Agents, models, hardware, tools. One open protocol connects them all
with cryptographic proof of identity, policy, and compliance.
An agent in Hong Kong, a model serving in San Francisco, and an orchestrator in Brussels verify each other and exchange data securely -- with proof that every interaction meets EU AI Act, NIST, and CMMC requirements. No central authority. No vendor gateway. Just the protocol.
$pip install swt3-ai
$npm install @tenova/swt3-ai
$cargo add swt3-ai
$dotnet add package swt3-ai
$gem install swt3-ai
Three teams. Three jurisdictions. Three different regulatory requirements. Today, trust between AI systems is fragmented -- manual verification, incompatible audit formats, and no way to prove compliance across borders. Trust Mesh replaces that: every system proves its compliance posture before data flows.
There is no server in the middle. Verification happens locally, with cryptographic proof that survives any audit. SWT3 is an open protocol with Apache-licensed SDKs in 6 languages. Anyone can implement it. No vendor dependency. Every partner that connects speaks the same protocol. That is the network effect.
Four phases. No agents installed. No data retained. No central authority.
The SDK observes your AI inference at the point of execution. Evidence factors are captured and SHA-256 hashed locally. Raw prompts and responses never leave your infrastructure.
Factors are sealed into an SWT3 Witness Anchor -- a tamper-evident receipt binding evidence to a verdict at a specific moment in time. The fingerprint formula is locked and identical across 5 languages.
Any party can independently verify the anchor using the open-source library or a browser. No API keys. No vendor access. SHA-256 runs locally. Just math.
Policy-as-code rules declared in .swt3.yaml are evaluated at every tool call. Violations are recorded with full forensic context. The witness captures what happened and whether it matched policy.
Open protocol. Commercial platform. From solo developers to sovereign enclaves.
The trust layer for AI systems. Cryptographic attestation for every inference. Trust Mesh for agent-to-agent verification. Policy-as-code attestation for tool execution. 65 AI procedures mapped to EU AI Act, NIST AI RMF, CMMC, and SR 11-7. Zero data retention. Three lines of code. SDKs in 5 languages. Works with OpenAI, Anthropic, Bedrock, LiteLLM (100+ providers), Ollama, vLLM, LangChain, Vercel AI SDK, and MCP.
Protocol Specification →The accountability platform powered by SWT3. Continuous compliance evidence for NIST 800-53, CMMC, FedRAMP, and 10 more frameworks. 225 controls scanned, adjudicated, and anchored. Read-only auditor portal with finding register, decision chain visualization, and Annex V conformity reports. Agentless. Cloud, on-prem, or air-gapped. OSCAL-validated exports.
Explore the Dashboard →Cross-border trust requires cross-border privacy. The clearing engine strips sensitive content before it leaves your jurisdiction. The proof survives. The data doesn't.
Full context: hashes, factors, model ID, provider, guardrails. For internal R&D and pre-deployment testing.
Default. Hashes and factors only. No raw prompts or responses cross the wire. Production-grade privacy.
Hashes, factors, model ID only. No provider metadata. Built for healthcare, legal, and PII workloads.
Numeric factors only. Model ID hashed. Zero metadata. Built for defense, sovereign cloud, and air-gapped environments.
Native mapping to the frameworks that matter. Not a crosswalk bolted on after the fact.
Read-only, time-limited, cryptographically verified. The auditor sees exactly what they need and nothing they should not.
Auditors annotate findings with severity classification (Major / Minor / Observation) per EU AI Act Article 43. Every finding is linked to SWT3 anchors.
Multi-agent decision chains with cryptographic proof at every node. Swimlane visualization showing human, orchestrator, and worker interactions. Policy violations flagged inline.
One-click Annex V conformity report. Pulls findings, checklist status, and corrective actions into a print-ready document with its own SWT3 anchor.
Sit between your app and the model. Can be bypassed. Cannot see inside private enclaves. Store prompts and responses on their servers. Single point of failure. Cannot operate cross-border without a central server.
Embedded in your execution logic. Cannot be bypassed. Works inside private enclaves, air-gapped networks, and sovereign clouds. Stores only cryptographic proofs. Agents verify each other directly. No central server. No borders.
Start with the protocol. Scale with the platform. Every path leads to auditor-grade evidence.
Click through a live audit portal with real compliance evidence. No signup, no sales call. If the evidence speaks for itself, install the SDK or schedule an architecture review. The protocol is free and open.