The EU AI Act enforcement starts August 2026. Article 13(3)(c) requires
technical documentation of every automated AI decision made by high-risk
systems. The fine for non-compliance: €15M or 3% of global revenue.
Most teams are not ready for this.
The problem isn't understanding the regulation. It's that right now, every
AI output your system produces is unverifiable. Anyone can edit it after
the fact. There's no proof it came from a specific model at a specific time.
No proof the output wasn't changed. No audit trail that would survive a
legal dispute.
AetherProof fixes this with one function call.
What it generates
Every inference produces a receipt — a cryptographically signed JSON record
that proves:
- WHAT model ran (provider-reported model id, not a guess)
- WHAT the input was (SHA-256 commitment)
- WHAT the output was (SHA-256 hash)
- WHEN it happened (millisecond timestamp)
- That none of it was altered (Ed25519 signature — one bit changes, verification fails)
The receipt is verifiable offline, forever, with only a public key.
No servers. No API calls. No dependency on AetherProof infrastructure.
Install
pip install aetherproof
Cloud API usage (OpenAI, Claude, Grok, DeepSeek, Gemini)
from aetherproof.core.receipt import Receipt
from aetherproof.core.keystore import load_or_create_signer
from aetherproof.core.log import ReceiptLog
your normal API call
resp = client.chat.completions.create(
model="gpt-4o",
messages=[{"role": "user", "content": user_prompt}]
)
generate the receipt
r = Receipt.for_api_call(
provider="openai",
model_id=resp.model, # from the API response, not typed
prompt=user_prompt,
output_text=resp.choices[0].message.content,
response_metadata={
"system_fingerprint": resp.system_fingerprint,
"response_id": resp.id,
"created": resp.created,
},
)
sign and log it
signer = load_or_create_signer()
r.signature = signer.sign(r.signing_bytes())
ReceiptLog().append(r)
The receipt JSON looks like this:
{
"receipt_version": "1.1",
"model_weight_root": "e04054baac10b5d2a36213244af1b979...",
"model_root_type": "api_attested",
"input_commitment": "52cb6b5e4a038af1756708f98afb718a...",
"output_hash": "a54fe368ce973a036ccb2271627f8fa4...",
"timestamp_ms": 1719400000000,
"log_sequence": 1,
"signature": "d5b00bf29e891892d87ee4a864b4e695...",
"log_anchor": "local://log/1"
}
Verify it offline — no AetherProof code required
import json, hashlib
from cryptography.hazmat.primitives.serialization import load_pem_public_key
r = json.load(open("receipt.json"))
pub = load_pem_public_key(open("public.pub", "rb").read())
fields = [
r["receipt_version"], r["model_weight_root"], r["model_root_type"],
r["input_commitment"], r["output_hash"], str(r["timestamp_ms"]),
str(r["log_sequence"]),
json.dumps(r["hw_evidence"], sort_keys=True, separators=(",", ":")),
r["log_anchor"],
]
preimage = "".join(f"{len(f)}:{f}" for f in fields).encode("utf-8")
pub.verify(bytes.fromhex(r["signature"]), preimage)
print("valid")
That's the entire trust model. SHA-256 + Ed25519. Standard crypto.
Runs anywhere, forever.
An important honesty note about cloud models
With cloud APIs (GPT-4o, Claude, Grok), you cannot hash the weights —
they live on the provider's servers. AetherProof is honest about this:
model_root_type is set to api_attested, not artifact_hash.
What it does prove is the part you are liable for: the exact input your
system sent, the exact output it acted on, the model the API claimed,
the timestamp, and that none of it was edited afterward. That's your
record-keeping obligation under EU AI Act and SEC 17a-4.
Works with 17 model families
OpenAI, Anthropic, xAI/Grok, DeepSeek, Google, Mistral, Meta, Cohere,
Alibaba — tested in the matrix test suite.
Apache 2.0 — fully open source
pip install aetherproof
github.com/pulkit6732/aetherproof
If you're hitting audit trail requirements from enterprise clients,
I'd love to hear about it.
Top comments (0)