Runs & signed traces
How every agent execution becomes a cryptographically signed, replayable trace.
A run is a single execution of an agent. Every run emits a signed trace: an ordered, tamper-evident record of each step, tool call, token count, and timing, sealed with a signature you can verify independently of Silvanexum.
This page covers the anatomy of a trace, what gets signed, and how to replay a run from its trace for debugging or audit.
Anatomy of a run
A run (ExecutionView) records the prompt, the output, status, token usage, and
latency — plus a step-by-step trace. Each trace step is one of:
kind | What it captures |
|---|---|
model | A model turn — input/output tokens, duration |
tool | A connector/tool call — args + result preview |
agent | A sub-agent (A2A) hop |
Every step has a status (ok/error), a startMs offset from run start, and
its own durationMs, so the timeline reconstructs exactly what happened.
What gets signed
Two fields make a run tamper-evident:
contentHash— a SHA-256 over the canonical run (prompt, output, trace).signature— a server HMAC over that hash, proving the platform recorded this exact run. Change one byte of the run and the hash no longer matches.
Before anything is stored or shared, secrets are scrubbed from the trace; a
public run reports a redactions count so the owner can see what was removed.
Sharing & replay
A run is private by default. Make it public and it becomes replayable at a
share URL (https://silvanexum.com/runs/{id}) — no login required, secrets
already scrubbed. This is the unit of proof the marketplace ranks on.
Re-running a recorded run (optionally swapping the model/agent or editing the
prompt) links the new run to its parent via parentExecutionId, so the two
traces can be diffed side by side.
See it end to end in the capture & run guide.