Security & Trust

Each invocation returns an Ed25519 signature over (artifact SHA, input SHA, output SHA, issuer key ID). Verify offline with a public key — no call back to us required. If a receipt verifies, the answer is exactly what the named artifact computed.

A full agentic session compresses into one hierarchical Merkle root. We anchor that root to the Bitcoin blockchain via OpenTimestamps. No tokens, no validators, no chain integration on your end — just a confirmed timestamp you can show a regulator.

Run with multiple signing issuers and decide per-tenant which keys you trust. Forking the runtime cannot fake the issuer signature; the manifest you hold is what defines the trust boundary.

Hierarchical Merkle plus selective-disclosure exclusion proofs let you reveal only the receipts a regulator or auditor needs. No bulk dumps, no opening the rest of the session.

We hash inputs and outputs for receipt purposes; we do not retain them. The catalog runs in our hosted MCP for trial users; private deployment is available on request.

EU AI Act Article 12, FRE 901, and FDA SaMD record-keeping requirements are addressed by construction — they are properties of the receipt format, not promises in a policy document. SOC 2 Type II is on the roadmap.