If your AI makes decisions,
you need an audit trail that holds up.
The CertifiedData Decision Ledger creates cryptographically verifiable records of AI decisions — tamper-evident, signed, and audit-ready for regulators, risk teams, and courts.
Each record is canonicalized with RFC 8785, SHA-256 hashed, Ed25519 signed, and linked to the previous record. Any modification breaks the chain — verifiably, forever.
Definition
AI Decision Ledger: a cryptographically verifiable system for recording AI system decisions — including inputs, outputs, model context, and execution metadata. Each record is hash-linked and digitally signed, enabling tamper-evident audit trails and independent verification without contacting the issuer.
August 2026 is not a suggestion.
EU AI Act Article 12 requires high-risk AI systems to record decisions, ensure traceability, and support auditability across their lifecycle. Enforcement begins August 2026.
Article 12(1)
"High-risk AI systems shall technically allow for the automatic recording of events ('logs') over the lifetime of the system."
Article 12(2)(a)
"...to ensure a level of traceability of the AI system's functioning that is appropriate to the intended purpose of the system."
Most systems have logs. Those logs are mutable, internal-only, and not independently verifiable. A regulator will treat a mutable log like a bank statement you typed yourself.
What an auditor will actually ask
- 1Show every decision your AI made about this subject.
- 2Show which model version produced each decision.
- 3Show which dataset trained that model.
- 4Prove none of those records have been modified since they were written.
Most organizations can answer 1–2. Almost none can prove 4 without a backup and a prayer.
Generate a verifiable decision record
Edit the sample payload, click Run, and inspect the real SHA-256 hash, signature, and verification path without leaving this page.
- • Decision-shaped JSON becomes a ledger record
- • The record gets a deterministic SHA-256 hash
- • The record gets an Ed25519-style signature
- • The result exposes a public verification path
{
"label": "loan_decision",
"actor": "underwriting_service",
"entity": "application_84721",
"input": {
"credit_score": 712,
"income_band": "80k-100k",
"debt_to_income": 0.31,
"region": "DE-BY"
},
"output": {
"decision": "approved",
"apr_band": "prime",
"limit_band": "10k-15k"
},
"model": {
"id": "underwriter-v3.2",
"version": "3.2.1"
},
"cert_ref": "cert_demo_001",
"publicMode": true
}Live proof — not a marketing badge
This is the most recent record in the public decision ledger. Signed, chained, and published the same way your decisions will be. Anyone can re-verify it independently.
Logging vs. evidence
Traditional logging
- • Mutable — records can be altered
- • Internal-only — not independently auditable
- • No chaining — each record stands alone
- • No signatures — no proof of authorship
Decision Ledger
- • Tamper-evident — SHA-256 + Ed25519 signed
- • Independently verifiable — no issuer contact needed
- • Hash-chained — tampering breaks the tail verifiably
- • Hourly sealed checkpoints — auditable continuity
This is not observability. This is evidence.
How it works
- 1Your AI system makes a decision.Inference, approval, routing, pricing, denial — any action that needs a record.
- 2Your service calls POST /v1/decisions.One HTTP request with actor, entity, label, selected option, and any cert or model reference.
- 3We canonicalize, hash, and sign.RFC 8785 JCS canonical JSON, SHA-256, Ed25519 — deterministic and independently reproducible.
- 4Dual-chain write.Internal record keeps full context. Sterilized public projection goes into a separately chained public log.
- 5Hourly sealed checkpoints.Signed checkpoints seal the public chain. Any tampering breaks the seal — verifiably, forever.
- 6Anyone can verify.GET /api/decision-log/:id/verify re-computes the hash and checks the signature against the published signing key.
Log your first decision in minutes
curl -X POST https://certifieddata.io/v1/decisions \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"actor": { "type": "system", "id": "loan-engine-v3" },
"decision": {
"label": "loan_decision",
"selectedOption": "approved"
},
"explanation": {
"reasonCodes": ["credit_score_above_threshold", "dti_within_policy"],
"rationaleSummary": "Applicant meets underwriting criteria."
},
"publicMode": true
}'Who this is for
Compliance / GRC
You need evidence that survives an audit. Decision Ledger is your auditor-ready record.
Article 12 mapping →AI / Model Risk
You already log. We make the log tamper-evident and cryptographically linkable to datasets and models.
Read the spec →Financial Services
Fair-lending, SR 11-7, adverse action. Prove the why behind every model decision.
FS use case →From data → decision → proof
Dataset → Certified
Model → Trained
Decision → Logged & Signed
Everything → Verifiable
This is not a feature set. This is AI system accountability infrastructure.
Start logging AI decisions today.
If your AI system makes decisions, you will need an audit log that holds up in front of a regulator. CertifiedData gives you a cryptographically signed, hash-chained record. Free tier includes 1,000 records/month — no credit card.
- 1Create a free accountNo credit card. Two minutes.
- 2Get your API keyOne key. Scoped, revocable, rotateable.
- 3Send your first decisionOne curl. Appears in the public ledger within seconds.
Also in the platform
Related Evidence
Decision Ledger
Cryptographically verifiable AI decision records with auditability and live proof.
Compliance Logging
How CertifiedData supports audit-ready AI evidence workflows.
Decision Logging
Append-only, signed decision logs linked to certified artifacts.
Decision Traceability
Trace decisions from outcomes back to certified data sources.
Synthetic Data Certification
Dataset provenance, certification, and machine-verifiable artifact records.
Verify
Public verification for records, certificates, hashes, and signatures.