Audit

Chronicle

The record layer of the self-hosted stack.

The record primitive of the stack, run inside your perimeter. The one audit trail every other primitive writes to — a queryable knowledge graph of every actor, plus the append-only, cryptographically chained log of every action, keyed to Sigil and Capability Grant.

Chronicle is a primitive of the Visca stack — it ships with the stack, versions with the stack, and audits with the stack. It is not separately purchasable.

Try Visca Cloud Read the docs

What it is

The role Chronicle plays in the stack.

Chronicle is the single answer to the question every security team must be able to ask: who did what, under whose authority, when, and why. Because the stack is one ecosystem, every primitive emits to the same Chronicle, and every event references the same Sigil and Capability Grant — one audit trail, not a dozen disjoint logs. Two views over the same substrate: a graph view of actors, their lineage, their Bundles, their capabilities, and their relationships — and an immutable, chronologically chained log view, queryable by Sigil, by Capability Grant, by resource, by time. Cryptographically tamper-evident: any modification to a past event invalidates the chain forward. It lives inside your perimeter, so the complete record of what your agents did never leaves your control.

The problem

What goes wrong without it.

Stitch the stack from a dozen projects and the information needed to answer accountability questions ends up scattered across framework traces, tool-side logs, identity events, and model-provider logs — much of it in vendors you cannot subpoena. None share an identity, a schema, or a chain of authority. Stitching them together to answer a single question is hours of human work — and for security, compliance, and incident response teams, that is the blocker on autonomy adoption.

Capabilities

What Chronicle does.

Event-driven knowledge graph spanning Sigils, capabilities, fleets, runtimes, and actions
Append-only audit, Sigil-keyed and cryptographically chained for tamper-evidence
Cross-product queries — every Visca product emits to the same Chronicle
Lineage queries — who spawned this, on whose authority, with what permission
SIEM and GRC export adapters (Splunk, Datadog, Snowflake, Elastic, ServiceNow)
Anomaly detection across actor classes
Compliance-grade retention with tiered storage
Replay support — for any past action, reconstruct the actor's full context

A typical query

What Chronicle looks like in code.

-- In the last quarter, which actors held stripe:refund,
-- who authorized each grant, what was the largest refund issued,
-- and what was the consent trail?

SELECT actor.sigil, grant.principal, action.amount, consent.trail
FROM   chronicle.actions action
JOIN   chronicle.grants  grant ON action.grant = grant.id
JOIN   chronicle.actors  actor ON grant.sigil  = actor.sigil
WHERE  grant.capability = 'stripe:refund'
  AND  action.at >= now() - interval '3 months'
ORDER BY action.amount DESC;

Open and commercial

Built in the open. Run in your tenancy.

Chronicle has two surfaces: an open-source reference in Lattice Runtime (MPL 2.0), and a managed delivery as part of the Visca stack on Visca Cloud. Features in the open never move behind the paywall.

Open

Lattice Runtime — open foundation

MPL 2.0 · self-hostable · foundation-track governance

·Audit Envelope specification
·Local Chronicle store
·Reference query API

Commercial

Visca Cloud — managed sovereign delivery

Your tenancy · dedicated · self-managed · air-gapped

·Hosted Chronicle at any scale
·Tiered retention with multi-year hot query
·SOC 2, ISO 27001, HIPAA, FedRAMP — targeted (see Compliance Roadmap)
·SIEM and GRC tool integrations
·Anomaly detection and behavioral baselines
·Cross-organization audit federation

Across the stack

Composing with the other planes.

Identity

Sigil

The identity layer of the self-hosted stack.

The identity primitive of the stack, run inside your perimeter. Issues, verifies, and revokes the cryptographic identity every autonomous actor holds — bound to principal, runtime, and lineage from the moment of instantiation. The one identity every other primitive trusts.

Authority

Warrant

The authority layer of the self-hosted stack.

The authority primitive of the stack, run inside your perimeter. Brokers every access from an autonomous actor to a consequential resource against its Sigil — identity-bound, scoped, time-limited, and recorded to Chronicle. Long-lived credentials disappear.

Fabric

Plexus

The fabric layer of the self-hosted stack.

The fabric primitive of the stack, run inside your perimeter. Discovery, mTLS, and routing across every autonomous actor and every resource an actor reaches — rooted in the same Sigil identities, not hardcoded URLs, and never crossing your boundary.

Data model

Cast

The data-model layer of the self-hosted stack.

The data-model primitive of the stack, run inside your perimeter. Declare what should exist as versioned source; agents write it as source, humans edit it as a spreadsheet. Plan, apply, drift-detect — all against state that stays in your tenancy.

The whole stack. Self-hosted. One ecosystem.

The entire agent stack, inside your own walls.

Models, identity, tools, voice, payments, runtime, and audit — as one integrated ecosystem, self-hosted, sovereign, air-gapped. Nothing stitched from vendors. Nothing leaves your perimeter. Open at the core. No license rug-pulls, ever.

Try Visca Cloud Read the foundation Talk to us