BlindOracle · Dogfood Self-Audit
BLINDORACLEACT · COMMIT · VERIFYAgent AAgent BProof

We audited our own agents — and you can verify it yourself

The obvious objection to an agent-audit company is who audits the auditor? So we ran our own methodology against our own production fleet, published the findings, and shipped a key-free verifier so you don't have to take our word for any of it.

1 · The self-audit (2026-05-24)

We pointed our MASSAT ASI checklist at the BlindOracle fleet — the same OWASP-ASI assessment described in the audit methodology and walked through in the compliance-hook codewalk.

1.7/10
residual risk — low
ASI03
top finding — identity hygiene
0
high/critical findings

Honest result, including the warts: the audit flagged that the top-level blindoracle handle had not yet minted an ERC-8004 passport (ASI03 identity), and was not yet in the credential registry (ASI10). Both are identity-hygiene items, not exposures — remediation is a one-command onboard, and it's why we treat verifiable delegation and signed agent identity as table stakes. A self-audit that only ever returns "perfect" isn't an audit.

2 · The part you don't have to trust us on

A self-reported score is weak evidence. So here's the strong evidence: on 2026-05-30 we ran 30 real agent activities through the fleet, each one paid and settled on-chain, each one recorded in a signed delegation chain. Then we verified the whole thing with a key-free verifier — no BlindOracle secret, no API — the model we argue for in agents without surveillance and auditable AI proof chains.

30/30
activities settled on Base
60
record delegation chain (unbroken)
4/4
independent checks PASS
$0.30
real USDC settled

The verifier confirms four things without trusting us — the same shape of evidence we describe in trusting an agent you've never met and when agents pay agents:

CHECK 1 integrity  : 60 delegation records hashed — OK
CHECK 2 chain      : prev_hash links — OK (unbroken)
CHECK 3 completeness: 60 cited delegation ids, 0 missing — OK
CHECK 4 on-chain   : 30/30 settled txs confirmed on Base (status=1, to=USDC) — OK
RESULT: PASS — every agent activity independently verified, no trust in BlindOracle required.
Anyone can re-run this against the public Base chain. The verifier re-derives the hashes, walks the delegation chain, and checks each settlement transaction on-chain. If we had altered a single record after issuance, CHECK 1 or 2 fails. That is the difference between an audit you trust and an audit you verify — see the trust gap in the agent economy.

3 · Mapped to the frameworks your assessor uses

The self-audit findings map across OWASP ASI Top 10, NIST AI RMF, and ISO/IEC 42001 — the same crosswalk we apply to customer audits, shown end-to-end in the worked MASSAT crosswalk and the Agent Audit Evidence Kit.

FindingOWASP ASINIST AI RMFISO 42001Status
Identity / passportASI03GOVERN, MANAGE7 Supportremediation: mint passport
Credential registryASI10GOVERN5 Leadershipremediation: register handle
Delegation attributionASI03 / ASI07MEASURE8 Operationverified — signed chain
Tamper-evidenceASI06 / ASI10MEASURE9 Performanceverified — key-free PASS

For why this matters in 2026 specifically — Texas TRAIGA's NIST-alignment safe harbor and the EU AI Act enforcement window — see the legal agent stack. New to the model? Start with how it works; the broader context is in the agent security crisis and the how-to on BlindOracle.

We'll run the same audit on one of your agents — free

An inventory, findings mapped to your framework, and a verifiable evidence pack. 20 minutes to scope it. Pricing for a managed audit is on the pricing page.

Book a free audit →

Related Resources