Helixar Labs
Concept

Cryptographic Provenance for AI

Signed, hash-chained, verifiable offline

Cryptographic provenance is how you prove what an AI system decided — and that no one altered the record afterwards. Helixar signs every governance decision and hash-chains it into a tamper-evident audit trail an auditor can verify offline, without trusting Helixar.

Category
AI auditability
Signing
Ed25519
Chain
SHA-256 hash chain
Verification
Offline · no trust in Helixar

What it is

Cryptographic provenance for AI is a tamper-evident record of every governance decision an AI system makes. Helixar writes each decision to an Ed25519-signed, hash-chained, append-only audit trail: each entry is cryptographically linked to the one before it, so altering any record breaks the chain and is immediately detectable — and the whole trail is independently verifiable offline.

The problem

Regulated organisations increasingly have to prove not just what their AI did, but that the evidence itself is trustworthy. A log the vendor can silently edit is not evidence. Auditors and regulators need records they can verify independently, long after the fact, without taking the vendor’s word for it.

Why most AI tools miss it

Most AI governance tools observe and monitor — they produce dashboards and logs, but those records live in systems the vendor controls and can change. They rarely sign each decision, and they rarely let an auditor confirm the record without trusting the vendor’s infrastructure. Observation is not the same as evidence.

How Helixar does it

Helixar sits above the model providers and applies your policy on every AI request — allow, cap, redact, hold, or block — and records what happened in an Ed25519-signed, hash-chained, append-only audit trail. Production signing keys are non-exportable. An auditor can take a signed evidence pack and verify it offline with an independent verifier, confirming the integrity of every decision without trusting Helixar.

Questions auditors ask

How do we know a record wasn’t changed?

Every entry is Ed25519-signed and hash-chained. Altering any record breaks the chain and fails verification.

Can we verify it without trusting Helixar?

Yes. A signed evidence pack is independently verifiable offline with a public-key verifier — no dependency on Helixar’s systems.

Is the audit trail immutable?

It is tamper-evident and independently verifiable offline. Third-party immutability is available via external RFC-3161 timestamp anchoring, enabled per tenant.