Recoleta Trends
Language
enzh-CN
GitHub
Recoleta Item Note

Show HN:Conduit–Headless browser with SHA-256 hash chain - Ed25519 audit trails

Conduit is a headless browser auditing tool for AI agents that records web actions into a verifiable cryptographic evidence chain. It attempts to solve the trust problem of being unable to prove after the fact what…

Software Intelligence
agent-auditingheadless-browsercryptographic-provenancemcp-toolsai-agents
Open originalSource markdown

Summary

Conduit is a headless browser auditing tool for AI agents that records web actions into a verifiable cryptographic evidence chain. It attempts to solve the trust problem of being unable to prove after the fact what happened when an agent browses, clicks, fills forms, and scrapes.

Problem

  • Web actions performed by AI agents typically leave only screenshots or ordinary logs, which are easy to fake, tamper with, or edit after the fact, making accountability difficult when something goes wrong.
  • In scenarios such as compliance, data collection, and litigation support, independently verifiable execution evidence is needed, rather than relying only on vendor claims or platform trust.
  • For software agents / LLM tool calls, the lack of native auditability limits adoption in high-risk automated workflows.

Approach

  • Built on Playwright as a headless browser, recording each step such as browse, click, fill, and screenshot.
  • Each action is hashed together with the previous record using SHA-256, forming a chained tamper-evident hash chain; if any intermediate step is altered, the rest of the chain becomes invalid.
  • At the end of a session, the full result is signed with Ed25519 to generate a proof bundle, which includes the action log, hash chain, signature, and public key.
  • Any third party can independently verify the bundle’s integrity and origin without trusting the producer.
  • The tool is also exposed as an MCP server, allowing Claude, GPT, and other LLM agents to use the browser directly through tool calls while automatically generating audit evidence.

Results

  • The text does not provide standard benchmarks, public datasets, or quantitative experimental results, so no precise performance gains or comparison figures can be reported.
  • The core paper-style claimed result is that each browsing session can produce 1 proof bundle (JSON) at the end, containing at least 4 types of content: action log, hash chain, signature, and public key.
  • It claims that anyone can perform independent verification of the bundle without trusting the log producer; compared with ordinary screenshots/logs, this provides stronger tamper-resistance guarantees.
  • The supported target scenarios include 4 categories: AI agent auditing, compliance automation, web scraping provenance, and litigation support.
  • From an engineering deployment perspective, it shows strong usability signals: MIT license, pure Python, no account/API key/telemetry required, and provides pip install conduit-browser and MCP integration.

Link

Built with Recoleta

Run your own research radar

Turn arXiv, Hacker News, OpenReview, Hugging Face Daily Papers, and RSS into local Markdown, Obsidian notes, Telegram digests, and a public site.

View repo5-minute quickstart