Every AI inference produces a 74-byte post-quantum attestation. Three independent signature families. Hash-chained into a tamper-evident sequence. Independently verifiable by any party without vendor access or API keys.
Not "we logged it." Cryptographically signed. Mathematically bound. Court-admissible.
Logs tell you what someone claims happened. Attestations prove what actually happened. The gap between these two is where liability, fraud, and regulatory failure live.
Application logs can be edited, deleted, or corrupted by anyone with admin access. A breach destroys the evidence. A malicious insider rewrites the record. In litigation, unsigned logs are hearsay — not evidence.
"Our systems show..." is a trust claim, not a mathematical proof. Regulators are moving from trust-based to evidence-based compliance. If your AI vendor says the decision was compliant, you are trusting their word — not verifying it.
RSA and ECC signatures will be forgeable by quantum computers. An AI audit trail signed today with RSA-2048 may be worthless in court by 2035. Post-quantum signatures are the only way to future-proof AI decision records.
One is a claim. The other is proof.
Every AI decision triggers a five-step attestation pipeline. The output is a 74-byte proof that any party can independently verify.
Five elements are cryptographically bound into every 74-byte attestation. Missing any one of them means the proof is incomplete. H33 captures all five by default.
H33 attestations are independently verifiable by design. No API key, no vendor relationship, no trust assumption. The proof speaks for itself.
An auditor receives the 74-byte attestation, checks the three PQ signatures against public keys, verifies the SHA3-256 hash chain, and confirms the on-chain anchor. No access to your systems required.
In litigation, the attestation is mathematical evidence that a specific AI decision occurred with specific inputs at a specific time. It cannot be forged, backdated, or altered. Any expert witness can independently verify it.
Business partners, regulators, or customers can verify any AI decision attestation without contacting H33 or accessing your infrastructure. Send the 74-byte proof. They verify it independently.
Every attestation is hash-chained to the previous one. Verifying any single attestation also validates its position in the sequence. A gap or alteration anywhere in the chain is immediately detectable.
The 32-byte on-chain hash provides an immutable public timestamp. Even if every other system is compromised, the on-chain record proves the attestation existed at that point in time.
The full attestation details — all five attested elements plus the three signatures — are stored on Cachee.ai for instant retrieval. Post-quantum attested storage with sub-microsecond lookup.
Two API calls. One to attest. One to verify. No SDK required.
# Attest an AI decision attestation = h33.attest( inputs=inference_request, outputs=model_response, model_version="gpt-4-0125", authority=delegation_chain ) # attestation.proof — 74-byte H33-74 attestation # attestation.hash — SHA3-256 commitment (32 bytes on-chain) # attestation.chain — hash-chain position in sequence # Verify (any party, no API key needed) result = h33.verify(attestation.proof) # result.valid — True # result.signatures — {ml_dsa: valid, falcon: valid, slh_dsa: valid} # result.chain_intact — True
AI attestation is a cryptographic proof that a specific AI decision occurred with specific inputs, produced specific outputs, used a specific model version, and was authorized by a specific authority chain. Unlike logging, attestation is immutable, independently verifiable, and signed with post-quantum signatures that cannot be forged by either classical or quantum computers.
Logs are mutable, vendor-controlled, and unsigned. Any administrator can edit or delete them. A breach can destroy the entire log history. In court or regulatory proceedings, unsigned logs are assertions — not evidence. Cryptographic attestation produces a mathematical proof that cannot be altered after the fact and can be independently verified by any party without accessing your systems.
Every AI decision attestation is compressed to exactly 74 bytes: 32 bytes stored on-chain (the SHA3-256 hash commitment) and 42 bytes stored in Cachee (the compressed three-family PQ signature bundle). This is the result of H33-74 compression — three full post-quantum signatures distilled into 74 bytes while maintaining independent verifiability. Patent pending.
Yes. That is the entire point. Verification requires no API key, no vendor relationship, and no trust in H33. The 74-byte attestation contains everything needed for independent verification: the hash commitment can be checked against the on-chain record, and the three PQ signatures can be verified against public keys. Any party — auditor, regulator, opposing counsel, business partner — can verify independently.
Each attestation includes the SHA3-256 hash of the previous attestation in the sequence. This creates a tamper-evident chain: altering or removing any attestation breaks the hash chain from that point forward. Inserting a fake attestation is impossible without knowing the hash of the attestation that precedes it. This provides sequence integrity in addition to individual attestation integrity.
Approximately 42 microseconds per AI decision. For a typical LLM inference of 50–500 milliseconds, this is less than 0.1% overhead. Batch attestation (via H33-74 Claims 124–125) amortizes the Dilithium signature across 32 decisions via batched Merkle response attestation, further reducing per-decision cost. The attestation pipeline runs asynchronously and never blocks the inference response.
Make an AI decision. Get a 74-byte proof. Verify it independently. No commitment required.