Every tool call, on the record.
Arc Relay's Compliance Archive turns MCP traffic into tamper-evident records, ready for search, legal hold, and export. Optional, encrypted, and built for regulated teams who need to prove what their agents did.
Why archive AI tool calls?
Agents are business actors
When an agent reads a customer record, sends an email, updates a ticket, or moves money, that's a business event. Regulators, auditors, and your own legal team will want to know who did what, when, and why. "It was the AI" is not a defense.
MCP traffic is the new audit trail
Every MCP tool call carries the full context of an AI decision - who triggered it, which tool ran, what arguments were passed, what came back. That is exactly the material compliance needs, if you capture it.
Local logs are not enough
Plaintext files on disk, rotated out in a week, with no tamper evidence and no search - that's not a compliance record, that's a breadcrumb trail. Real records need encryption, integrity, retention controls, and a defensible audit trail.
Built on Arc Relay
You already have Arc Relay in front of your MCP servers. The Compliance Archive just turns on a middleware. No extra clients, no extra agents on your servers, no extra moving parts.
What the archive gives you
Every MCP request and response streams into the archive as an encrypted, tamper-evident record. From there it's searchable, exportable, and ready for legal hold.
Encrypted delivery
NaCl Box (X25519 + XSalsa20-Poly1305) envelope encryption on top of TLS. The archive endpoint cannot read payloads without the private key.
Tamper-evident records
Every record is sealed when it lands. Downstream edits are visible. Defensible in an audit.
Full-text search
Search every tool call by user, tool name, arguments, or response content. Find the one call that matters in a sea of automation.
Legal hold
Freeze specific records or whole date ranges for litigation, investigation, or regulator requests. Holds block deletion even when retention would otherwise fire.
Retention controls
Set policies per record type. Keep critical records, age out low-value noise. Compliance-grade, not just a log bucket.
Export on demand
Pull JSON, CSV, or compliance-ready bundles for outside counsel, regulators, or your own review. Every export is itself audited.
How it works
Sign up for the archive
Enter your email, receive an activation link, set a password. Takes under two minutes and no credit card required to start.
Copy your archive credentials
Your archive account gives you a webhook URL and bearer token. That's all Arc Relay needs to stream records to the archive.
Turn on the Compliance Archive middleware
In your Arc Relay dashboard, open any server's middleware tab, paste the URL and token into the Compliance Archive section, and save. Traffic starts flowing immediately.
Search, hold, export
Log into the archive to search records, place legal holds, set retention policies, and export evidence bundles when you need them.
Arc Relay works without it
The Compliance Archive is entirely optional. Arc Relay runs fine on its own, writing local logs and streaming events to any webhook you want. The hosted archive is here for teams that need defensible records without standing up the retention and discovery tooling themselves. Turn it on when you need it, leave it off when you don't.
Ready to turn on the archive?
Sign up takes under two minutes. Your data stays encrypted end-to-end, and you can turn the middleware off any time.