The evidence clearing house for AI compliance.
Record what your AI systems do. Prove it to any auditor. Verify it anywhere.
Your models make decisions. Your agents execute tools. Your orchestrators route data across jurisdictions. The Sovereign Witness Traceability protocol (SWT3) creates a tamper-evident record of every action -- anchored with SHA-256, mapped to 31 regulatory frameworks, and verifiable by any auditor without contacting you. Three promises: anchors never drop, the portal always loads, verification always resolves.
$pip install swt3-ai
$npm install @tenova/swt3-ai
$cargo add swt3-ai
$dotnet add package swt3-ai
$gem install swt3-ai
Three teams. Three jurisdictions. Three different regulatory requirements. Today, trust between AI systems is fragmented -- manual verification, incompatible audit formats, and no way to prove compliance across borders. Trust Mesh replaces that: every system proves its compliance posture before data flows.
There is no server in the middle. Verification happens locally, with cryptographic proof that survives any audit. SWT3 is an open protocol with Apache-licensed SDKs in 7 languages. Anyone can implement it. No vendor dependency. Every partner that connects speaks the same protocol. That is the network effect.
Four phases. No agents installed. No data retained. No central authority.
The SDK observes your AI inference at the point of execution. Evidence factors are captured and SHA-256 hashed locally. Raw prompts and responses never leave your infrastructure.
Factors are sealed into an SWT3 Witness Anchor -- a tamper-evident receipt binding evidence to a verdict at a specific moment in time. The fingerprint formula is locked and identical across 7 languages.
Any party can independently verify the anchor using the open-source library or a browser. No API keys. No vendor access. SHA-256 runs locally. Just math.
Policy-as-code rules declared in .swt3.yaml are evaluated at every tool call. Violations are recorded with full forensic context. The witness captures what happened and whether it matched policy.
Open protocol. Commercial platform. From solo developers to sovereign enclaves.
The evidence layer for AI systems. Cryptographic attestation for every inference. Trust Mesh for agent-to-agent verification. Policy-as-code governance for tool execution. 106 AI procedures mapped to EU AI Act, NIST AI RMF, CMMC, SR 11-7, and 27 more frameworks. Zero data retention. Three lines of code. SDKs in 7 languages. 21 integrations including OpenAI, Anthropic, Bedrock, LiteLLM, Ollama, vLLM, Cohere, Qdrant, LangChain, LangGraph, Google ADK, CrewAI, Microsoft AGT, and MCP.
Protocol Specification →The managed platform for AI compliance evidence. Your SDK sends anchors. We store them. Your auditor verifies them. Read-only auditor portal with finding register, completeness scoring, and decision chain visualization. Framework-mapped evidence views for EU AI Act, NIST, CMMC, IMDA, and 24 more. Bring your own infrastructure scans via evidence ingestion. Cloud, on-prem, or air-gapped.
Explore the Dashboard →Every machine running your AI has a hardware fingerprint -- GPU model, CPU architecture, runtime environment. If a workload migrates to different silicon, a GPU fails silently, or your cloud provider live-migrates a node, your compliance posture just changed and nobody recorded it. The SWT3 Witness DaemonSet runs on every node in your cluster and creates a tamper-evident record of the hardware actually executing your models. One install command. Zero code changes. Works across AWS, GCP, Azure, and on-prem.
helm install swt3 oci://ghcr.io/tenova-labs/charts/swt3-witness --version 0.5.8
DaemonSet Documentation →
AI assistants call external tools -- APIs, databases, code interpreters, file systems. Every tool call is a decision with compliance implications: what data was accessed, which model made the call, and whether policy allowed it. The SWT3 MCP server sits between your AI assistant and its tools, witnessing every call without changing how your tools work. 18 compliance tools and 2 audit resources. Works with Claude Desktop, Cursor, Windsurf, and any MCP-compatible client.
npx @tenova/swt3-mcp
MCP Compliance Guide →
Cross-border trust requires cross-border privacy. The clearing engine strips sensitive content before it leaves your jurisdiction. The proof survives. The data doesn't.
Full context: hashes, factors, model ID, provider, guardrails. For internal R&D and pre-deployment testing.
Default. Hashes and factors only. No raw prompts or responses cross the wire. Production-grade privacy.
Hashes, factors, model ID only. No provider metadata. Built for healthcare, legal, and PII workloads.
Numeric factors only. Model ID hashed. Zero metadata. Built for defense, sovereign cloud, and air-gapped environments.
Native mapping to the frameworks that matter. Not a crosswalk bolted on after the fact.
Read-only, time-limited, cryptographically verified. The auditor sees exactly what they need and nothing they should not.
Auditors annotate findings with severity classification (Major / Minor / Observation) per EU AI Act Article 43. Every finding is linked to SWT3 anchors.
Multi-agent decision chains with cryptographic proof at every node. Swimlane visualization showing human, orchestrator, and worker interactions. Policy violations flagged inline.
One-click Annex V conformity report. Pulls findings, checklist status, and corrective actions into a print-ready document with its own SWT3 anchor.
Sit between your app and the model. Can be bypassed. Cannot see inside private enclaves. Store prompts and responses on their servers. Single point of failure. Cannot operate cross-border without a central server.
Embedded in your execution logic. Cannot be bypassed. Works inside private enclaves, air-gapped networks, and sovereign clouds. Stores only cryptographic proofs. Agents verify each other directly. No central server. No borders.
Start with the protocol. Scale with the platform. Every path leads to auditor-grade evidence.
Click through a live audit portal with real compliance evidence. No signup, no sales call. If the evidence speaks for itself, install the SDK or reach out to engineering. The protocol is free and open.