AI Governance Evidence Module

Prove Your AI Did What You Said It Did

Log every AI decision with cryptographic proof. Export verifiable evidence for regulators, auditors, and enterprise buyers. Part of ProlixoTech Evidence Vault.

Get Started Try Verification
EU AI Act NIST AI RMF Colorado AI Act

What You Get Today

Shipping now. Battle-tested in production.

AI Inference Logging

Log AI inference inputs, outputs, and context via Python SDK or REST API.

Policy Versioning (Time Machine Defense)

Link each AI decision to the exact policy version that governed it. Prove what rules were in effect at any moment.

Human Oversight Logging

Record reviewer actions for high-risk decisions. Capture who reviewed, when, and what they decided.

KMS-Signed Receipts

Every logged event is signed with AWS KMS (ECDSA P-256). Tamper-evident by design.

Daily Merkle Chain Linking

Records are chained in daily Merkle trees. Any tampering is mathematically detectable.

Evidence Index Export

Export evidence packages with verification URLs. JSON and CSV formats available.

Public Verification API

Auditors verify receipts without creating an account. No ProlixoTech access required.

REST API

Full REST API for any HTTP client. Integrate from any language or platform.

What Gets Logged

Clear boundaries. No surprises.

We Log

  • AI inference inputs and outputs (you choose what to include)
  • Policy version at time of decision (Time Machine Defense)
  • Human oversight actions and reviewer identities
  • Data sources used (RAG databases, training datasets)
  • Timestamps with cryptographic signatures
  • Merkle chain linking for tamper-evidence

We Don't Log

  • Model weights or architecture details
  • Raw training data or proprietary datasets
  • API keys, secrets, or credentials
  • Internal system metrics or telemetry
  • Anything you don't explicitly send us

Governance Workflow

From inference to audit-ready evidence in one pipeline.

Log AI Decisions

SDK captures inputs, outputs, and context. Signed and chained instantly.

Track Policy Changes

Policy versioning links each decision to the rules that governed it.

Record Human Oversight

Log reviewer actions for high-risk decisions. EU AI Act Article 14 ready.

Detect Drift

Receipts reveal when behavior diverges from documented policies.

Export Evidence

JSON, CSV packages with verification URLs for auditors.

Verify Independently

Third parties verify via export links. Evidence bundles work offline.

Try It Yourself

Enter an event ID from any verification link or export.

Verify a Receipt

Auditors verify directly from their export package.

Simple Integration

Add governance logging to your AI pipeline in minutes.

Python 
from solymus import Solymus, PolicyContext, HumanIntervention

# Initialize
log = Solymus(
    tenant_id="your-company",
    api_key="your-api-key"
)

# Log inference with policy context (Time Machine Defense)
log.record("model_inference", {
    "model": "gpt-4",
    "input": user_prompt,
    "output": model_response
}, policy_context=PolicyContext(
    policy_name="content_moderation",
    policy_version="2.1.0"
))

# Log high-risk decision with human oversight
log.record("loan_decision", {
    "decision": "approved",
    "amount": 50000
}, human_intervention=HumanIntervention(
    required=True,
    reason="Amount exceeds threshold",
    reviewer="officer_42"
))

Export Formats

Evidence packages designed for auditors and regulators.

JSON

Full evidence records with signatures, Merkle proofs, and metadata. Machine-readable for integration.

CSV

Tabular export for spreadsheet analysis. Includes event IDs, timestamps, and verification URLs.

PDF

Printable compliance certificates with QR codes linking to live verification endpoints.

Clear Boundaries

What the AI Governance Evidence Module is and isn't.

What We Do

  • Create tamper-evident logs of AI decisions you send us
  • Sign every record with AWS KMS (ECDSA P-256)
  • Chain records in daily Merkle trees for tamper-evidence
  • Export verification bundles with links auditors can check
  • Export evidence packages for auditors and regulators
  • Support compliance documentation for EU AI Act, NIST AI RMF, etc.

What We Don't Do

  • Guarantee regulatory compliance (we provide evidence, not legal advice)
  • Access, train on, or share your logged data
  • Modify, delete, or hide records after creation
  • Monitor your AI systems in real-time
  • Provide legal opinions or certifications
  • Replace your compliance team or auditors

Frequently Asked Questions

Got questions? We have answers.

Regular logs can be modified or deleted. The AI Governance Evidence Module creates cryptographically signed receipts that are chained together in daily Merkle trees. Any tampering is mathematically detectable. Export bundles include everything needed to verify offline—no ProlixoTech account or API access required.
No. The AI Governance Evidence Module provides evidence infrastructure that supports compliance documentation requirements. Compliance depends on your overall governance program, risk assessments, and how you use the AI system. We give you the evidence trail; your legal and compliance teams determine if it meets requirements.
Time Machine Defense captures the policy version that governed each AI decision. If a regulator or litigator questions a decision made 18 months ago, you can prove which rules were in effect at that moment. Policies evolve; this prevents retroactive judgment based on current rules.
Install the Python SDK, initialize with your API key, and call log.record() after each AI decision. The SDK is non-blocking and handles batching, retries, and signature verification automatically. You can also use the REST API directly from any language. Most teams integrate in under an hour.
Yes. Export bundles are self-contained—they include the receipt, signature, Merkle proof, daily root, public key, and verification instructions. Auditors can verify mathematically using standard libraries (Python cryptography, OpenSSL) without calling any ProlixoTech API. The bundle works offline and remains verifiable as long as ECDSA P-256 and SHA-256 are considered secure.
On cancellation, you can export all your evidence records. After a 30-day grace period, data is deleted from our systems. Exported bundles remain valid forever—they're self-contained and verify offline. No ProlixoTech API required.

Start Proving Your AI Governance

Create an account, select the AI Governance module, and log your first AI decision.

Get Started View Pricing