Skip to main content

Export

curl -X POST "$AGCMS_BASE_URL/api/v1/audit/bundle" \
  -H "Authorization: Bearer $AGCMS_JWT" \
  -H "Content-Type: application/json" \
  -d '{"start":"2026-04-01T00:00:00Z","end":"2026-04-30T00:00:00Z"}' \
  -o bundle.zip

Bundle contents

FilePurpose
metadata.jsonTenant ID, period, chain start metadata, anchor S3 keys.
logs.jsonlAudit rows (one per line) covering the period.
signatures.jsonlSide-car: parallel HMAC signatures for each row.
roots.jsonPer-period Merkle roots + signed roots.
verify.pySelf-contained verifier (Python stdlib only).
README.mdAuditor-facing instructions.

Run the auditor playbook

unzip bundle.zip -d ./agcms-bundle
cd agcms-bundle
python verify.py .
# [OK] chain intact for tenant ...
# [OK] Merkle root matches for tenant ...
# [OK] VERIFICATION PASSED — bundle is intact