Home/Compliance

Every agent decision,
hash-chained and verifiable.

We built our audit infrastructure for the regulated buyer first: finance, healthcare, EU enterprises. SHA-256 chained rows, tamper-evident verification, SOC 2 architecture, GDPR export & erasure, no model training on your data. This is what EU AI Act Article 12 actually requires of high-risk AI systems — and it's rare in agentic AI.

SHA-256
chained per row
EU AI Act
Article 12 ready
SOC 2
Type II in progress
72 hrs
GDPR turnaround
01 · How the chain works

Tamper one byte. The chain breaks.

When an agent makes a decision — classifies an email, posts an invoice, sends an outreach message — we write a row to the audit log. Each row contains the actor, tenant, action, inputs, outputs, and timestamp.

Then we compute row_hash = SHA256(prev_hash + row_content). Each row's hash depends on the row before it. To rewrite history, you'd have to recompute every hash forward in the chain — and our verify endpoint walks the whole chain looking for the first broken link.

This isn't novel cryptography. It's how git works. It's how blockchains work. It's how serious audit systems work. What's novel is that no other agentic AI platform ships it today.

# Row 1: agent decision
{
  id: "evt_8a3f...",
  actor: "agent.recruiter",
  tenant: "cust_482",
  action: "intro_sent",
  prev_hash: "0000...0000",
  row_hash: "f8b4...c91e"   # SHA256(prev + content)
}

# Row 2: customer outcome
{
  id: "evt_9b1c...",
  actor: "outcome.ledger",
  tenant: "cust_482",
  action: "intro_accepted",
  prev_hash: "f8b4...c91e",  # ↑ row 1's hash
  row_hash: "2e1a...883d"
}

# verify():
#   1. recompute SHA256 for each row
#   2. compare to stored row_hash
#   3. return first index where mismatch
#   4. if no mismatch → chain valid
02 · Frameworks

What each framework asks for. What we ship.

EU AI Act (high-risk systems)

What the framework asks
  • Article 12: automatic recording of events (logs) during the lifetime of the system
  • Article 14: human oversight measures, including the ability to override outputs
  • Article 15: accuracy, robustness, and cybersecurity
  • Article 17: post-market monitoring
What we ship
  • Hash-chained audit log per tenant with verify() endpoint
  • WhatsApp / Slack / in-app approval gates on every billable action
  • Self-healing workflows with retry, backoff, and circuit breakers
  • Run console with cost, latency, and outcome tracking per tenant

SOC 2 (Type II in progress)

What the framework asks
  • Security: access controls, encryption, change management
  • Availability: uptime monitoring, incident response
  • Confidentiality: data isolation, encryption at rest and in transit
  • Privacy: GDPR-aligned data handling
What we ship
  • Tenant isolation via client_id scoping on every database query
  • TLS 1.3 in transit, AES-256 at rest (MongoDB Atlas)
  • JWT auth with short-lived tokens and refresh rotation
  • Per-tenant budget caps that halt runs, not just alert

GDPR

What the framework asks
  • Article 15: right of access (export all data on a subject)
  • Article 17: right to erasure (delete on request)
  • Article 30: records of processing activities
  • Article 35: DPIA for high-risk processing
What we ship
  • Admin export endpoint: full subject data as JSON
  • Erasure with cryptographic tombstones (preserves chain integrity)
  • Audit log doubles as RoPA — every processing event recorded
  • DPIA template available under NDA
03 · Posture summary

The short version, for your security team

  • — Data residency: US-East, US-West, EU-Central, AP-South (your choice)
  • — Encryption: TLS 1.3 in transit, AES-256 at rest, KMS-managed keys
  • — Inference: Claude via Anthropic API, no-training default, region-matched
  • — Audit: SHA-256 hash-chained, per-tenant, verify() endpoint
  • — Tenant isolation: client_id scoping on every read and write
  • — Budget caps: hard-halt at customer-set monthly limit
  • — Human override: every billable action gated by approval (WhatsApp / Slack / in-app)
  • — Subject rights: 72-hour turnaround on export and erasure
  • — Pen testing: annual third-party (report under NDA)
  • — Incident response: 4-hour notification SLA on Sev-1