Cryptographic audit trail for AI systems. EU AI Act Annex IV compliance in one line of code.
Project description
VaultTrace
Cryptographic audit trail for AI systems. EU AI Act Annex IV compliance in one line of code.
The EU AI Act enforcement begins 2 August 2026. Penalties reach 7% of global annual revenue. VaultTrace gives you audit-ready proof of every AI session — automatically.
The Problem
Any AI system can claim it ran model X, with data Y, at time Z. None can prove it.
EU AI Act Annex III high-risk systems must maintain verifiable audit trails for their entire operational lifetime. The technical solutions that exist today require Intel TDX hardware, months of engineering, and $200K+ implementations.
Nobody has packaged this for companies that can't afford that.
The Solution
VaultTrace is a cryptographic notary for AI compute. It answers, with mathematical proof:
"Which model ran, on what hardware, with what inputs, producing what outputs, under what governance policies — and can any third party verify this independently, years from now?"
Not a logger. Not a monitor. A cryptographic audit trail that survives after the session ends.
Quickstart
pip install vaulttrace
import vaulttrace
# Initialize once at startup
vaulttrace.init(
organization_id = "org_your_company",
task_category = "legal_analysis",
human_oversight = True,
)
# Add one decorator. That's it.
@vaulttrace.audit
def analyze_contract(prompt):
return anthropic.messages.create(
model = "claude-sonnet-4-6",
messages = [{"role": "user", "content": prompt}]
)
response = analyze_contract("Review this NDA for GDPR compliance.")
# ↑ Full EU AI Act Annex IV audit trail generated automatically.
Or one line, no decorator:
response = vaulttrace.audit(anthropic.messages.create)(
model = "claude-sonnet-4-6",
messages = [{"role": "user", "content": prompt}]
)
Export Your Annex IV Report
vaulttrace export --format euaiact --from 2026-01-01 --to 2026-08-01
→ Generates a signed PDF with all 8 Annex IV sections, ready to present to a regulator.
What VaultTrace Proves
For every AI session, VaultTrace generates five cryptographic proofs:
| Proof | What it certifies |
|---|---|
| Identity | Which model ran (API-declared or SHA-256 of weights for local models) |
| Environment | Exact hardware, OS, Python version, and all dependencies at runtime |
| Confidentiality | Inputs/outputs were hashed — never stored in plaintext |
| Correctness | Output was not modified after generation |
| Governance | All configured policies were evaluated and passed |
These proofs are assembled into a signed AI Certificate (W3C Verifiable Credentials format) stored in an append-only Vault Ledger (SQLite WAL with database-level immutability triggers).
Any third party can verify any certificate without access to the original system.
Verify a Certificate
# Verify a single certificate
vaulttrace verify --cert path/to/cert.json
# Verify the complete ledger chain
vaulttrace verify --ledger
Supported Providers
| Provider | Adapter | Model fingerprinting |
|---|---|---|
| Anthropic (Claude) | anthropic_adapter |
API-declared |
| OpenAI (GPT) | openai_adapter |
API-declared |
| xAI (Grok) | xai_adapter |
API-declared — first-class support |
| Google (Gemini) | google_adapter |
API-declared |
| Local (Ollama) | ollama_adapter |
SHA-256 of model weights |
# Claude
from vaulttrace.adapters.anthropic_adapter import AuditedAnthropicClient
# Grok
from vaulttrace.adapters.xai_adapter import AuditedXAIClient
# Local models (stronger identity guarantee)
from vaulttrace.adapters.ollama_adapter import AuditedOllamaClient
Guarantee Tiers
| Tier | Identity method | Price |
|---|---|---|
| Community | API-declared | Free |
| Professional | API-declared + distributed ledger anchoring | £500/month |
| Enterprise | TEE-attested (Intel TDX / NVIDIA PPCIE) | £2,000–£5,000/month |
Note on identity guarantees: No LLM provider today exposes a mechanism to cryptographically verify — independent of their own declaration — which model executed a session. VaultTrace documents this honestly in every AI Certificate. The Enterprise tier (Phase 5) resolves this via TEE hardware attestation. This transparency is a feature, not a limitation.
