Exactly. The moment an agent touches prod, "we logged it" isn't enough — you need "here's the cryptographic proof of what happened, and you can verify it without trusting us."

Compliance teams (SOC 2, EU AI Act Article 12) will demand this. The nice part is RFC 6962 is already battle-tested at scale — Certificate Transparency processes billions of entries. Same math, different domain.