Signed AI decision logging
Append-only, Ed25519-signed AI decision records with SHA-256 chain links. Every record is independently verifiable — hash + signature — without calling CertifiedData. EU AI Act Article 12-aligned.
Chain architecture
All fields including PII-sensitive content. SHA-256 chain-linked across every record. Ed25519-signed per record. Retained per plan (7y for Build+). Not publicly accessible — only accessible to authenticated account owner.
- →All payload fields
- →Chain-linked SHA-256
- →Ed25519 per record
- →Audit vault access (Trust+)
- →Export-ready (Trust+)
Available when publicMode: true. Strips PII-sensitive fields (entity identifiers, explanation detail). Preserves: actor type, decision, model identifier, policy, timestamp, cert reference, signature. Published to /decision-log.
- →PII stripped
- →actor type + decision + model retained
- →Signed chain-link preserved
- →Publicly crawlable
- →EU AI Act Article 50-compatible
Decision record payload
| Field | Required |
|---|---|
| actor | required |
| decision | required |
| artifactReference | optional |
| model | optional |
| policy | optional |
| explanation | optional |
| review | optional |
| entity | optional |
| publicMode | optional |
The canonicalized payload (RFC 8785 JSON Canonicalization Scheme) is what gets hashed and signed. The signature covers the full normalized record, not a summary.
Capability matrix
| Action | Anonymous | Authenticated | Production | Public Proof |
|---|---|---|---|---|
| Log decision (demo) | ✓ 30/min/IP | ✓ 1k/mo | ✓ unlimited | ✓ demo verify |
| Log decision (production) | ✗ auth required | ✓ free+ | ✓ | ✓ opt-in public |
| Verify decision record | ✓ no limit | ✓ | ✓ | ✓ public endpoint |
| Browse public decision feed | ✓ public | ✓ | ✓ | ✓ /decision-log |
| Inspect checkpoints | ✓ public | ✓ | ✓ | ✓ chain verify |
| Search decision log | ✗ auth required | ✓ | ✓ | — |
| Export audit records | ✗ | ✓ Trust+ | ✓ Trust+ | — |
| Artifact provenance link | ✗ | ✓ Build+ | ✓ Build+ | ✓ on record |
API examples
# Demo decision (no account, 30/min/IP)
curl -X POST https://certifieddata.io/api/demo/decision \
-H "Content-Type: application/json" \
-d '{
"actor": "my-agent",
"decision": "approve",
"explanation": "Testing the demo endpoint"
}'curl -X POST https://certifieddata.io/v1/decisions \
-H "Authorization: Bearer $CERTIFIEDDATA_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"actor": "loan-underwriting-model-v3",
"decision": "approve",
"model": "internal-credit-model-v3.2",
"entity": "applicant:anon-7f2a",
"policy": "credit-risk-policy-v2",
"explanation": "Credit score 720, DTI 28%, employment verified 4 years",
"artifactReference": "cert_abc123",
"publicMode": false
}'# Verify a decision record by ID curl "https://certifieddata.io/api/decision-log/verify?id=drec_xxxx" # Public decision feed curl "https://certifieddata.io/api/decision-log/latest?limit=20" # Signing key discovery curl "https://certifieddata.io/.well-known/decision-signing-keys.json"
Independent verification
Verify any decision record without contacting CertifiedData:
- 1Fetch the record from GET /api/decision-log/verify?id=drec_xxxx
- 2Compute SHA-256 over the RFC 8785-canonicalized payload
- 3Compare against the record's stored hash
- 4Fetch the signing public key from /.well-known/decision-signing-keys.json
- 5Verify the Ed25519 signature using the public key