One protocol. Zero Integrity Debt.
The first flight recorder for AI accountability.
Every AI inference, every infrastructure control, every regulatory checkpoint - witnessed, fingerprinted, and sealed into a tamper-evident record. Machine-gathered evidence. Deterministic verdicts. Proof that both sides of the table can independently verify.
$pip install swt3-ai
$npm install @tenova/swt3-ai
One protocol. Two products. Trusted integrity for defense, finance, healthcare, and AI governance.
Continuous compliance evidence for NIST 800-53, CMMC, FedRAMP, and 9 more frameworks. 210 controls scanned, adjudicated, and anchored with the SWT3 protocol. Agentless. Cloud, on-prem, or air-gapped. OSCAL-validated exports for C3PAO assessments.
Explore the Dashboard →Cryptographic attestation for every AI inference. Prove your models are running approved weights, guardrails are active, and inferences are traceable. Zero data retention. Three lines of code. Works with OpenAI, Anthropic, Vercel AI SDK, Bedrock, Ollama, and any OpenAI-compatible endpoint.
SDK Documentation →Native mapping to the frameworks that matter. Not a crosswalk bolted on after the fact.
Three phases. No agents installed. No data retained.
The SDK or scanner observes your AI inference or infrastructure control. Evidence factors are captured and SHA-256 hashed at the point of observation.
Factors are sealed into an SWT3 Witness Anchor - a tamper-evident, cryptographic receipt binding evidence to a verdict at a specific moment in time.
Any party can independently verify the anchor using the open-source library or the browser-based verifier. No API keys. No vendor access. SHA-256 runs locally. Just math.
The proof survives the data. The data doesn't outlive its purpose.
100% auditability with 0% data liability.
Hashes, factors, model ID, provider, and guardrail names. For internal analytics and non-sensitive workloads.
Default. Hashes and factors only. No raw prompts or responses on the wire. Production-grade privacy.
Hashes, factors, and model ID only. No provider metadata. Built for healthcare, legal, and PII-adjacent workloads.
Numeric factors only. Model ID hashed. Zero metadata. Built for defense, air-gapped, and classified environments.
Sit between your app and the model. Can be bypassed. Cannot see inside private enclaves. Store prompts and responses on their servers. Single point of failure for compliance.
Embedded in your execution logic. Cannot be bypassed. Works inside private enclaves, air-gapped networks, and sovereign clouds. Stores only cryptographic proofs. Verification is independent and offline-capable.
From free tier to sovereign deployment. Scale with your compliance requirements.
For ISSMs, C3PAOs, and teams pursuing ATO. 210 controls. OSCAL exports. STIG Manager integration.
Whether you need AI accountability for the EU AI Act or infrastructure compliance for CMMC, the evidence starts with the first anchor.