Replay-safe evidence, audit receipts, operational memory, and local-first governance for AI coding agents and long-context AI systems. No cloud. No account. No telemetry. Sovereign-capable. Deployable today.
pip install verifaier then install_claude_hooks.sh. No account. No config wizard. Done.
Every Edit, Write, and Bash command Claude generates is intercepted before it lands. Governance scan runs locally in <50ms.
At session end, a SHA-256 Merkle root over every tool-call hash is computed. Same inputs always produce the same proof_id.
Run vai replay --verify at any point. Chain breaks trigger automatic escalation to a named reviewer.
Install once. Govern everything Claude writes. No account. No cloud. No
configuration beyond a single settings.json.
VerifAIer hooks into Claude Code at the tool-call level. Every Edit, every Write, every Bash command Claude generates is intercepted, analyzed, and receipted. Before the file is saved. Before the command runs.
pip install verifaier
bash scripts/install_claude_hooks.sh
VerifAIer integrates directly with Claude Code's hook system. Three hooks cover the entire session arc: from the first Edit to the final Stop.
The session proof_id is a SHA-256 Merkle root over every tool-call input hash
in the session. Same session inputs → same hash. Verifiable offline, air-gapped, years later.
Live Session (stderr)
Every tool call Claude makes, every Edit, Bash, Write, is captured in a deterministic, hash-chained event log. Replay it in a cinematic Replay Studio. Archive it to a forensically signed ZIP. Prove it never changed.
Flight Recorder is local-first, zero-cloud, zero-dependency. The session stays
in your filesystem. The replay bundle is a single self-contained
.html
file you can open offline in any browser. No server. No login.
Memory Receipts are cryptographically sealed, tamper-evident records of the AI advice, decisions, and insights that matter to you. Not screenshots. Not chat logs. Sealed evidence.
Local-first personal AI memory vault. Every receipt includes a SHA-256 proof chain.
Any edit to the content breaks the proof, verifiable by anyone, offline, years later.
authoritative_for_wiw=false
The Intelligence Layer links replay sessions to memory receipts: deterministic lineage, no embeddings, no cloud. Export bundles include the full evidence graph, offline-verifiable.
A screenshot shows pixels. It does not prove when it was taken, whether the AI session was real, or whether the content was edited before capture. A mutable file is not governance evidence. VerifAIer seals the moment: cryptographically, locally, forever.
Can be taken any time. No timestamp you control. No proof of AI session. Pixels only.
Mutable. No cryptographic seal. Timestamps are filesystem metadata, trivially forged.
SHA-256 proof chain. Timestamp is part of the hash. Any edit breaks the proof. Verifiable offline.
Every tool call Claude makes is recorded: what it read, what it wrote, what it ran, what it found. The session is hash-chained into a Merkle seal. You can replay it years later: same inputs, same proof.
Most teams using AI coding assistants have zero forensic capability. When an incident happens, they cannot prove what the AI actually did. VerifAIer fixes this in one command.
Memory Receipts seal what AI said. Flight Recorder seals what AI did. The Intelligence Layer links them. The result: a decision lineage you can prove to an auditor, a board, or a regulator.
Every VerifAIer feature works with zero cloud connectivity. Your evidence chain lives on your machine. Verification requires stdlib SHA-256 only (no VerifAIer install, no network).
VerifAIer scales from a single developer sealing receipts on a laptop to a regulated enterprise running an air-gapped instance with full evidence-chain requirements. The proof chain is the same. The architecture scales.
"Governance today is a file in a directory."
Most organizations claim AI governance. What they have is a folder of scan reports, a Confluence page updated before the audit, and a Word document that could have been written after the fact. There is no external proof of timing. No cryptographic evidence that policy was applied. No way to demonstrate to a regulator that governance preceded deployment, not just documentation of governance.
Regulators are beginning to notice. The EU AI Act, NIST AI RMF, and emerging FSI model risk guidance all require verifiable governance evidence. A mutable text file is not verifiable. VerifAIer makes it verifiable.
