For Compliance Officers

End-to-end governance for AI work — auditable, signed, regulator-ready.

Every Skill chain, every agent run, every tool call lands in one hash-chained audit log pre-mapped to NIST AI RMF (59 controls), ISO 42001 (44 controls), and EU AI Act high-risk obligations. Export as an Ed25519-signed Evidence Pack your auditor can verify offline — without our server.

See it in 5 minutes →Read the architecture

59 controls pre-mapped

NIST AI RMF, ISO 42001, EU AI Act loaded out of the box. Per-org overrides — add, remove, or approve mappings without forking the catalog. Compliance team owns the policy, your engineering team owns the workflow.

docs/architecture/05-compliance.md

Hash chain + Ed25519 signed

Every audit row carries SHA-256 chain with org_id in the hash, so cross-org tampering is structurally detectable. Evidence Pack export signs the manifest with Ed25519; a regulator can verify the pack offline using a standalone Python script.

tools/verify_evidence_pack.py

Workflow + agent unified

Skill chains (intake → triage → review) and agent runs (Claude Code / Codex CLI / Hermes) go through one policy gate, one audit chain, one cost gate. Partial governance is no governance — auditors don't accept partial.

docs/strategy/2026-05-18-end-to-end-governance-thesis.md

Why teams pick us

The product surface isn't load-bearing — the substrate is. These three properties are what hold up under a regulator's third question, not the first.

Multi-tenant by construction

Every row in every table carries org_id. The audit chain hash includes org_id, so cross-tenant tampering is structurally detectable — not just policy-detected. Per-org filesystem isolation under data/projects/{org_id}/. 2,072 passing tests pin the isolation contract on every PR.

docs/architecture/01-multi-tenancy.md

Self-improving policies, HITL-gated

The system proposes Gene fragments when quality drifts. Sandbox A/B them against failing samples. An admin approves before they go live. Every approval has an approver name + rationale + linked diff in the audit chain. Reversible. Never auto-applied.

services/gene_library_service.py + /dreams UI

Open verifier, no vendor lock-in

The evidence pack verifier is a 200-line standalone Python script in the repo. Your auditor downloads it once and verifies any pack offline — forever, even if Proofpane disappears. Other vendors' 'compliance reports' need their server to validate. Ours don't.

tools/verify_evidence_pack.py

What the auditor receives

One signed zip per time range. The manifest enumerates every event in the slice, the chain hash at start and end, and the compliance coverage matrix. The verifier is open-source and standalone.

# Verify offline — no Proofpane server required.
$ python3 tools/verify_evidence_pack.py q3-2026-evidence.zip
✓ Manifest signature valid (Ed25519 key fingerprint: a8:1f:…)
✓ Audit chain intact: 14,392 events, no gaps
✓ Compliance coverage:
    NIST AI RMF       → 59/59 controls observed
    ISO 42001         → 44/44 controls observed
    EU AI Act         → 12/12 high-risk obligations observed
✓ Org isolation:   alice_org events: 14,392  bob_org events: 0
✓ Pack is verified.

Are you an engineer, not a compliance officer?

See the developer-facing pitch →