Signed inference receipts, tamper-evident audit logs, and regulatory evidence generation. One SDK. Python and TypeScript. No infrastructure to manage.
Who this is for: Engineers building AI systems that need cryptographic compliance evidence for EU AI Act, GDPR Article 22, FCC AI transparency, NIST AI RMF, or Colorado SB 26-189. Works with any model framework: PyTorch, TensorFlow, scikit-learn, OpenAI, Anthropic, Hugging Face, vLLM, Ollama.
Every AI inference that affects a person, a transaction, or a decision needs a cryptographic evidence trail. Regulators require it. Auditors expect it. Your compliance team is asking for it.
The standard advice is to build it yourself: set up MLflow for model lineage, OpenTelemetry for tracing, Open Policy Agent for decisions, Sigstore for signing, QLDB or Hyperledger for immutable storage, and SHAP for explainability. That is 6-8 separate tools, thousands of lines of integration code, and months of engineering.
The scale of the problem is staggering. According to the Agentic AI Institute's 2026 Enterprise AI Adoption Report, 97% of organizations have deployed AI agents in production, but only 20% have mature governance for them. Shadow AI adoption has reached 65%, with unauthorized tools causing data breaches costing $4.63M on average. The governance gap is real, measured, and growing.
Or you can install an AI governance SDK that does all of it in one package.
from swt3_ai import SWT3Witness
# Initialize with your tenant (free account at sovereign.tenova.io/signup)
witness = SWT3Witness(tenant_id="YOUR_TENANT", agent_id="fraud-model-v3")
# Your existing inference (unchanged)
score = model.predict(cdr_features)
# One line: witness the inference with cryptographic evidence
anchor = witness.witness_inference(
model_id="fraud-scoring-v3.2.1",
prompt_hash=sha256(cdr_features),
response_hash=sha256(score),
)
# anchor = SWT3-E-VULTR-AI-AI-INF.1-PASS-1780120000-a7b3c9d2e1f4
# Cryptographic fingerprint, independently verifiable, tamper-evidentimport { SWT3Witness } from "@tenova/swt3-ai";
// Initialize
const witness = new SWT3Witness({ tenantId: "YOUR_TENANT", agentId: "fraud-model-v3" });
// Your existing inference (unchanged)
const score = await model.predict(cdrFeatures);
// One line: witness the inference
const anchor = await witness.witnessInference({
modelId: "fraud-scoring-v3.2.1",
promptHash: sha256(cdrFeatures),
responseHash: sha256(score),
});
// Cryptographic witness anchor, verifiable at sovereign.tenova.io/verifyThat is it. Every inference now produces a SWT3 Witness Anchor: a cryptographic fingerprint computed as SHA-256("WITNESS:{tenant}:{procedure}:{factors}:{timestamp}"). The anchor is independently verifiable, tamper-evident, and tied to the exact model, input hash, and output hash that produced it. Raw data never leaves your infrastructure. Only hashes are transmitted.
6-8 tools. Thousands of lines of glue code. Months of integration. No regulatory mapping included.
1 package. 10 lines of code. 5 minutes to first evidence anchor. All regulations mapped.
