Receipt Explorer · Architecture
How a cryptographic compliance receipt works.
Per utterance: SHA-256. Per call: Merkle-aggregated. Per minute: RFC 3161 timestamp authority. Three years from now, you can prove what your AI said, why it said it, and which compliance rule it followed.
Caller speech ──→ STT ──→ Utterance text ──→ SHA-256 hash ──┐
▼
LLM proposed response ──→ Compliance check ──→ PASS/FAIL ──→ SHA-256 hash
│
┌────────────────────┘
▼
Merkle aggregation (per call)
│
▼
RFC 3161 TSA signature (per minute)
│
▼
Compliance Receipt (per call)
│
▼
Auditor / regulator / DPA / internal auditArchitecture diagram — every Audact call follows this exact path.
WHAT
Each call gets a receipt. One Merkle root. One timestamp. One audit-ready record. The receipt chains every utterance, every compliance decision, every disclosure event into a tamper-evident structure.
WHY
Logs are claims; cryptographic receipts are evidence. Regulators, auditors, and DPAs treat them differently. A log says we think this happened. A receipt proves it — and proves it was not altered after the fact.
HOW
- • Per utterance: SHA-256 hash (P2 Compliance Receipt)
- • Per call: Merkle-tree aggregation (P2B Merkle Aggregation)
- • Per minute: RFC 3161 TSA signature
- • Per disclosure: P11 Article 50 Attestation
- • Per sequence: P28 Disclosure Sequencing
Patent-backed components in this receipt
- P2 Compliance Receipt (GB2603849.7) — per-utterance hash chain
- P2B Merkle Aggregation — per-call tamper-evident aggregation
- P11 Article 50 Attestation (GB2606340.4) — per-disclosure cryptographic attestation
- P28 Disclosure Sequencing (GB2606420.4) — proof of disclosure-event order
All UK IPO filed. Patent-pending until grant — defensive IP value, not enforcement rights yet.
Want this for your own agency?
Apply for the V1.0 white-glove pilot (€1.497 one-time + €499/mo recurring). Every call your end-clients run gets a receipt — show it to their regulator, embed it in your client reports, never carry the blame.