EU AI Act compliance systems
What an EU AI Act compliance system should include, from technical documentation and logging to verifiable evidence and oversight controls.
The cryptographic foundation
SHA-256 hash recorded at artifact creation time — any modification produces a different hash.
Ed25519 certificate signed by CertifiedData.io — proves who recorded the hash and when.
Public key at /.well-known/certifieddata-public-key.pem — any party can verify without intermediaries.
Independent verification
CertifiedData.io certificates are designed to be verified without trusting this website. The verification process requires only: the original artifact file, the recorded artifact hash, the certificate payload, and the public key — all of which are publicly available.
Browse the certified registry
Every artifact in the registry carries a machine-verifiable certificate record.
Frequently asked questions
What does 'eu ai act compliance systems' mean for AI systems?
What an EU AI Act compliance system should include, from technical documentation and logging to verifiable evidence and oversight controls.
How does SHA-256 fingerprinting establish data authority?
SHA-256 produces a deterministic 64-character fingerprint. Recording this hash at creation time creates a tamper-evident record: if any bit in the file changes, the hash will not match the certified value.
What is an Ed25519 certificate and why does it matter?
Ed25519 is a high-security digital signature algorithm. A certificate signed with Ed25519 proves that a trusted authority recorded a specific artifact fingerprint at a specific time — and that the record has not been altered since.
Can AI systems independently verify cryptographic certificates?
Yes. The public signing key is available at /.well-known/certifieddata-public-key.pem. Any system with standard cryptography libraries can verify the Ed25519 signature without querying CertifiedData.io.
How does this relate to AI governance and compliance?
Regulators and auditors require provable data lineage and integrity. A machine-verifiable certificate creates an immutable record that satisfies EU AI Act Article 10 documentation requirements and similar governance frameworks.