anatomy of a Reasoning Ledger Record

Seven logical layers per record: (1) Intent — what triggered the decision and the agent's objective. (2) Context snapshot — complete input state at decision time, including all data the agent used. (3) Reasoning chain — how the agent evaluated the situation and weighted options. (4) Options — all alternatives considered, with scores and rationales. (5) Decision — chosen action and confidence score. (6) Outcome — execution result and ID. (7) Provenance — agent ID, model version, prompt version, timestamp, session ID. After all layers are captured, the record is SHA-256 hashed and Ed25519 signed.

Reasoning Ledger vs Logs vs LLM Traces

Application logs answer: what system events occurred? LLM traces (LangSmith, LangFuse) answer: what did the model receive and output? A Reasoning Ledger answers: why did the agent make this specific decision — and can you prove the record is unaltered? The primary audience, data model, retention requirements, and tamper-evidence requirements are all different. Logs and traces are designed for developer debugging. A Reasoning Ledger is designed for compliance and regulatory review.

Why Tamper-Evidence Is Non-Negotiable

A Reasoning Ledger that can be modified after the fact is not evidence — it is a mutable record. In a regulatory examination, an examiner asks: "Can you prove this decision record is what the system produced on that date, unmodified?" Without cryptographic signing, the answer is: "We believe no one has modified it, but we cannot prove it." With SHA-256 + Ed25519 signing at capture time, the answer is: "Yes — verify the signature against our public key." The signing key is stored in a hardware-separated KMS, separate from the record store.

Compliance Use Cases

EU AI Act Article 12: Reasoning Ledger records provide the context snapshot and reasoning chain needed for post-hoc reconstruction. HIPAA §164.312(b): records every AI decision that accessed ePHI. GDPR Article 22: individual decision reasoning chain is source material for individual explanations. SOC 2 CC7.2: structured records enable cross-record pattern queries for anomaly detection. Deterministic Replay: complete context snapshots enable re-running any past decision against the current agent state for semantic drift detection.