OPEN SOURCE · APACHE 2.0

Every AI action,
on the ledger.

AI agents act without proof. They call tools, get results, and nobody can verify what actually happened. Tressellate fixes this — a layered framework that gives agents structured access to Hiero so every action is cryptographically auditable.

The LLM proposes. The ledger disposes.

View on GitHub See the architecture →
$ git clone https://github.com/tressellate/tressellate.git click to copy
The Problem

Every other MCP server is a trust-me API

An agent calls a tool, gets a result, and has no way to verify the response wasn't spoofed, manipulated, or fabricated. That's fine for weather data. It's unacceptable for finance, procurement, or carbon verification.

Without Tressellate

Agent trusts the tool.

The agent calls a procurement API. It gets back "approved." Was it actually approved? By whom? When? Against which policy? The agent can't know. The auditor can't know. The response is just a string.

With Tressellate

Agent trusts the ledger.

The same action returns a Hiero transaction ID with a consensus timestamp and cryptographic proof. The approval, the approver, the policy version — all on-chain. Verifiable by anyone, retroactively, forever.

Architecture

Five layers, each does one thing

Infrastructure separated from domain logic. Developers work in their domain language — certificates, milestones, provenance — not the ledger's.

L5
Application + Server — WHERE
MCP servers exposing domain tools to AI agents
YOUR DOMAIN
L4
Domain Rules — WHY
Business constraints and schemas composing core primitives
YOUR DOMAIN
Open Source · Apache 2.0
L3
Asset Types — WHAT
7 universal primitives + 5 operation factories for any tokenized asset
OPEN SOURCE
L2
Guardian Tools — WHO
Identity, governance, and verification through Hedera Guardian
OPEN SOURCE
L1
Hashgraph Tools — HOW
22 infrastructure primitives for Hiero: accounts, tokens, topics, NFTs, queries
OPEN SOURCE
Layer 3 · The Tessellation

Seven tiles that cover any domain

Like tiles in a tessellation, these 7 primitives fit together with no gaps. An AI agent learns the shapes once and reasons about any regulated domain — crop certificates and drug lot certifications are both Certificate tiles.

Certificate
Verified attestations — crop yields, drug lots, quality certs
Provenance
Origin and custody tracking — parts, supply chain steps
Credit
Quantifiable units of value — energy credits, carbon removal
Agreement
Multi-party contracts — leases, NDAs, service agreements
Inspection
Evaluation results — soil tests, audits, assessments
Milestone
Progress markers — payments, deliverables, phases
Claim
Assertions requiring verification — insurance, warranties
Agentic Transparency

The execution boundary is
the accountability boundary

The LLM's internal reasoning will always be opaque — and that's irrelevant. The model has no unmediated authority. It can only call tools with defined parameters, and every action is validated by deterministic layers below.

Standardized tool contracts

Every agent–tool interaction uses explicit JSON-RPC schemas with defined parameters, constraints, and predictable responses. Developers and auditors inspect exact interfaces without touching model weights.

Built-in traceability

Every MCP interaction is inherently loggable: tool discovery, calls, parameters, results, errors. A machine-readable chain of actions far easier to audit than opaque neural activations.

Ledger-grounded trust

Other frameworks let agents blindly trust tool responses. Tressellate grounds every high-stakes action in on-ledger proofs. Even if the AI hallucinates, the outcome is verifiable against the immutable ledger.

Detecting agentic drift

Over autonomous iterations, AI agents gradually diverge from intended parameters. Fixed-contract interfaces and per-action ledger attestation make drift detectable by design, not in retrospect.

Industry Ready

Any regulated industry, same seven tiles

Define your domain at Layer 4, build tools at Layer 5 — the framework handles ledger operations, audit trails, and governance. From agriculture to infrastructure, every industry tessellates the same way.

🌾
Agriculture & Food
Crop certification, soil inspections, farm-to-market provenance and food safety traceability.
Certificate + Inspection tiles
crop_cert_create({ crop: "rice", yield_kg: 4200 })
Energy & Environment
Renewable energy credits, carbon offsets, emissions tracking, and environmental compliance.
Credit + Certificate tiles
rec_mint({ source: "solar", mwh: 150 })
🏢
Built Environment
Property agreements, construction materials verification, infrastructure contracts, and permit lifecycle.
Agreement + Milestone tiles
lease_create({ tenant: "0.0.123", months: 12 })
💊
Healthcare & Pharma
Drug lot certification, GMP compliance, cold-chain custody, and clinical trial provenance.
Certificate + Provenance tiles
drug_cert_create({ lot: "B-2024-07", gmp: true })
🚛
Manufacturing & Logistics
Parts provenance, quality certifications, custody chains, and cross-border compliance.
Provenance + Certificate tiles
parts_prov_create({ part: "AX-100", origin: "DE" })
Commercial Extensions

Beyond open source

Production deployments requiring advanced resilience and physics-bounded intelligence.

Resilience Layer
LNC
Linear Network Coding solves the Dual-Record Pattern vulnerability — where on-chain hashes point to off-chain data that can disappear. Polynomial proofs and coded packets ensure data is mathematically reconstructible from any sufficient subset of nodes.
Coming soon
Intelligence Layer
DCL
Domain Coupled Learning enforces physical laws on AI agent actions — the intelligence behind the tessellation. An LLM proposes, DCL validates against domain physics, and only physically possible actions execute on-chain.
Coming soon
Quick Start

Running in ten minutes

Clone, build, connect your MCP client. The agent discovers tools automatically.

terminal
# Clone and build
git clone https://github.com/tressellate/tressellate.git
cd tressellate
bun install
bun run build

# Configure Hedera testnet
export HEDERA_NETWORK=testnet
export HEDERA_OPERATOR_ID=0.0.xxxxx
export HEDERA_OPERATOR_KEY=your-private-key
export HEDERA_SUPPLY_KEY=your-supply-key

# Start any example server
cd examples/servers/lease
bun run dev

# Connect Claude Desktop, Cursor, or any MCP client
# Agent discovers tools: lease_create, lease_verify, lease_get_audit
Get Involved

Build on Tressellate

Whether you're building a new domain, evaluating AI governance for your organization, or contributing to the open-source core.

Start building Read the docs