Docker Deploy
git clone https://github.com/forgesynapse/vaulttrace
cd vaulttrace
cp .env.example .env # Fill in your values
docker-compose up
VaultTrace is ready in under 2 minutes.
EU AI Act Coverage
VaultTrace covers ~78% of Annex IV Technical Documentation automatically. The remaining 22% is collected once at operator onboarding (system description, development methods, oversight mechanism).
| Annex IV Section | Coverage |
|---|---|
| 1 — General Description | ✅ Automatic |
| 2 — Development Process | 🟡 Partial (operator profile) |
| 3 — Training Data | 🟡 Partial (structural limitation for cloud LLMs) |
| 4 — Capabilities & Limitations | ✅ Automatic |
| 5 — System Components | ✅ Automatic |
| 6 — Human Oversight | ✅ Automatic |
| 7 — Cybersecurity | ✅ Automatic (VaultTrace IS the evidence) |
| 8 — Post-Market Monitoring | ✅ Automatic |
Architecture
[Your AI Call]
↓
┌─────────────────────────────────┐
│ VAULTTRACE CORE │
│ │
│ Identity Prover │ ← Which model?
│ Environment Attestor │ ← What hardware?
│ Input/Output Hasher │ ← SHA-256 only, no plaintext
│ Governance Validator │ ← Policies evaluated
│ Cryptographic Notary │ ← ECDSA-384 signature
│ Vault Ledger (SQLite WAL) │ ← Append-only, immutable
└─────────────────────────────────┘
↓
[AI Certificate — W3C Verifiable Credentials]
↓
[PDF Report — EU AI Act Annex IV]
Design invariants:
- Inputs/outputs are never stored in plaintext. Only SHA-256 hashes.
- The Vault Ledger has no UPDATE or DELETE — enforced by database triggers.
- Any AI Certificate is independently verifiable without access to the original system.
- VaultTrace runs fully async — zero latency impact on your AI pipeline.
Built by ForgeSynapse LTD
VaultTrace is the product that no LLM provider can build internally without conflict of interest. The auditor cannot audit themselves.
ForgeSynapse LTD (Company No. 16692140 — England and Wales) Unit A, 82 James Carter Road, Mildenhall, IP28 7DE, UK
License
/core Apache License 2.0
/sdk Apache License 2.0
/cli Apache License 2.0
/enterprise ForgeSynapse Commercial License (contact: fsalazar@forgesynapse.com)
Follow the Build
VaultTrace is built in public. Follow the development across the ForgeSynapse ecosystem:
- 🐦 X: @forgesynapse — daily updates, building in public
- 💼 LinkedIn: Fernando Salazar — technical deep dives and strategy
- 📧 Contact: fsalazar@forgesynapse.com
"The only proof that an AI was honest is a proof the AI itself cannot forge." — ForgeSynapse LTD, 2026
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vaulttrace-0.1.0.tar.gz.
File metadata
- Download URL: vaulttrace-0.1.0.tar.gz
- Upload date:
- Size: 72.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
07dd57cc780da0df1229d560f78dc03f9409581c78ada528a0b7f2b42028e3a9
|
|
| MD5 |
a91996c0d9637ae86de7b1b386420a54
|
|
| BLAKE2b-256 |
412987df9930eb188a61cfbeba2ea0da3d31371a854da6bcd1cb4613b1ff4dc4
|
File details
Details for the file vaulttrace-0.1.0-py3-none-any.whl.
File metadata
- Download URL: vaulttrace-0.1.0-py3-none-any.whl
- Upload date:
- Size: 89.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a5db8d5faaac1128d83f93543b4fe6b68c87902902426ff8491da60074d78e0b
|
|
| MD5 |
4861baabdcc8f88c3790774702a46e71
|
|
| BLAKE2b-256 |
aafc30a96f397a696f54be6f1ed3140ce86e33f8410c76d7faa7939de5d7210d
|
