1
VERITAS: Verifiable Accountability For Autonomous AI Agents
ProposalGrant
Closes July 13th, 2026$0raised
$25,000minimum funding
$100,000funding goal
Offer to donate
41 daysleft to contribute
You're pledging to donate if the project hits its minimum goal and gets approved. If not, your funds will be returned.
Project summary
VERITAS makes AI prove what it did. It produces tamper-evident, independently verifiable receipts for AI inferences and agent actions, anchored to Bitcoin so the record can't be quietly rewritten after the fact. It is already built: a 10-repo, MIT-licensed ecosystem with 660+ passing tests, a formal RFC-style specification, and a live in-browser verifier. This is not a proposal to start something. It is funding to take the agent-accountability layer to production and prove it with real third-party verification.
What are this project's goals? How will you achieve them?
The goal is to take VERITAS's agent-accountability layer from working prototype to a tool that real AI operators and outside auditors use to check what an autonomous agent actually did, without having to trust the operator.
Four steps over the funded period:
1. Harden vrt1-agents (signed agent-action attestations plus reputation) to production quality.
2. Build third-party auditing tooling, so anyone can verify an agent's attested action history end to end, with no special access and no cooperation from the operator.
3. Complete one real integration with a live agent operator, demonstrating end-to-end third-party verification of that agent's actions.
4. Publish two safety benchmarks: provenance-laundering detection, and agent-to-agent forgery detection.
Why this matters for AI safety: as agents start acting on their own, the default oversight model is "trust the operator's logs," and that breaks down because logs are private, editable, and deletable. VERITAS gives an auditor, a counterparty, or another agent an independent, tamper-proof record of what an agent did. It adds no model capability. It only adds oversight, so it strengthens accountability without feeding capability races.
Where it sits in the field, honestly: alongside zero-knowledge inference (EZKL), optimistic on-chain inference (Ora/opML), and verifiable compute (Gensyn), VERITAS is the deliberately lightweight, Bitcoin-anchored, attestation-based end of the field. What makes it distinctive is the integrated ecosystem already shipped around it: agent actions, energy attestation, and reputation, not just a single primitive.
How will this funding be used?
Funding follows a simple quarterly ladder. Every three months of support adds another $25,000 and unlocks the next block of work, so the project reaches a full year of support to reach its utmost abilities if it's backed all the way:
- $25,000 (months 1 to 3), the minimum: harden vrt1-agents to production and ship the third-party auditing tool. If only the minimum is met, outsiders can already verify an agent's attested history end to end.
- $50,000 (months 4 to 6): add the first live integration with a real agent operator, demonstrating end-to-end third-party verification.
- $75,000 (months 7 to 9): add the two safety benchmarks (provenance-laundering and agent-to-agent forgery detection) and an independent external security audit.
- $100,000 (months 10 to 12), the full goal: a second integration with a different operator, a second audit round, and a public technical report.
A regrantor can fund any rung. Twenty-five thousand ships a real, usable accountability layer; the full hundred thousand takes it through two independent integrations and two audits.
Composition of the full $100,000 (the same line items as my other applications, scaled to twelve months):
- $60,000, my time (project lead, 12 months; gross, including self-employment and income tax), covering the four quarterly work blocks above.
- $15,000, a contract cryptography/security engineer to co-build and harden the verification path.
- $13,000, an independent external security audit by a separate reviewer, with findings published.
- $4,000, compute and infrastructure: Bitcoin anchoring fees, CI, hosting, and benchmark compute.
- $8,000, buffer for unplanned costs.
The audit and the contract review are there on purpose. I build through intensive AI-assisted pair-programming, so putting independent specialist eyes on the cryptography is the honest way to close the "can a solo, AI-assisted developer ship secure crypto?" risk. The audit findings will be published.
Who is on your team? What's your track record on similar projects?
It's me, solo, for now. The grant funds a contract cryptography/security engineer to co-build the verification path and an independent external auditor to review it.
This project is my track record. Solo and self-funded this year, I built and shipped the VERITAS ecosystem: 10 MIT-licensed repositories, 660+ passing tests, a formal RFC-style specification with canonical test vectors, a security-reviewed core, and a live in-browser verifier at vrt1-web-verifier.pages.dev. All of it is public and independently checkable at github.com/Ifasola34. Nothing here rests on my say-so; the code, the tests, and the verifier are the evidence.
Honest limitations, stated plainly:
- I have no prior public research record and no standing in the Bitcoin or AI-safety communities. The work is the only evidence I can point to.
- The build is AI-assisted. I direct the architecture, scope, and strategy and develop through heavy pair-programming with Claude. That is exactly why this budget funds a specialist engineer and a separate external audit, rather than asking you to take my security claims on trust.
- VERITAS is not a brand-new category. Bitcoin-anchored timestamping already exists (OpenTimestamps), and verifiable AI is an active field. My contribution is execution and the lightweight, integrated agent-accountability layer. It has no paying users yet.
What are the most likely causes and outcomes if this project fails?
The single biggest risk is step 3, the live integration, because it depends on an outside operator choosing to adopt an unproven tool from an unknown developer. If no external partner commits in time, I fall back to a reference operator I run myself and demonstrate end-to-end third-party verification against that. The outcome in that case is a weaker proof point but a still-working system: the hardened accountability layer, the auditing tool, and the benchmarks all ship regardless.
Second is execution risk on the cryptography. I am not a career cryptographer, and I build with AI assistance. If the specialist engineer or the external audit surfaces a serious flaw, the realistic outcome is delay and rework rather than a silent failure, which is the whole reason both are funded line items rather than afterthoughts.
Third is timing. The need for independent agent accountability may stay early for another year or two while autonomous agents are still finding real deployment. If that happens, the deliverables are still a usable primitive plus reproducible benchmarks; adoption is just slower than hoped.
Finally, the Manifund-specific risk: this is a marketplace, and the project may simply not find a regrantor or donors who back it. If the minimum isn't reached, the funds return to backers under Manifund's rules, and I keep building part-time and self-funded, slower and without the audit or the specialist.
How much money have you raised in the last 12 months, and from where?
$0 in external funding as the project has been fully self-funded, with about one part-time person on it (me).
I have applications pending elsewhere and want to be transparent about overlap. The Long-Term Future Fund (EA Funds) is currently evaluating the same agent-accountability scope described here. I also have separate applications out for distinct scopes: Bitcoin-FOSS funders (Spiral, HRF, the Bitcoin Grants common application) for the underlying protocol infrastructure such as Lightning, mainnet anchoring, and Nostr; and the Foresight Institute for hardware-based model-attestation work. Those are different deliverables, not this accountability layer.
My commitment: I will not double-fund the same work. If more than one funder backs the accountability scope, I will partition the work so no deliverable is paid for twice, or reduce one ask accordingly. If a regrantor here wants to fund a specific slice, for example just the auditing tool or just the benchmarks, I am happy to carve the scope to fit.