Developers · Documentation

Documentation

SANSAR · RUNTIME AUTHORITY FOR AUTONOMOUS SYSTEMS

SANSAR is independent runtime enforcement and verifiable evidence for AI agents, at the tool boundary.

Every action your agents take crosses a checkpoint: a policy check, an identity check, then a cryptographic stamp. The verdict lands before the action does — not after the damage is done. Every decision becomes a signed record that anyone can verify, forever, with open tooling.

The checkpoint

When an agent tries to call a tool, SANSAR evaluates it in three steps before the call is allowed through:

1 · POLICY CHECK  — does this action satisfy the rules for this agent?
2 · IDENTITY CHECK — is the agent who it claims to be?
3 · STAMP       — sign the verdict (Ed25519, HSM-backed) and chain it

The result is an allow / block / escalate verdict, plus a tamper-evident evidence record chained into a Merkle log. Nothing leaves your environment that you didn't choose to emit.

Two ways to integrate

MCP Gateway

Put the checkpoint in front of your agent's tools and MCP servers. No agent code changes.

Read more →

SDK · Python · TS

Enforce in-process by wrapping tool calls inside your own agent loop.

Read more →

Verify everything

Every verdict SANSAR emits is independently verifiable — no SANSAR server required. This is what your auditor gets, for every agent action.

Verify a record

How signed evidence records work and how to check one with your own tooling.

Read more →

Start read-only, enforce when ready

Teams typically begin in read-only mode — observing and stamping agent actions in a day — then switch to active enforcement once policies are tuned. Deployments can run air-gapped, with zero egress and customer-held keys.

Full technical documentation, SDK access, and keys are provided during onboarding. To get started, email info@sansarai.ai or explore the live demo.