SOC 2, ISO 42001, EU AI Act, and HIPAA all require audit evidence — not dashboards, not screenshots. Tracestone produces cryptographically signed evidence bundles any auditor can reproduce offline, without your raw data.
The problem
Compliance frameworks written for AI systems demand traceability and accountability. Most enterprise deployments can't deliver either at audit time.
01
Mutable server logs, vendor-controlled dashboards, and self-reported policy compliance don't satisfy SOC 2 CC6–CC9, ISO 42001 traceability requirements, or EU AI Act technical documentation mandates. Auditors want evidence they can independently verify.
02
Enterprise AI deployments serve multiple internal teams or external customers from the same infrastructure. Without cryptographic attribution, you cannot prove tenant A's data never touched tenant B's context.
03
If your compliance evidence lives only in your AI vendor's portal, it disappears when that vendor changes their retention policy, goes offline, or becomes uncooperative in a dispute. You need evidence you own.
How Tracestone helps
Evidence-AIDR converts your AI runtime events into a cryptographically signed, independently verifiable bundle — mapped to the frameworks your auditors already use.
Eight independently verifiable properties: chain integrity, attribution, ed25519 signature, anti-tamper, redaction proofs, privacy, TEE attestation, and proxy re-encryption auditor handover. Every bundle checks all eight.
Auto-generated evidence packs crosswalked to SOC 2 CC6–CC9, ISO 42001 traceability requirements, EU AI Act Articles 11–17, HIPAA audit controls, NIST AI RMF, and MAS TRM for APAC financial institutions.
Pseudonymization and CMK envelope encryption happen inside your VPC before any data leaves. Tracestone SaaS holds only ciphertext and signed hashes — your raw conversations never leave your boundary, by design.
Audit workflow
The entire evidence chain runs automatically. Your security team gets a
proof_hash
that any auditor can reproduce locally — offline, no account, no NDA.
Events emitted — AI gateway emits audit.jsonl rows as calls occur inside your VPC.
PII redacted + encrypted — pseudonymization and CMK envelope applied before any data leaves your boundary.
Bundle sealed — ed25519 signature + Merkle chain locked. Tamper is permanently detectable.
Auditor verifies offline — OSS verifier, single binary, P1–P8 all green, proof_hash reproducible.
# Auditor runs on their own machine $ tracestone verify audit-bundle-2026-Q2.zip \ --framework soc2 ✓ P1 chain ok 48,291 rows intact ✓ P2 attribution tenant sub-chains isolated ✓ P3 sig ok ed25519 verified ✓ P4 anti-tamper manifest + row checksums pass ✓ P5 redact ok merkle proofs for 203 redacted rows ✓ P6 privacy ok PII declared + CMK envelope # CC6–CC9 crosswalk ✓ CC6.1 logical access controls → P2 attribution ✓ CC7.2 system monitoring → P1 chain integrity ✓ CC9.1 vendor risk management → P3 signature PASS proof_hash sha256:e4a91f…
Common questions
Can we keep all data within our own cloud region?
Yes. Dedicated tenancy with regional sovereignty is available at Enterprise and Regulator tiers. Your evidence bundles stay in your designated region (EU, APAC, US) and are never replicated outside it. On-prem Kubernetes deployment is also available via Helm chart.
Which compliance frameworks are covered out of the box?
SOC 2 Type II, ISO 42001, EU AI Act (Articles 11–17), HIPAA, NIST AI RMF, and MAS TRM for Singapore financial institutions. Each framework gets an auto-generated evidence pack with a P1–P8 crosswalk mapped to the specific controls auditors check.
How does auditor access work without sharing raw data?
Auditors receive a signed evidence bundle and the open-source verifier binary. They run verification locally — no network access, no Tracestone account required. For cases requiring deeper review, Proxy Re-Encryption (PRE) lets you grant time-limited, field-level decryption access that revokes instantly.
What happens if Tracestone goes offline?
Nothing. The evidence bundles are self-contained and the verifier is Apache 2.0 open source. Auditors can verify your historical bundles indefinitely with no dependency on Tracestone infrastructure — that's the core design guarantee, enforced by ADR-09 in our governance docs.
We work with enterprise security and compliance teams to build the evidence chain before the auditors arrive — not during. Reach out directly.