Cryptographically verifiable Kubernetes governance

A provable system of record for every cluster action.

DocketOps Ledger sits between your callers and the Kubernetes API, turning every request, decision, approval, and outcome into a hash-chained, Ed25519-signed record your team can verify later. Built for teams putting AI agents into real production clusters.

Hash-chained event log
Ed25519-signed entries
Allowed and denied actions recorded
Install with HelmTalk to engineering
View on GitHub
terminal
$ helm install docketops-ledger oci://ghcr.io/docketops/charts/ledger

Every allow, deny, approval, and outcome becomes a signed, verifiable ledger entry.

The Problem

AI agents are acting in your clusters. Can you prove what happened?

AI coding agents are gaining direct access to production infrastructure through kubectl, Helm, and custom operators. But when something changes in a cluster, screenshots and mutable logs do not tell security, compliance, or incident response teams what they need to know. You need durable attribution, policy decisions you can inspect later, and a record that can be independently verified.

No durable proof

Conventional logs can be changed, dropped, or disputed. After the fact, you may have events, but not proof.

No trustworthy attribution

Which agent submitted the request, what policy was evaluated, and who approved it should never be ambiguous.

No safe control point

Direct kubectl or Helm access skips the one place where execution, policy, and recording should happen together.

How It Works

From request to immutable record in milliseconds

01

Register

Admin creates an agent identity in Ledger. Ledger issues a unique, scoped API key with role-based access.

02

Submit

Agent sends an action request — what to do, where, and with what payload — to the Ledger gateway API.

03

Evaluate

Gateway classifies risk (LOW/MED/HIGH), evaluates policy (allow, deny, or require approval), and logs the decision.

04

Execute

If allowed (or approved), the gateway executes against the Kubernetes API using least-privilege RBAC service accounts.

05

Record

Every step is written to the tamper-evident ledger: hashed with SHA-256, chain-linked, and signed with Ed25519.

06

Verify

Anyone with auditor access can cryptographically verify the full hash chain and Ed25519 signatures at any time.

Capabilities

Immutable by design, practical in production

Ledger is not just another activity log. It creates a verifiable chain of custody for Kubernetes actions, then uses that record to support policy, approvals, and safer execution.

Canonicalize

Normalize each event into deterministic JSON before it is recorded.

Hash

Create a SHA-256 fingerprint for the event so any change becomes detectable.

Chain

Link each entry to the one before it to preserve order and integrity.

Sign

Use Ed25519 signatures so auditors can independently verify authenticity.

Immutable Audit Ledger

Every action is canonicalized, hashed, linked to the previous event, and signed. If someone changes the record later, verification breaks immediately.

Governed Agent Execution

Register every agent identity, issue scoped API keys, and keep full attribution from request to verified outcome for both human and machine callers.

Policy Before Privilege

Start in observe-only Ledger mode to understand behavior, then move to OPA enforcement when you are ready. The decision is recorded alongside the action.

Signed Approval Workflows

High-risk operations can require human approval before execution. The approval itself becomes part of the same verifiable chain of evidence.

Trust That Compounds

Agents build trust through verified successful actions. That score can be used to gate higher-risk operations instead of granting blanket access up front.

Execution Guardrails

Hard allowlists are enforced before any Kubernetes API call. Keep sensitive namespaces blocked and separate read scopes from mutation scopes per identity.

Architecture

Every request becomes a verifiable record

Ledger sits in the control path between every caller and the Kubernetes API. Before anything reaches the cluster, the request is authenticated, evaluated, executed with constrained privileges, and appended to a signed chain of evidence.

AI Agent A
AI Agent B
Human Operator
Authenticated request
DocketOps Ledger Gateway
Authenticate Caller
Classify Risk
Execute with RBAC
Append Signed Record
PostgreSQL
Ledger Storage
OPA
Policy Decision
Ed25519
Signature Proof
Least-privilege execution
Kubernetes API Server
Constrained RBAC • namespaced access • kube-system blocked
Verifier Output
Event hash + chain hash + signature status available on demand

Developer Experience

Every API response can be traced to a signed record

Developers get a simple API. Security teams get event IDs, hashes, chain integrity, and verification artifacts they can inspect later.

Every successful request returns verifiable metadata that can be checked later by an auditor or pipeline.
import requests

LEDGER_URL = "https://ledger.internal:8443"
API_KEY = "dkt_agent_abc123..."

# Submit a governed scale action
resp = requests.post(
    f"{LEDGER_URL}/api/v1/actions",
    headers={"Authorization": f"Bearer {API_KEY}"},
    json={
        "action_type": "SCALE",
        "namespace": "staging",
        "resource_kind": "Deployment",
        "resource_name": "web-api",
        "parameters": {"replicas": 5},
        "justification": "Scale up for load test"
    }
)

result = resp.json()
print(f"Status: {result['status']}")
# → Status: COMPLETED
print(f"Ledger ID: {result['ledger_entry_id']}")
# → Ledger ID: evt_7f3a...
print(f"Event Hash: {result['event_hash']}")
# → Event Hash: sha256:9f6c...
print(f"Chain Hash: {result['chain_hash']}")
# → Chain Hash: sha256:a1b2c3d4...
print(f"Signature Verified: {result['signature_verified']}")
# → Signature Verified: true

Pricing

Start with proof. Scale with control.

Every plan starts with the same cryptographically verifiable ledger. Upgrade when you need stronger policy controls, approvals, and enterprise support.

Community
Free

For engineers who want to evaluate the ledger model and verify cluster activity end to end.

  • Up to 3 agent identities
  • Full tamper-evident ledger
  • SHA-256 hash chaining
  • Ed25519 signing
  • Built-in web dashboard
  • Ledger-mode policy (audit only)
  • Community support
Read the docs
Team
$490/mo

For teams that need governed execution, approvals, and proof they can hand to security or compliance.

  • Up to 25 agent identities
  • Everything in Community
  • OPA/Rego policy enforcement
  • Approval workflows
  • Trust scoring with auto-gating
  • Outcome verification
  • Risk classification engine
  • Email support (48h SLA)
Install with Helm
Enterprise
Custom

For organizations that need enterprise rollout support, integrations, and defensible auditability across teams.

  • Unlimited agent identities
  • Everything in Team
  • Multi-cluster support
  • LDAP/OIDC SSO
  • Custom policy templates
  • Audit export (SIEM integration)
  • Dedicated support engineer
  • SLA-backed uptime guarantee
Talk to engineering

Put a verifiable control point in front of your cluster

Deploy with one Helm chart, route every action through Ledger, and give engineers, security teams, and auditors the same defensible source of truth.

terminal
$ helm repo add docketops https://charts.docketops.io
$ helm install ledger docketops/ledger
✓ DocketOps Ledger deployed to namespace: docketops
Verifier: GET /api/v1/ledger/verify
Read the docsRequest information
Why teams reach out

Validate whether Ledger fits your production governance model.

Discuss approvals, policy enforcement, and trust scoring.

Understand how immutable verification works in your environment.

Typical topics
AI agent access control
Tamper-evident auditability
Kubernetes approvals
Production rollout questions
Request information

Talk to DocketOps

Tell us what you are evaluating, what kind of cluster access you need to govern, and where AI agents are entering your workflow. We will follow up at hello@docketops.io.

Prefer email? Reach us directly at hello@docketops.io.