the question that changes everything

Can you prove a privileged action was authorised before it executed — not just logged afterwards?

Post-hoc logs are confessions, not defences. SIRDI generates tamper-evident, independently verifiable proof at the point of authorisation — before the action runs.

the gap

Before and after SIRDI

without SIRDI
AI agents execute privileged actions with no pre-execution authorisation gate
Audit logs are controlled by the same operator who ran the action — not independently verifiable
Insurance claims, regulatory reviews, and client disputes rely on self-reported evidence
EU AI Act high-risk obligations require proof of authorisation you cannot produce
Shadow AI actions leave no traceable, tamper-evident record before execution
with SIRDI
Every privileged action is intercepted and evaluated before it runs — deny-by-default
Cryptographic receipts are independently verifiable — no need to trust the operator's log
Hash-chained receipt chain provides tamper-evident proof across the full action history
Portable evidence survives disputes, audits, and regulatory review without operator dependency
Agent-agnostic — governs OpenClaw, Agent Zero, and any autonomous action pipeline
the mechanism

How SIRDI works

01
Intercept
SIRDI sits between your AI agent and the target system. Every privileged action hits the governance gate before it reaches execution.
02
Evaluate
Six verification layers run in sequence: policy, risk scoring, intent confirmation, human gate, cryptographic signature, and chain linkage.
03
Sign
A tamper-evident receipt is generated and cryptographically signed using Ed25519. The receipt is hash-chained to every previous governed decision.
04
Gate
ALLOW or DENY is returned before execution. The receipt is portable — any third party can verify the chain without trusting your runtime.
the verifier

Six-layer verification

Every SIRDI receipt passes six independent checks before a decision is issued. All six must clear for ALLOW.

L1
Structure Receipt schema validated against the frozen v0.1 specification. Malformed receipts are rejected immediately. PASS
L2
Sequence Receipt counter and session binding verified. Out-of-order receipts flag chain integrity violations. PASS
L3
Hash RFC 8785 JCS canonicalisation applied. SHA-256 payload hash recomputed and verified against the signed receipt. PASS
L4
Signature Ed25519 signature verified against the governance public key. Tampered receipts produce a hard signature failure. PASS
L5
Chain Each receipt hashes the previous receipt's hash. Chain continuity verified from genesis to current head. PASS
L6
Replay Intent hash checked against the session registry. Duplicate governed actions within a session are flagged as replay attempts. PASS
who it's built for

Built for high-trust operators

MSSPs & Security MSPs
Serve regulated clients who need proof of authorisation, not just audit logs. Add a defensible governance layer to your AI-assisted SOC operations.
MDR XDR SOC automation NIS2
Regulated enterprises
Finance, healthcare, legal, and critical infrastructure operators deploying AI agents who face compliance obligations under the EU AI Act, DORA, or ISO 27001.
EU AI Act DORA ISO 27001 GDPR
AI-native builders
Founders and engineering teams shipping autonomous agents in production who need tamper-evident evidence infrastructure before regulators or clients ask for it.
agentic AI OpenClaw Agent Zero autonomous ops
the deadline
2 AUG 2026
EU AI Act high-risk obligations come into force
Organisations deploying AI in high-risk categories must demonstrate authorisation controls, audit trails, and independent verifiability. Post-hoc logging does not satisfy the standard. SIRDI does.
Get ready now
early access

Request a pilot

Limited to MSSPs and regulated operators. We run a structured 14-day pilot with you — live receipt chain, your environment, your proof.

Limited pilot slots · No spam · No obligation · swift fortress ltd