Free Admissibility & Citation Gap Briefing.Map your brand's footprint across the AI ecosystem and identify unverified Shadow Sources. Available for regulated enterprise evaluators.Secure Your Audit →
Admissibility infrastructure

The Commit Boundary for Regulated AI.

Stop monitoring what your AI did. Start enforcing what your AI is allowed to do. Deterministic admissibility for high-stakes autonomy—not a retrospective dashboard.

Launch the Admissibility SimulatorView the whitepaper
Watch demoVault intake

Jurisdictional readiness

Engineered for deployment models where decision metadata stays in your perimeter (VPC / region). Map supervisory obligations to primaries—UK, Singapore, EU—with counsel; we provide mechanical evidence, not a compliance label.

UKSingaporeEU

Commit boundary, forensic ledger, sovereign knowledge base

Slice A

The Gate

The Commit Boundary

A deterministic intercept between probabilistic reasoning and systems of record. Execution paths are fail-closed unless policy and identity checks pass at the gateway—not in a lagging dashboard.

  • Phase 1: propose / approve / execute API + SoD (proposer ≠ approver)
  • Phase 2: risk-tiered dual control (see internal roadmap)
Slice B

The Proof

Forensic Merkle ledger

Authorized commits seal into tamper-evident Merkle batches over entry_hash leaves. Exports recompute to a root in seconds with the open verification script—evidence you can rerun, not a narrative.

  • npm run trustee:verify-batch-json (exported leaves)
  • npm run trustee:verify-merkle-batch (live batch UUID)
Anchor prose

The Context

Sovereign knowledge base

Mandates and citations are versioned. The gate evaluates intent against your anchored policy surface—so drift and shadow sourcing surface as enforcement problems, not post-mortem surprises.

  • Sovereign KB + jurisdiction-aware routing
  • Citation integrity folded into IFQ / Triple-Lock

Deployment posture: In-site (VPC) · region-bound metadata · air-gapped verify (export + CLI)

Architectural index →Verification CLI (repo) →

Documentation & verification

For compliance, security architecture, and audit — primary sources for regulatory mapping stay with your counsel; we ship mechanical evidence and reader-friendly technical spine.

  • Reader

    State of Admissibility 2026

    Technical + regulatory-mapping spine (HTML).

    Open whitepaper →

  • Handbook

    Trustee-tier handbook

    Single canon: commit boundary, Triple-Lock, ledger.

    Read handbook →

  • Verify

    Batch JSON verification

    Recompute Merkle root from exported entry_hash leaves.

    View CLI source →

The admissibility handshake

From intent to sealed evidence (illustrative path).

High-risk dual steps mirror the simulator; single approver_id remains Phase 1 production until dual-control migrations ship.

1. Autonomous intent

Agent proposes action

A high-exposure action (e.g. credit limit change) is proposed. Until approved, it stays out of executed state—fail-closed by design.

2. Commit boundary

Deterministic gate

Intent is evaluated against Anchor Prose / IFQ / Triple-Lock. Inadmissible payloads return FAIL_CLOSED without touching systems of record.

3. Human verification

SoD + approvals

Risk tier drives control depth: SoD requires distinct proposer and approver. The simulator shows a second-line co-sign for narrative; map to your Phase 2 target operating model.

4. Merkle batching

Sealed receipts

Executed commits batch into Merkle roots over entry_hash leaves for independent recomputation.

5. Forensic receipt

Evidence package

Receipts bind policy pins, timestamps, and batch roots for audit—not a chat transcript alone.

Three outcomes of deterministic governance

Before the gate runs

Legacy AI wrapper

Probabilistic "safety"
  • Post-generation filtering (too late)
  • Opaque "overall" scoring
  • Weak mapping to specific regulatory mandates
  • Easy to overstate compliance in prose

BiDigest control plane

Deterministic governance
  • Pre-execution commit boundary
  • Triple-lock authority (Legal / Risk / Eng)
  • Merkle-sealed IFQ receipts
  • Sub-50ms fail-closed path

Usage-based verify pricing — no surprise platform tax. Governance pricing →

The admissibility control plane

Stop governing the model.
Govern the consequence.

Post-generation alerts are probabilistic. BiDigest enforces a <50ms deterministic Commit Boundary. If an AI cannot mathematically prove its authority, it does not execute.

The fail-closed circuit breaker

When an unauthorized AI attempts a state-change (hallucinated advice, out-of-bounds API call), the Commit Boundary rejects the payload instantly.

  • Zero reliance on vendor LLM "safety" guardrails.
  • Prevents the Consequence Gap before it happens.
  • Protects enterprise liability deterministically.

Test your current AI stack against the Triple-Lock.

Status: Fail-closed

Simulate the Commit Boundary

Inject a synthetic payload against the gate. Diagnostic demo only—validates deterministic pattern matching, not your production Anchor Prose. You won't see a probabilistic "safety score"; you will see a hard execution verdict and the Triple-Lock telemetry.

  1. Pick a scenario — each card describes intent (read-only, state-change, shadow-source ingest).
  2. Run Payload — watch Legal, Risk, and Engineering evaluate in sequence (the same three stakeholders your commit boundary must encode).
  3. Read the receipt — boundary outcome is ADMITTED, FAIL_CLOSED, or REVIEW_REQUIRED with IFQ and latency lines (illustrative).

Simulate Commit Boundary

Diagnostic demo v1.0

Inject synthetic payload

Agent requests a summary of the firm's approved Q3 data retention policy.

[READ] client_facing_chat

"Our Q3 data retention policy mandates a T+91 day purge for all non-essential PII."

L
Legal
R
Risk
E
Engineering
Awaiting payload injection — choose a scenario at left, then Run Payload.
Run a custom payload against your firm's Anchor Prose →

Stakeholder sign-off, encoded

Triple-lock flow aligns legal, risk, and engineering on the same ground truth—before traffic hits your models.

Encoded means sign-off is bound to Anchor Prose and policy artifacts—not slide decks—and produces Merkle-ready telemetry your Forensic Ledger can cite under scrutiny.

Trustee handbook →
  1. 1

    Legal

    Policy & regulatory fit

  2. 2

    Risk

    Control + evidence posture

  3. 3

    Engineering

    Enforcement in CI/CD

AI Visibility & Citation Share (The Growth Track)

Measure and optimize your entity's Citation Share across ChatGPT, Gemini, and Claude. Map your AI Visibility Gap, identify unverified competitor citations, and replace probabilistic search results with deterministic brand authority. Dominate the AI retrieval ecosystem with mathematically verified ground truth.

Measure Citation Share

AI Governance & Admissibility (The Truth Track)

Shift from passive policy to Governance-as-Code. Establish a deterministic "Machine Handshake" by anchoring your Ground Truth to your regulatory identifiers. Eliminate Narrative Drift, block unauthorized execution, and generate Merkle-sealed "Evidence-while-running" for your internal controls.

Secure Admissibility Vault

Why BiDigest

For the CISO (Digital Trust)

Automated management controls align security, legal, and risk with one admissibility posture.

For the Architect

Fast execution boundaries that preserve stack performance while enforcing fail-closed behavior. Technical index →

For the Board

Field-level lineage plus T+91 purge minimizes liability while preserving verifiable forensic proof.

For the Auditor

Merkle-sealed receipts convert "I think" into "I can prove" across governed trajectories.

Sovereign KB · IFQ · per-LLM — ask here