ProofFlow

English | 简体中文

Agent Work Ledger for AI coding.

Vibe coding is fast. Blind trust is not enough.

ProofFlow makes AI-generated work reviewable, traceable, and reversible by recording the full chain from work contract to proof packet: contract first, record the algorithm decision, declare the cost budget, snapshot the code state, bind claims to evidence, evaluate done criteria, then export an auditable packet.

Latest release: v0.1.8 - Agent Work Ledger for AI coding

▶ Watch the 72s demo: From AI agent claims to verifiable Proof Packets

Demo asset (deferred): The end-to-end dogfood Demo_Asset GIF and the VSCode_Channel inline audit / Approve Gate screenshots for the v0.1.x dogfood-and-channel-polish milestone are deferred to the next dogfood cycle (no capturable VS Code window in this milestone). Tracked in PLANS.md#vscode-channel-screenshots-deferred-from-v0-1-x-dogfood.

📦 Example Proof Packets: code review · issue triage · agent work ledger · ledger dogfood

Maintainer workflow: docs/maintainer_evidence_workflow.md

Agent Work Ledger guide: docs/agent_work_ledger.md

Ledger Risk Hints: docs/ledger_risk_hints.md

5-minute MCP quickstart: docs/ledger_quickstart_mcp.md

Ledger PR comment template: docs/examples/pr_comment_agent_work_ledger.md

AgentGuard semantic rules: docs/agentguard_semantic_rules.md

Agent Work Ledger

ProofFlow is not only a PR review helper. It is a local-first ledger for AI coding work. A Ledger Case captures the workflow before, during, and after an agent changes code:

1. Work Contract - record the objective, repo path, allowed scope, forbidden actions, required tests, done criteria, evidence requirements, algorithm requirements, and cost budget.
2. Algorithm Decision - record the selected approach, rationale, alternatives, invariants, and forbidden approaches before implementation.
3. Cost Budget - declare token, API, GPU, CPU, runtime, or iteration limits before expensive work begins.
4. Snapshot - capture the git diff, changed files, HEAD SHA, base ref, and diff hash so reviewers know exactly what code state was examined.
5. Evidence - store command output, test output, diffs, notes, screenshots, or other artifacts as searchable evidence.
6. Claim - require every agent claim to bind to evidence before it is trusted.
7. Evaluation - deterministically check required tests, algorithm decision, cost budget, scope boundaries, missing evidence, unaccepted risks, and non-blocking Risk Hints for suspicious routes.
8. Proof Packet - export the contract, algorithm decision, cost budget, timeline, snapshots, claims, evidence, evaluation, decisions, and remaining risks into markdown.

Main chain: Work Contract -> Algorithm Decision -> Cost Budget -> Snapshot -> Evidence -> Claim -> Evaluation -> Proof Packet. This keeps the core product invariant sharp: no Case, no workflow; no Evidence, no trusted Claim; no done criteria evaluation, no quiet success.

Risk Hints extend the evidence flow without turning ProofFlow into an automatic algorithm judge. They tell the mai

... View full README on GitHub