Skip to main content

Audit Logging

Every action in Steward is logged: every signing request, every API proxy call, every policy decision, every credential access. The audit log is append-only, queryable, and exportable.

What’s Logged

Event TypeDescriptionExample
wallet_signTransaction signing requestAgent signed 0.05 ETH to 0xDEX
wallet_sign_typedEIP-712 typed data signingAgent signed permit for USDC
wallet_sign_solanaSolana transaction signingAgent signed SOL transfer
api_proxyAPI request through proxyAgent called OpenAI completions
policy_evaluatePolicy evaluation resultSpending limit check passed
secret_decryptCredential decryption for injectionOpenAI key decrypted for proxy
approval_requiredTransaction queued for approvalTX exceeds auto-approve threshold
tx_approvedManual approval grantedTenant admin approved TX
tx_rejectedTransaction rejectedPolicy denied or admin rejected

Log Entry Structure

Every audit log entry includes: 
{
  "id": 12345,
  "tenantId": "milady-cloud",
  "agentId": "agent-7a3f",
  "action": "wallet_sign",
  "resource": "vault/agent-7a3f/sign",
  "result": "allowed",
  "details": {
    "to": "0xDEX_ROUTER",
    "value": "50000000000000000",
    "chainId": 8453,
    "txHash": "0x8d7592b..."
  },
  "policyResults": [
    { "type": "spending-limit", "passed": true },
    { "type": "approved-addresses", "passed": true },
    { "type": "auto-approve-threshold", "passed": true }
  ],
  "costUsd": null,
  "latencyMs": 1240,
  "tokenJti": "jwt-unique-id",
  "createdAt": "2026-03-26T15:08:00Z"
}

Transaction History

Every agent has a complete transaction history: 
const history = await steward.getHistory("agent-7a3f");
// Returns all signing requests: signed, rejected, and pending
Transaction records include:
  • Statussigned, pending, rejected
  • Policy results — full evaluation details
  • TX hash — for broadcast transactions
  • Timestamps — created, signed, resolved

Webhooks

Steward dispatches webhooks for key events. Configure your webhook URL per-tenant: 
await fetch("https://api.steward.fi/tenants/your-tenant/webhook", {
  method: "PUT",
  headers: {
    "X-Steward-Key": "your-key",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    webhookUrl: "https://your-server.com/steward-webhooks",
  }),
});
Webhook events: 
{
  "type": "approval_required",
  "tenantId": "your-tenant",
  "agentId": "agent-7a3f",
  "data": {
    "txId": "550e8400-...",
    "results": [
      { "type": "auto-approve-threshold", "passed": false, "reason": "..." }
    ]
  },
  "timestamp": "2026-03-26T15:08:00Z"
}

{
  "type": "tx_signed",
  "tenantId": "your-tenant",
  "agentId": "agent-7a3f",
  "data": {
    "txId": "550e8400-...",
    "txHash": "0x8d7592b..."
  },
  "timestamp": "2026-03-26T15:08:01Z"
}

{
  "type": "tx_rejected",
  "tenantId": "your-tenant",
  "agentId": "agent-7a3f",
  "data": {
    "txId": "550e8400-...",
    "results": [
      { "type": "spending-limit", "passed": false, "reason": "Exceeds daily limit" }
    ]
  },
  "timestamp": "2026-03-26T15:08:00Z"
}

{
  "type": "tx_failed",
  "tenantId": "your-tenant",
  "agentId": "agent-7a3f",
  "data": {
    "error": "Insufficient funds for gas",
    "requestId": "req-123"
  },
  "timestamp": "2026-03-26T15:08:00Z"
}

Compliance

Steward’s audit log supports compliance requirements:
  • Immutability — Append-only log; entries cannot be modified or deleted
  • Retention — Configurable per-tenant (default: 90 days hot storage)
  • Export — API endpoint for bulk export (CSV/JSON)
  • Partitioning — Monthly partitioned tables for query performance at scale