AI artifact audit
The AI artifact audit module is the regulatory-evidence axis of ARIADA's Detect tier. It maintains a Hash-anchored Evidence Stream — every AI artifact your product emits (chatbot reply, AI-generated image or deepfake, AI-suggested UI copy, AI-suggested code) is written to a tamper-evident hash chain together with the model id, prompt-template fingerprint, timestamp, and signing key. The output is an EU AI Act Article 50 transparency package, ready for a notified body or a court.
What it does
-
Hash-anchored evidence stream
Append-only ledger; each entry points to the previous entry's hash. Removing or rewriting one event invalidates every subsequent entry. Detection of tampering is mechanical, not discretionary.
-
Per-artifact provenance
Captures model id, model version, prompt-template fingerprint, input redaction profile, output checksum, and decision (shipped / rewritten / blocked). Sufficient for Article 50 transparency audits.
-
Article 50 transparency package
Emits a regulator-grade evidence bundle: who produced what, when, with which model, signed by which key. Replaces the manual ledger + lawyer review path that does not scale.
Why now
EU AI Act 2024/1689 Article 50 transparency obligations become enforceable in August 2026, with penalties up to €35M or 7% of global turnover. Most "AI compliance" tooling ships a checklist; the AI artifact audit module ships a court-defensible evidence chain. The alternative — a manual ledger reviewed by counsel — does not scale past a few hundred artifacts a week.
Layer mapping
| Axis / Layer | Role | Direction |
|---|---|---|
| L9 AI Act core | Canonical home of the AI artifact audit — AI artifact registry + Article 50 evidence packaging. | — |
| Multi-domain scan | Surfaces AI-rendered DOM regions and chatbot embeddings for hashing into the stream. | Consumes |
| AI authorship attribution | Joins evidence stream entries to the originating model fingerprint when attribution is available. | Consumes |
| Canonical scoring | Reads evidence entries to attach signed measurement reports (not legal certifications) to the per-domain score. | Feeds |
| Scan visualization | Renders the evidence timeline as the "Ariadne thread" view for stakeholder readouts. | Feeds |
Why this is different
"AI compliance" tooling on the market today produces a checklist and a PDF. The AI artifact audit module produces a hash chain that a court or a notified body can audit independently. The difference is the difference between marketing copy and evidence that survives cross-examination.
Filed IP
ARIADA holds filed-IP positions covering the append-only AI artifact event ledger, tamper-evident hash chain, and EU AI Act Article 50 evidence-packaging methods underlying this module. Provisional application only; conversion to non-provisional pending.
Application numbers, claim counts, and PCT deadlines are available for accredited-investor due diligence on the Legal & IP page.
Cross-references
- Detect-tier siblings: Regression detection, Scan visualization.
- Upstream input: Multi-domain scan, AI authorship attribution.
- Downstream consumers: Canonical scoring, Scan visualization.
- Architecture overview: Technology architecture.
- Legal positioning: Legal & IP.
Source-level remediation only — agentic suggestions are not autonomous deployments; pull requests require client merge. Not a legal certification body. For accredited certification, customers consult a notified body or registered auditor.