FeedOracle
Evidence Developers Pricing Trust Center
Trust Policy v1.0 KYA Agent Identity Audit Trail Reference Workflows Unit Billing
All Systems Verified

Enterprise Trust Layer

Every response from FeedOracle is cryptographically signed, independently verifiable, and blockchain-anchored. Agent behavior is controlled by a persistent state machine with pre-execution, post-execution, and runtime governance. Below are 17 live proofs — each backed by a real-time API call you can verify right now.

Checks Passed
Evidence Packs
Registered Agents

1 JWS Signing — RFC 7515 ES256K

Every evidence response contains a JSON Web Signature verifiable against our JWKS public key.

JWKS Public Key (live)
JWKS endpoint live at /.well-known/jwks.json — ES256K public key for signature verification
JWS Token in Evidence Response
JWS verification: ECDSA ES256K signatures on all evidence artifacts

2 Versioned Evidence Schemas — JSON Schema Draft 2020-12

8 schemas at /schemas/ — every response links to its schema via schema_ref.

Schema Registry (live)
EPM Schema v1.0 — Evidence Pack Manifest with SHA-256 hashing

3 Evidence Registry — Compliance Transparency Log

Append-only log of every evidence pack — inspired by Google Certificate Transparency.

Latest Evidence Packs
Pack IDFrameworkAssetHashTime
105+ stablecoins and 61 RWA protocols monitored. Data refreshes automatically.

4 Evidence SLA Layer — Machine-Readable Quality Signals

Every response includes freshness, confidence, per-source health, and tier-specific targets.

SLA from Live Evidence Query
SLA: 99.5% uptime target — real-time monitoring at uptime.feedoracle.io

5 Deterministic Replay — Audit-Grade Reproducibility

Every evidence pack is archived. Replay reconstructs byte-identical output — hash_match: true is the proof.

Replay Result (live)
Replay proof: every evidence artifact independently reproducible from source data

6 KYA Agent Identity — Registration, Trust Scoring, Reputation

AI agents register, receive ECDSA keys (90-day lifecycle), and accumulate reputation.

Agent Leaderboard (live)
#AgentOrganizationReputationTierRequests
3 core servers + AgentGuard. 59 compliance tools + 20 security tools. OAuth 2.1, KYA identity, tamper-proof audit.

7 Streaming Evidence — Real-Time Signed SSE Events

State-change-only events: peg deviations, regime changes, market stress. Every event is SHA256-hashed.

Stream Status (live)
SSE + Streamable HTTP transport — live connections on feedoracle.io/mcp/sse
Live Event Ticker
Evidence stream real-time via SSE

8 Zero-Trust Validation SDK — Client-Side Verification

Verify any evidence pack without trusting the transport layer. 7 independent checks.

Self-Test Result (live)
SDK checks: OpenAPI 3.1, MCP v2.4.0, JWKS, OAuth 2.0 discovery
Install the SDK:
pip install feedoracle-verify

9 AgentGuard — Runtime Agent Governance

Every AI agent connecting to FeedOracle is subject to a 5-stage control pipeline: identity verification, policy enforcement, risk-scored execution, mandatory output scanning, and state-based escalation. 20 security tools across 4 layers.

Control Flow
Request
  → Kill/Suspend Gate (persistent state check)
  → Auth Gate (Bearer → OAuth 2.1 → KYA Trust Level)
  → Policy Preflight (7 policies, risk score 0-100)
  → Tool Execution
  → Post-Execution Output Scan (PII, secrets, exfiltration, poisoning)
  → Response (clean | warn | flag | BLOCK)
Agent State Machine
active → monitoring → approval_required → suspended → killed

monitoring         : Enhanced audit (auto, TTL 30min)
approval_required  : Every call needs approval (auto, TTL 1h)
suspended          : Public tools only (manual)
killed             : Completely blocked (emergency_kill, permanent)

States: persistent in DB, survive restarts, escalation-only.
Layer 1 — Pre-Execution (5 tools)
policy_preflight    — All policies + state-aware forced approval
tool_risk_score     — 0-100 with KYA trust adjustment
approval_required   — Human-in-the-loop gate
decision_explain    — Explain allow/deny with policy reference
rate_limit_check    — Per-minute/hour/day enforcement
Layer 2 — Payload Security (5 tools)
payment_policy_check  — Limits, sanctions, counterparty risk
spend_limit_check     — Daily budget per agent
secret_exposure_check — API keys, tokens, PII detection
payload_safety_check  — Injection, XSS, code execution
replay_guard_check    — SHA256 dedup within time window
Layer 3 — Governance (7 tools)
cross_tool_anomaly_check — Suspicious tool sequences
scope_check              — RBAC (5 roles)
session_validate         — TTL + call budget
tenant_policy_check      — Multi-tenant (4 presets)
threat_intel_check       — ETH/IP/domain intelligence
audit_log_write          — HMAC-signed persistent audit
audit_log_query          — Filtered audit trail
Layer 4 — Post-Execution (3 tools)
output_safety_scan    — Auto on every call:
                        PII, secrets, exfiltration, poisoning
                        block → output never returned
                        flag  → agent escalated to approval_required

emergency_kill        — Sessions, approvals, state → killed
tool_manifest_verify  — Publisher allowlist, injection scan
Why This Matters for Enterprise Compliance
MiCA Art. 83:  Competent authorities may request records of agent decisions.
DORA Art. 11:  ICT incident management requires traceable agent behavior.
EU AI Act:     High-risk AI systems need human oversight mechanisms.

AgentGuard provides:
✓ Beweisbare Entscheidungskette (audit_verify)
✓ Automatische Eskalation bei Risiko-Events
✓ Kill-Switch für kompromittierte Agents
✓ Output-DLP verhindert Daten-Exfiltration
✓ Supply-Chain-Prüfung gegen manipulierte Tools

Endpoint: feedoracle.io/guard/mcp/