When we started building Synaura, we faced a question every multi-agent platform eventually hits: how do you prove that a particular action was authorized, by whom, and based on what evidence? Logs are easy to tamper with. Timestamps can be forged. Database rows can be quietly updated. If your compliance team or your customer asks “who approved this and why?” you need an answer that does not depend on trusting the platform itself.
That is why every provenance receipt in Synaura is cryptographically signed with ML-DSA-65 (FIPS 204), the post-quantum digital signature algorithm standardized by NIST in 2024. ML-DSA-65 (formerly known as CRYSTALS-Dilithium) is lattice-based, meaning it resists both classical and quantum attacks. We chose the Level 3 parameter set because it offers a practical balance: 128-bit post-quantum security without the signature sizes that make Level 5 unwieldy for high-throughput audit chains.
Why provenance matters in multi-agent systems
In a traditional SaaS product, one human clicks a button and an action happens. The audit trail is straightforward. In a multi-agent system, an AI agent reads a customer signal, generates a draft procedure, another agent reviews it, a human approves it, and a third agent executes it. The chain of custody is longer and the surface area for undetected errors is wider. Each handoff needs a receipt that is independently verifiable — without calling back to the issuing server.
Synaura’s provenance receipts capture the agent identity, the action taken, the evidence cited, the policy that authorized it, and the vector clock state at the time of the decision. The receipt is then signed with the organization’s ML-DSA-65 private key. Anyone with the corresponding public key — your auditor, your compliance officer, a regulator — can verify the receipt offline. No API call required. No trust in Synaura required.
How CAMP solves the consistency problem
Signatures alone do not prevent conflicts. When two agents write contradictory information about the same topic at roughly the same time, you have a consistency problem. Our answer is CAMP (Consistency, Authorization, Memory, Provenance) — a protocol that combines vector clocks for structural conflict detection, BGE embeddings for semantic similarity, and LLM-powered contradiction classification. Every memory write goes through a pre-write check. If CAMP detects a conflict, the conflict becomes a first-class object — never silently overwritten, always surfaced for resolution.
The combination of signed provenance receipts and the CAMP consistency protocol gives Synaura a property we think is essential for enterprise AI: verifiable correctness. Not “trust us, we logged it.” But “here is a mathematical proof that this action was authorized under this policy at this point in the causal history.”
We are building Synaura for a world where AI agents make consequential decisions on behalf of companies. In that world, the audit trail is not a nice-to-have. It is the product.