Skip to main content
Every PRYSM completion ships with a PrysmProof: a cryptographic receipt that records exactly what happened — which model and provider ran, in which mode, over which input and output — as a SHA-256 hash you can store and later verify. When routing is automatic, “which model actually answered this?” stops being a matter of trust. PrysmProof makes each decision auditable: an immutable record for compliance, debugging, billing disputes, and reproducibility.

What’s in a proof

Each response’s prysm.proof block looks like this: 
{
  "request_id": "b1e7c0d2-3f4a-5b6c-7d8e-9f0a1b2c3d4e",
  "timestamp": "2026-06-02T18:24:01.123456+00:00",
  "proof_hash": "sha256:a1b2c3d4e5f6a7b8",
  "model": "DeepSeek V3.2",
  "provider": "deepseek",
  "mode": "balanced",
  "reason": "Code: 95% cheaper than GPT-5.2",
  "verifiable": true
}
FieldDescription
request_idUnique ID for the request — use it to verify later.
timestampUTC ISO-8601 time the proof was generated.
proof_hashThe receipt: sha256: followed by the hash digest.
modelHuman-readable model that produced the response.
providerUpstream provider that served the call.
modeRouting mode used (quality, balanced, agility, or direct).
reasonWhy this model was chosen.
verifiableWhether the proof can be checked against PRYSM’s records.

How the hash is computed

The proof_hash is a SHA-256 digest over a canonical, sorted JSON payload binding the request together: 
proof_hash = SHA-256(
  request_id +
  timestamp +
  model + provider + mode +
  SHA-256(messages)[:16] +      # prompt fingerprint
  SHA-256(response_text)[:16] + # response fingerprint
  input_tokens + output_tokens
)
Because the prompt and response are folded in as fingerprints, any change to the input or output produces a different hash. The receipt is bound to the exact exchange, not just to “a call happened.”
The proof commits to fingerprints of your prompt and response, not the raw text — so the receipt is verifiable without PRYSM having to expose your content in the proof itself.

Verifying a proof

Look up any proof by its request_id. This endpoint is public (no auth) so a third party — an auditor, a customer, a teammate — can independently confirm the record: 
from prysm import Prysm

client = Prysm()
print(client.verify_proof("b1e7c0d2-3f4a-5b6c-7d8e-9f0a1b2c3d4e"))
Response
{
  "verified": true,
  "request_id": "b1e7c0d2-3f4a-5b6c-7d8e-9f0a1b2c3d4e",
  "entry": {
    "model": "deepseek-v3.2",
    "provider": "deepseek",
    "mode": "balanced",
    "input_tokens": 18,
    "output_tokens": 240,
    "cost_usd": 0.000106,
    "timestamp": "2026-06-02T18:24:01.123456+00:00"
  }
}
If no record matches the ID, the endpoint returns 404 proof_not_found.

Reading the proof from an SDK

Use extension() to pull the proof off a response: 
from prysm import extension

ext = extension(resp)
print(ext.proof.proof_hash)   # "sha256:a1b2c3d4e5f6a7b8"
print(ext.proof.request_id)   # store this to verify later

Use cases

Compliance & audit

Keep an immutable record of which model handled regulated or sensitive work.

Billing disputes

Reconcile usage and cost against verifiable per-request receipts.

Debugging

Reproduce a routing decision exactly — model, mode, and reason are all recorded.

Trust for agents

Prove to downstream consumers what an autonomous agent actually ran.
Set log_proofs: true in your BRAIN.md to emit a PrysmProof for every request by default.