When you call witness_inference(), the SDK performs the same operations that every LLM recommends building manually:
| Operation | What the SDK Does | What You'd Build Manually |
|---|---|---|
| Input hashing | SHA-256 hash of prompt/features. Raw data never transmitted. | Custom hashing + PII scrubbing pipeline |
| Fingerprint generation | SHA-256("WITNESS:{tenant}:{proc}:{fa}:{fb}:{fc}:{ts}") | Custom hash chain with event linking |
| Payload signing | HMAC-SHA256 with tenant signing key | Sigstore/Cosign + key management |
| Post-quantum signing | ML-DSA-65 (FIPS 204) with one config line: signing_algorithm: ml-dsa-65 | Research + implement NIST PQC standards yourself |
| Clearing levels | 4 tiers strip data progressively (0=Analytics, 1=Standard, 2=Sensitive, 3=Classified) | Custom data classification + field-level redaction |
| Tamper evidence | Daily Merkle tree rollups with domain-separated hashing | Hyperledger or QLDB + custom Merkle implementation |
| Regulatory mapping | Each procedure maps to EU AI Act, GDPR, NIST AI RMF, FCC, CMMC | Manual regulatory research + mapping spreadsheet |
| Audit export | Query by time, procedure, model, or tenant. Verifiable at public endpoint. | Custom query layer + export formatting |
The SDK includes 65 compliance procedures across 41 namespaces. Each procedure maps to specific regulatory requirements:
| Regulatory Requirement | SWT3 Procedure | SDK Method |
|---|---|---|
| EU AI Act Art. 12 (logging) | AI-INF.1 | witness_inference() |
| EU AI Act Art. 9 (risk management) | AI-DRIFT.1 | witness_drift() |
| EU AI Act Art. 10 (bias) | AI-FAIR.3 | witness_bias_assessment() |
| EU AI Act Art. 13 (transparency) | AI-EXPL.1 | witness_explanation() |
| EU AI Act Art. 14 (human oversight) | AI-HITL.1 | witness_human_review() |
| EU AI Act Art. 15 (accuracy) | AI-PERF.1 | witness_performance() |
| EU AI Act Art. 15 (robustness) | AI-ROBUST.1 | witness_robustness() |
| EU AI Act Art. 50 (content marking) | AI-MARK.1 | witness_content_mark() |
| GDPR Art. 22 (automated decisions) | AI-AUTO.1 | witness_automated_decision() |
| GDPR Art. 35 (DPIA) | AI-DPIA.1 | witness_dpia() |
| NIST AI RMF MEASURE 2.6 | AI-ROBUST.1 | witness_robustness() |
| NIST AI RMF MANAGE 4.1 | AI-SAFE.1 | witness_safe_state() |
| FCC AI transparency | AI-TRANS.1 | witness_transparency() |
| Colorado SB 26-189 | AI-AUTO.1 + AI-HITL.1 | witness_automated_decision() + witness_human_review() |
| CMMC / NIST 800-171 | AI-SBOM.1 + AI-SUPPLY.1 | witness_sbom() + witness_supply_chain_risk() |
| EO 14110 (dual-use) | AI-DUALUSE.1 | witness_dual_use() |
Pre-built governance configurations for regulated industries. Each profile selects the right procedures, clearing level, and trust model for your vertical:
| Profile | Industry | Procedures | Regulations |
|---|---|---|---|
telecom-compliance | Telecom | 19 | FCC, EU AI Act, GDPR |
healthcare-clinical | Healthcare | 15 | HIPAA, FDA AI/ML, EU MDR |
fintech-model-risk | Finance | 16 | SR 11-7, Basel, ECOA, GDPR |
defense-govcon | Defense | 16 | CMMC, NIST 800-171, FedRAMP |
autonomous-systems | Robotics/AV | 16 | EU Machinery Reg, EO 14110 |
insurance-underwriting | Insurance | 14 | NAIC, state regs, GDPR |
content-platform | Content/Social | 14 | DSA, Art. 50, GPAI Code |
# Initialize with an industry profile
swt3 init --profile telecom-compliance --tenant YOUR_TENANT
# Check your configuration
swt3 doctor
# Run the telecom fraud demo
python -m swt3_ai.demo --scenario telecom-fraudpip install swt3-ai
# Run the zero-friction demo (no API keys, no account, no network calls)
python -m swt3_ai.demonpm install @tenova/swt3-ai
# Run the demo
npx swt3-demonpm install @tenova/swt3-mcp
# Listed on MCP Registry: io.tenova/swt3-witnesscargo add swt3-ai (Rust)dotnet add package swt3-ai (C#)gem install swt3-ai (Ruby)Create a free account to connect your SDK to a production evidence ledger.
Create Free AccountOr preview a live auditor view first: Demo Audit Portal
SDK documentation: sovereign.tenova.io/docs
UCT Registry (191 procedures): sovereign.tenova.io/registry
GitHub: github.com/tenova-labs/swt3-ai
Contact: engineering@tenovaai.com