About VerifAIer Sentinel

Enterprise AI Governance
Infrastructure

VerifAIer Sentinel attaches a cryptographically-sealed audit receipt to every AI-generated file change, Bash command, and tool call in your Claude Code sessions. Run it in your terminal today: no account, no cloud, no external dependencies.

Mission

AI coding agents now modify critical infrastructure, financial systems, and regulated codebases. Yet most teams have no structured way to audit what an AI did, why it did it, or whether the outputs can be trusted by a regulator, an acquirer, or a governance board.

VerifAIer Sentinel provides the governance infrastructure layer that sits below the AI agent: deterministic, local-first, and model-provider independent. Every session produces a cryptographically-linked audit receipt. Every receipt feeds a deterministic governance chain that can be verified offline.

It is advisory infrastructure, not enforcement. It gives humans the evidence they need to make governance decisions. It does not make those decisions for them.

What VerifAIer Is
governance layersits below the AI, not above
receipt-basedsha256 of every session
deterministicsame inputs → same outputs, always
local-firstall state in local JSON files
model-agnosticworks with any LLM provider
advisory onlynever authoritative
What VerifAIer Is Not
not an agentdoes not run code
not cloud SaaSno remote servers
not enforcementadvisory outputs only
not auth/RBACno login, no access control
not a databasestate is local JSON only
Design Principles
01 Determinism over heuristics

Every output is a pure function of inputs. Same artifacts, same hash. No probabilistic scoring, no machine learning inference, no non-deterministic state. Posture rules are explicit conditions, not learned thresholds.

02 Advisory, never authoritative

authoritative_for_wiw = false is hardcoded and non-configurable. VerifAIer provides evidence; humans make governance decisions. The system never issues binding verdicts.

03 Local-first, air-gap capable

All state lives in local JSON files under .verifaier/. No external APIs, no remote servers, no telemetry. Deploy with pip install verifaier on a disconnected machine. Evidence bundles export to a single ZIP verifiable by anyone with a browser.

04 Replay safety

Timestamps never enter any hash preimage. Rebuilding the workspace from the same artifacts always produces the same workspace_id. The governance chain is replayable and verifiable.

05 stdlib only

The core system uses Python's standard library only. Optional Ed25519 signing requires the cryptography package. No hidden supply-chain dependencies.

06 Graceful degradation

Absent subsystems produce is_present=false, artifact_hash="", never an exception. Operators can review which subsystems are degraded via vai readiness check; posture tier drops transparently without halting the session.

Deployment Three paths, same evidence quality
Local Install

No account required. Install, wire hooks, govern. Evidence stays in your filesystem.

pip install verifaier
bash install_claude_hooks.sh
vai check src/
Air-Gap Capable

No internet required after pip install. All signing and verification runs locally. Evidence bundles are self-contained ZIPs.

vai export bundle --session ses-8f2a1b3c
# Output: ./evidence-bundle.zip
# Verifiable offline, any browser
CI Integration

Gate PRs on governance posture. Block merges when findings exceed policy threshold. Receipt artifacts attach to CI run.

vai ci gate HEAD~1 \
  --profile enterprise \
  --fail-on high
System Architecture

TVAM-lite: The Governance Proof Chain

T
Traceable Every session, decision, and artifact is linked by a cryptographic hash chain. Nothing is asserted without a traceable proof.
V
Verifiable Any link in the chain can be re-derived from the original artifacts. The workspace_hash is a single fingerprint of all 18 subsystems.
A
Auditable The full governance chain from receipt_hash to bundle_hash is auditable offline. Air-gap ZIP exports carry self-verifiable manifests.
M
Machine-readable Every output is JSON: structured for integration into CI gates, compliance workflows, SIEM pipelines, and regulator review packages.
# TVAM-lite hash chain (top-level)
receipt_hash (core)
↓ 7A signing
↓ 7B aggregate_vault
↓ 7J decision_hash
↓ 7L workflow_hash
↓ 7M pack_hash
↓ 7N graph_hash
↓ 7O proof_hash → readiness_hash
↓ 7R actor_hash (attribution)
↓ 7S workspace_hash → token_hash → bundle_hash

The workspace_hash is the TVAM-lite top-level state artifact: a single deterministic fingerprint of the entire enterprise governance fabric. It can be shared with regulators, acquirers, or governance boards as a tamper-evident summary.

Key Invariants Hardcoded · Never configurable · Never breakable
InvariantEnforcement
authoritative_for_wiw = FalseHardcoded in all dataclasses and output dicts
is_advisory_only = TrueHardcoded in all dataclasses and output dicts
No timestamps in hash preimagesOnly structural fields enter cjson() before sha256
7S never writes 7A–7R artifactsAll 7S writes go to .verifaier/enterprise_workspace/ only
Absent artifacts degrade gracefullyis_present=False, artifact_hash="" (no exceptions raised)
Deterministic rebuildbuild_workspace() is a pure function of artifact file contents
stdlib onlyNo external deps; optional Ed25519 via cryptography package
18-Subsystem Stack 7A through 7S: closed end-to-end governance chain
Enterprise Pilots · Design Partners · Sovereign Deployments

Deploy AI Governance Infrastructure

Available for enterprise teams, public-sector agencies, and sovereign AI infrastructure deployments. Local-first, no SaaS, no telemetry, no external dependencies.

Enterprise Workspace → Check Readiness Architecture
local-first deterministic air-gap-capable no-cloud model-agnostic stdlib-only