Evidence-AIDR watches your AI agents in production — detecting attacks, intercepting dangerous actions, and sealing every runtime event into a cryptographically signed evidence bundle any auditor can verify offline. No raw data exposed. No vendor dependency.
Runtime monitoring
Evidence-AIDR sits in your production environment watching every agent action in real time — not just logging, but actively detecting and intercepting dangerous behavior before it causes damage.
Identifies prompt injection attempts, policy bypass, and privilege abuse in live agent traffic. Behavioral models trained on known attack patterns flag anomalous tool usage and unauthorized escalation paths as they happen.
Prompt injection · policy bypass · privilege abuse · anomaly detection
High-risk agent actions — shell calls, unauthorized file writes, secret access, suspicious network requests — are scored and intercepted before execution. Signed verdict issued automatically, fed into the audit chain.
Pre-execution scoring · auto-block · signed verdict · SIEM-ready
Every agent action produces a timestamped, signed timeline entry. When an incident occurs, replay the agent's exact action sequence from the cryptographic record — provably, without relying on agent self-reporting.
Deterministic replay · tamper-evident · independent forensics
Cryptographic properties
Every evidence bundle is checked against P1–P8. The open-source verifier reproduces all eight locally — offline, from a single binary, in under 5 minutes.
Merkle hash chain — any row insertion or deletion is detectable by re-hashing
Every log row provably linked to a specific tenant and session via sub-chain isolation
ed25519 signature from the gateway keypair on every bundle manifest
Manifest + row-level checksums prevent silent modification after signing
Removed PII rows leave Merkle proofs — auditor can confirm shape without seeing content
PII declared and redacted; CMK envelope encryption; pseudonymization at gateway
Verifier runs in Nitro Enclave; PCR0 bound to OSS commit hash — even cloud provider can't read prompts
Proxy re-encryption auditor handover; time-limited grant expires and revokes instantly
Open source · Apache 2.0
The OSS verifier is the trust root of the entire system. Any auditor, regulator, or engineer can download it, point it at an evidence bundle, and reproduce the result — offline, no account, no NDA.
# Install (darwin / linux / windows) $ curl -sSL https://install.tracestone.io | bash # Verify the bundled demo — zero config required $ tracestone verify --demo ✓ P1 chain ok 1,034 rows, prev_hash chain intact ✓ P3 sig ok ed25519 verified against gateway.pub ✓ P5 redact ok merkle proofs for 12 redacted rows ✓ P6 privacy ok PII declared + CMK envelope ✓ P7 attest ok Enclave PCR0 in allowlist ✓ P8 authz ok pre-grants.json sig verified PASS proof_hash sha256:bb162c… # Point at your own bundle $ tracestone verify audit-bundle-2026-05.zip
Apache 2.0 · P1–P8 Go CLI + library · single static binary · cross-platform (darwin / linux / windows)
LLM Gateway vuln corpus + audit prompts · portable skill bundle · Apache 2.0
Privacy architecture
Tracestone is designed so we provably cannot read your prompts. Pseudonymization and encryption happen inside your VPC before any data is transmitted. Our SaaS holds only ciphertext and signed evidence.
Compliance coverage
Automated evidence pack generation with P1–P8 crosswalk to CC6–CC9 common criteria
AI management system audit trail — provenance, traceability, and accountability requirements
High-risk AI system provenance and technical documentation requirements (Articles 11–17)
PHI handling with CMK envelope encryption + P6 PII redaction + audit log integrity
Govern · Map · Measure · Manage alignment — evidence bundles map to each function
Financial sector AI governance for APAC — evidence chain satisfies MAS Technology Risk Management guidelines
Evidence-AIDR monitors your agents in real time, intercepts dangerous actions, and builds the audit trail your compliance team needs — without exposing any raw data. Start with the free OSS verifier or talk to us directly.