July 7, 2026
Audit trail or audit fail?
Show HN: Halo – open-source, tamper-evident runtime evidence for AI agents
This AI lie detector has commenters cheering, roasting, and asking who watches the watcher
TLDR: Halo is an open-source tool that creates hard-to-fake logs of what an AI agent does, so companies can show customers proof instead of promises. Commenters loved the idea but instantly turned it into a trust drama, questioning who verifies the verifier and whether normal audit logs are really so easy to change.
A new open-source project called Halo is pitching itself as the receipts machine for AI agents: every action an AI assistant takes gets written into a log that’s supposed to be tamper-evident, so a company can’t quietly rewrite history later. In plain English, it’s trying to answer the scary customer question: “What exactly did your AI do with our data?” The creator even invited the internet to come smash it: please try deleting lines, changing numbers, and see if the report catches the fraud. Naturally, the comment section smelled blood.
The reaction was a delicious mix of curiosity, suspicion, and nerd side-eye. One builder jumped in with a friendly “same hat,” saying auditability is also core to their own agent framework, while asking the practical question everyone wanted answered: what tools does this actually work with? But the sharpest drama came from the skeptics. One commenter brutally called it “very slop” while still admitting the idea is good, then landed the real punch: if no major trusted group hosts the outside “witness,” who exactly is keeping the keeper honest? Another commenter zeroed in on the project’s claim that ordinary audit logs can be edited and shot back with a dry, devastating: “Why would these be editable?” Ouch.
And then came the classic community mood swing from theory to vibes: can this watch Claude Code or Codex too? That’s the real internet test — less white paper, more “will it work on the thing I’m using tonight?”
Key Points
- •Halo records AI agent actions in an append-only, hash-chained log designed to be tamper-evident and independently verifiable.
- •The reference implementation includes a recorder, verifier, witness client, and report server, and the record format is open and free to implement.
- •The project emphasizes limited trust assumptions by using only Python standard library runtime dependencies, optional witness network calls, and local-only record contents.
- •Halo can be used directly with a Python wrapper or connected to existing telemetry and agent stacks such as OpenTelemetry, LiteLLM, LangChain, LangGraph, Langfuse, OpenAI Agents SDK, and Claude tooling.
- •The article distinguishes integrity from completeness and says completeness requires an external witness holding periodic chain fingerprints outside the operator's control.