Every governance receipt is a pure function of the artifact it covers. Same code, same policy, same tool version: same hash, every time. No timestamp enters the hash preimage. No random seed. No model output that varies run to run. Evidence that cannot replay is not evidence.
No telemetry. No cloud dependency. No external API call during a governance scan. VerifAIer runs inside your perimeter: behind your firewall, inside your air gap, on your classification network. Governance infrastructure that phones home cannot be trusted with what it governs.
Merkle-rooted attestation manifests for every governed artifact. Proof chain lineage linking evidence over time. Portable bundles with self-verifiable manifests. Optional cryptographic anchoring to public chains for independent timestamp proof, verifiable without VerifAIer, without an account, without disclosing source code.
The TVAM-lite proof chain links every governance artifact from receipt to bundle. Each hash is a commitment: computable from public inputs, verifiable from first principles, stable across the entire artifact lifecycle. Nothing in this chain depends on a server, a session, or a clock.
The proof_id
for each artifact is deterministic: SHA-256(type : hash : merkle_root).
It is time-independent, anchor-status-independent, and stable from the moment
the artifact exists. Only 64 characters ever reach an external chain.
TVAM-lite Proof Chain
AST-level analysis of AI-generated Python and JavaScript. Interprocedural taint tracking across function boundaries. Per-PR governance receipts with Ed25519 signatures. Built for coding agents, not static analysis retrofitted to look that way.
Explore AI Coding →Full semantic analysis across 200,000+ token sessions. Semantic drift detection, instruction conflict identification, tool-call chain auditing, and information boundary violation detection. Designed for the sessions that actually do damage.
Explore Deep Audit →Maturity tier classification across the full 18-subsystem governance fabric. TVAM-lite chain verification. Posture scoring across policy, evidence, identity, and federation dimensions. Pilot onboarding readiness without the theatre.
View Readiness →Executive, SOC, regulator, and sovereign reporting bundles. Air-gap ZIP exports with self-verifiable manifests. SIEM export in JSONL and RFC 5424 syslog format. Evidence packages built for handoff, not for internal consumption.
View Reports →Multi-node governance topology. Policy synchronization across development teams. Cross-workspace federation with governance lineage preserved. Organization-level posture aggregation. Designed for the enterprise that actually has a fleet.
View Partner Modes →Deterministic Merkle trees over proof-stable artifact fields. Inclusion proofs for selective disclosure. Proof chain lineage with tamper detection. Optional anchoring to Avalanche C-Chain. Only 64 characters touch the public ledger.
View Architecture →The AI session black box. Every tool call hash-chained. Cinematic Replay Studio. Four capture levels from telemetry to forensic. Encrypted evidence vault. Signed forensic archives. Tamper detection. Local-first. Zero cloud.
Explore Flight Recorder →Deployed to development infrastructure. Governance scans trigger at every pull request, every coding session, every AI generation event. Evidence packs accumulate. Monthly compliance exports verify the posture held across the entire period, not just the day before the audit.
Air-gapped by design. No external call is made during governance scanning,
manifest generation, Merkle computation, or bundle creation.
The proof_id (64 ASCII characters) transfers outbound
through an approved medium. Three public blockchain values return inbound.
The classified environment never connects to a network.
The proof_id anchors
to the Avalanche C-Chain as a standard EVM transaction: UTF-8 calldata,
zero AVAX transferred, no smart contract required. An auditor with a block
explorer and the manifest JSON can verify the entire chain of custody
without VerifAIer, without an account, without source code.
At $0.001–$0.01 per anchor, governance timestamping disappears as a cost consideration. What remains is an externally verifiable, tamper-evident record that governance preceded deployment. Not a claim. A fact.
Fuji anchoring: web3 connector implemented and tested · live ops require a funded wallet
VerifAIer is available through a pilot agreement, not a self-serve checkout flow. Governance infrastructure for regulated environments requires onboarding, not a credit card.
Install locally, wire one hook script, and every AI-generated change is receipted. No SaaS. No telemetry. No external dependencies. Evidence from day one.
contact@verifaier.io