Every AI decision,
provably logged.
EPI packages AI execution as cryptographic evidence. Verify any step. Audit any chain. No server required.
pip install epi-recorder
Scroll
EPI packages AI execution as cryptographic evidence. Verify any step. Audit any chain. No server required.
"When a regulator asks what your AI agent did six months ago,
the answer should be a file — not a shrug."
The EPI Thesis
Record. Seal. Verify. Three commands. One file. Evidence for every AI decision.
Three lines of Python take your AI agent's execution from runtime memory to a cryptographically sealed, browser-verifiable evidence file.
Wrap your LLM client. Every API call, tool invocation, and decision is captured into a structured, hash-linked timeline. No monkey patching. No configuration.
SHA-256 manifest computed. Ed25519 signature applied. The file is a polyglot container — valid HTML and a binary archive. Change one byte and the signature breaks.
Drop the .epi file into any browser. Five cryptographic checks run entirely locally — no server, no upload, no trust required. Air-gap ready.
Five cryptographic checks. All local. Nothing uploaded. No file? Download a sample.
Drop a .epi file here
or click to browse ·
verification runs entirely offline
Every .epi carries a computed trust level based on cryptographic evidence — from HIGH to TAMPERED.
| Level | Integrity | Signature | Identity | Meaning |
|---|---|---|---|---|
| HIGH | Pass | Valid | Known | Registry-verified signer identity |
| MEDIUM | Pass | Valid | Unknown | SCITT ledger-anchored · independently verifiable |
| LOW | Pass | Valid | Unknown | Valid signature, unverified identity |
| TAMPERED | Fail | Invalid | — | Integrity failure or signature mismatch |
Built for domains where an AI decision carries legal, financial, or safety consequences.
Mortgage approvals, fraud detection, credit scoring. Sealed evidence for SR 11-7, FINRA, FCRA, ECB compliance.
FDA-reviewed clinical AI, diagnostics. Signed execution snapshots for 510(k) and MDR submissions.
AI-driven claims processing and underwriting. Full decision trails for NAIC AI, NY DFS, EIOPA.
Benefits, procurement, law enforcement AI. Forensic records for OMB M-24-10 and NIST AI RMF.
Red-teaming, evaluation, audit. Reproducible evidence for AIUC-1, SOC 2, ISO 42001.
Document review, contract AI. Verifiable evidence for FRCP 26(g) and ABA 483 compliance.
One callback, one wrapper, one line. EPI sits between your LLM and your compliance team.
wrap_openai(client) or wrap_anthropic(client) — full chat capture, streaming support, token usage, latency.
client = wrap_openai(OpenAI())
Drop-in callback handlers for chains, tools, retrievers, and agents. Checkpoint saver for agent state.
ChatOpenAI(callbacks=[EPICallbackHandler()])
One callback captures calls across 100+ providers — Azure, Bedrock, Vertex AI, Ollama, and more.
litellm.callbacks = [EPICallback()]
pytest --epi generates signed .epi evidence per test. CI/CD pipelines leave portable proof.
$ pytest --epi
Bridge OTel spans into signed .epi files. Integrate into existing observability without changing pipelines.
setup_epi_tracing()
epi serve starts a shared capture proxy for team workflows — configurable retention, auth, webhooks.
$ epi serve
EPI audits itself — and anchors evidence to a transparency ledger so you don't have to trust the producer.
Scores every .epi across AIUC-1 (6 domains), SCITT transparency, review binding, and fault analysis. Outputs terminal, JSON, or Markdown.
Anchor artifacts to a persistent SCITT transparency service with Merkle inclusion proofs. Verify receipts independently — no trust in the log operator required.
No proprietary formats. No vendor lock-in. Evidence built on specifications that regulators and auditors already understand.
COSE Sign1 statements, transparency receipts with Merkle inclusion proofs, persistent SQLite-backed ledger. Verify independently.
All 6 risk domains validated with substantive cryptographic checks — redaction quality, review binding, analysis completeness.
Industry-standard digital signatures with DID:WEB identity resolution. Same primitive as Signal, SSH, TLS 1.3.
SBOM preservation under artifacts/sbom/ for software supply chain transparency and risk assessment.
Roadmap: Exporting steps.jsonl as in-toto link files for execution supply chain verification across the software lifecycle.
Zero-cost decentralized identity. Publish your public key at yourdomain/.well-known/did.json. No third-party CA required.
Pilot programs, enterprise deployment, or just a conversation about what cryptographic evidence means for your compliance stack.
Try EPI in your CI/CD pipeline. Guided onboarding, custom signing keys, integration support.
Apply for Pilot →SCITT transparency service, private DID:WEB registry, audit-grade key management, SLAs.
Talk to Us →Install the package. Wrap your client. Every AI decision from that point forward can be verified, audited, and defended — in any browser, on any machine, forever.