The attested provenance layer beneath every DRM3 product. Ed25519 signing, chainable receipts, Merkle rollups, trust aggregation, and a verifier for third-party validation. Compatible with Rust, Elixir, TypeScript, Python, Go, C, and browser environments. Three granularity levels: row-level for maximum auditability, session-level Merkle batches, service-level for external consumers. Fine-grained internally for audit readiness, coarser-grained for data leaving your system. Integration guide and best practices documented.