Decision Token

Problem

An action-only record proves that the agent did something but not that the action was justified, and reconstructing the justification later depends on logs that were never designed to carry it, a model version that may no longer exist, and inference about what the model was probably weighing. When a supervisor asks why one specific transfer was approved, an after-the-fact narrative assembled from scattered traces is both expensive to produce and easy to dispute, because nothing ties the rule, the data, and the conclusion together at the instant the action committed.

Solution

Wrap every consequential action so that committing the action and minting its Decision Token are a single step. The token captures, in human-readable form, the policy or rule that fired, the precise inputs the agent read, the conclusion it reached, the identity that authorized the action, and the model version and timestamp that produced it. The token is signed and written to append-only storage keyed by action identifier, so it stands on its own without depending on surrounding logs. Because the justification is authored at the moment of execution rather than reconstructed later, the artifact handed to a supervisor is the token itself, and an action that cannot mint a complete token does not commit.

When to use

• Individual agent actions are consequential and a supervisor may later demand a defensible account of any single one.
• The justification must survive model updates, prompt changes, and log rotation, so it has to be captured and bound at execution time.
• A self-contained per-action artifact is preferable to a cross-system reconstruction when an action is questioned.