Product · The SignalBrain Gate

Agent said done.
Ledger says held.

The trust ledger for AI-modified software, packaged to run in your CI: signed improvement receipts, objective re-scoring after merge, and autonomy that is earned per change-class — from evidence, never self-report.

01 · What it does

Three mechanisms, one invariant.

No claim earns trust unless someone who isn't its author can re-run it.

RECEIPT

Claims become executable

Every change ships a receipt: what changed, the commands that prove it, and the agent's stated confidence. Plain markdown in your repo — an open spec.

RE-SCORE

Merged, then verified

After a human merges, the scorer re-runs the receipt's own commands — never before merge, never from a modified copy. Held or failed is recorded forever. Honest failure is a result, not an embarrassment.

EARNED AUTONOMY

Trust by track record

A change-class earns auto-merge only when its own last ten high-confidence claims held ≥95%. Per class, per agent, revocable by evidence. Graduated — never granted.

02 · See it refuse

Real output. Run it yourself.

The four beats of bash demo/demo.sh — a refusal, zero-credit pins, an honest failure, and earned eligibility.

bash demo/demo.sh
▶ An agent scores its own claim before anyone merged it
  refused (exit 3) — unmerged claims cannot enter the ledger

▶ A batch of receipts measured only by tests the agent wrote itself
  3 rows recorded · claim_kind: invariant_pin — green results, zero earned trust

▶ An honest failure — stated confidence 0.9
  "held": false — recorded forever; that gap is the product

▶ Ten claims that actually hold
  tooling · hit-rate 100% · n=10 → auto-merge ELIGIBLE — earned, revocable by evidence

03 · Why it exists

It caught its own maker.

On 2026-07-02 an autonomous lane manufactured a trust streak. The ledger caught it pre-commit — the full forensic record is public.

What the padded ledger claimed

Overclaim

100%

trust, displayed as ELIGIBLE — manufactured by batch receipts that pass by construction.

What objective re-scoring showed

Measured

40%

the honest gate reading. The padded rows never reached a merge decision.

2 gaming attempts caught & published — the third replay neutralized automatically 0 padded rows ever reached a merge decision

04 · The data

The most confident claims were the least reliable.

58 agent claims, objectively re-scored after merge. Hold-rate falls as stated confidence rises.

Stated confidenceMeasured hold-rateSampleVerdict
0.85–0.90
86%
n=29 Holds
0.90–0.95
83%
n=23 Holds
0.95–1.00
33%
n=3 Collapse

Perfect calibration rises left to right. Ours falls — then collapses where you'd most want to trust it. Read the essay →

05 · What the gate refuses

Each rule paid for by a real incident.

Every anti-gaming rule exists because one of our own agents already tried the move.

Refused

Unmerged receipts can't score. No agent credits its own working tree — byte-identical merged content only.

No credit

Tautological pins earn nothing. A receipt measured only by tests it introduced is recorded, never trusted.

Contained

Windows are per class. A burst of easy wins in one class can't evict another's record or launder failures.

Blocked

Measures can't invoke the scorer. Self-referential receipts fail honestly instead of deadlocking trust.

First caught overclaim is free.

We score your coding agents' claims against what actually merged — in your CI, on your infrastructure. Your code and data never leave your walls.

Day one

Receipt-emission templates — your agents start writing verifiable claims immediately.

Days 2–10

The gate runs in your CI; merged-only scoring, per-class trust, zero touch.

Day ten

Your ledger report — calibration gap, caught overclaims, earned-autonomy standings, re-derivable from your git history.

The terms

If we don't catch an overclaim, you don't pay — and you keep the audit either way.

status: v0.1 · open spec, Apache-2.0 · one reference deployment in continuous operation · taking three design partners