swt3-ai 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +86 -0
- data/lib/swt3_ai.rb +1 -1
- metadata +6 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e6b5ce85f7938c51d5738f838a78c3c5990c7ccc6ad8af7b79c9ea339231804e
|
|
4
|
+
data.tar.gz: c1e2e302c8d52759233e8fc46a22b411634144390e642b0b30d4ad161187b490
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 067bf588f7aefe172df7a74c712f0ae08d4182946bf2e074268d37d1f8af14c7c7b77c9ea198329dbd30df37e5669dcf5cfa9973319b22c5749095072504f8a4
|
|
7
|
+
data.tar.gz: bd21ed1a6572663fb04c49a92bedc86953bd2ec9bdc88354b99ab282483ad6b5555a3b7851f1c2928bc135ab95239d9a812619a2f0299d84a0ffaac70d6b5a6b
|
data/README.md
ADDED
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
Witness your AI. Prove it followed the rules. Cryptographic accountability for every inference, tool call, and resource access.
|
|
2
|
+
|
|
3
|
+
[](https://rubygems.org/gems/swt3-ai)
|
|
4
|
+
[](https://github.com/tenova-labs/swt3-ai/blob/main/LICENSE)
|
|
5
|
+
|
|
6
|
+
# swt3-ai
|
|
7
|
+
|
|
8
|
+
**SWT3 AI Witness SDK for Ruby** (coming soon): tamper-proof evidence that your AI is doing what you say it does. Every inference hashed. Every tool call recorded. Every resource access checked against scope. No prompts or responses ever leave your infrastructure.
|
|
9
|
+
|
|
10
|
+
The EU AI Act takes effect **August 2, 2026**. When regulators ask "prove your AI followed the rules," you need more than logs. You need cryptographic proof.
|
|
11
|
+
|
|
12
|
+
## Status
|
|
13
|
+
|
|
14
|
+
This package reserves the `swt3-ai` namespace on RubyGems. The full Ruby SDK is under development.
|
|
15
|
+
|
|
16
|
+
Production SDKs are available today for Python and TypeScript:
|
|
17
|
+
|
|
18
|
+
```bash
|
|
19
|
+
# Python
|
|
20
|
+
pip install swt3-ai
|
|
21
|
+
python -m swt3_ai.demo
|
|
22
|
+
|
|
23
|
+
# TypeScript
|
|
24
|
+
npm install @tenova/swt3-ai
|
|
25
|
+
npx swt3-demo
|
|
26
|
+
```
|
|
27
|
+
|
|
28
|
+
Both run the full pipeline locally with no API keys: hash, extract, clear, anchor, verify.
|
|
29
|
+
|
|
30
|
+
## What SWT3 Does
|
|
31
|
+
|
|
32
|
+
When your AI makes a call, the SDK:
|
|
33
|
+
|
|
34
|
+
1. **Hashes** the prompt and response locally using SHA-256 (raw text never leaves your machine)
|
|
35
|
+
2. **Extracts** numeric factors: model version, latency, token count, guardrail status
|
|
36
|
+
3. **Clears** sensitive metadata based on your clearing level (you control what goes on the wire)
|
|
37
|
+
4. **Anchors** the factors into a cryptographic fingerprint anyone can independently verify
|
|
38
|
+
5. **Returns** your original response completely untouched
|
|
39
|
+
|
|
40
|
+
The result: an immutable record that your AI ran the right model, with the right guardrails, within the right boundaries. Without the auditor ever seeing the data.
|
|
41
|
+
|
|
42
|
+
## Regulatory Coverage
|
|
43
|
+
|
|
44
|
+
The SWT3 AI Witnessing Profile maps to:
|
|
45
|
+
|
|
46
|
+
- **EU AI Act**: Articles 9, 10, 12, 13, 14, 53, 72
|
|
47
|
+
- **NIST AI RMF**: GOVERN, MAP, MEASURE, MANAGE functions
|
|
48
|
+
- **ISO 42001**: Annex A AI management controls
|
|
49
|
+
- **NIST 800-53**: SI-7 (integrity), AU-2/AU-3 (audit), AC controls
|
|
50
|
+
- **SR 11-7**: Model risk management (financial services)
|
|
51
|
+
|
|
52
|
+
## Verify Any Anchor From Your Terminal
|
|
53
|
+
|
|
54
|
+
```bash
|
|
55
|
+
echo -n "WITNESS:DEMO_TENANT:AI-INF.1:1:1:0:1774800000000" | sha256sum | cut -c1-12
|
|
56
|
+
# Produces a 12-character fingerprint. Compare it to the anchor. If it matches, the anchor is real.
|
|
57
|
+
```
|
|
58
|
+
|
|
59
|
+
No SDK needed. Works on any machine, any language.
|
|
60
|
+
|
|
61
|
+
## Cross-Language Parity
|
|
62
|
+
|
|
63
|
+
All SWT3 SDKs produce identical fingerprints from the same inputs. A unified audit trail across your entire stack, verified by shared test vectors at build time.
|
|
64
|
+
|
|
65
|
+
| Layer | Language | Package |
|
|
66
|
+
|-------|----------|---------|
|
|
67
|
+
| Backend services | Python | [swt3-ai](https://pypi.org/project/swt3-ai/) |
|
|
68
|
+
| API routes / Edge | TypeScript | [@tenova/swt3-ai](https://www.npmjs.com/package/@tenova/swt3-ai) |
|
|
69
|
+
| Protocol reference | TypeScript | [@tenova/libswt3](https://www.npmjs.com/package/@tenova/libswt3) |
|
|
70
|
+
| Web apps (Rails) | Ruby | swt3-ai (this package, coming soon) |
|
|
71
|
+
|
|
72
|
+
## Links
|
|
73
|
+
|
|
74
|
+
- **Website**: [tenova.io](https://tenova.io)
|
|
75
|
+
- **Protocol Spec**: [SWT3-SPEC-v1.0](https://github.com/tenova-labs/swt3-ai)
|
|
76
|
+
- **Live Demo**: [sovereign.tenova.io/audit/axm_audit_demo_eu_ai_act_public](https://sovereign.tenova.io/audit/axm_audit_demo_eu_ai_act_public)
|
|
77
|
+
|
|
78
|
+
## Privacy
|
|
79
|
+
|
|
80
|
+
Your prompts and responses **never leave your infrastructure**. The SDK computes SHA-256 hashes locally and transmits only irreversible hashes and numeric factors. At Clearing Level 3, even the model name is hashed. The witness endpoint is a blind registrar: it stores cryptographic proofs, not your data.
|
|
81
|
+
|
|
82
|
+
---
|
|
83
|
+
|
|
84
|
+
*SWT3: Sovereign Witness Traceability. We don't run your models. We witness them.*
|
|
85
|
+
|
|
86
|
+
SWT3 and Sovereign Witness Traceability are trademarks of Tenable Nova LLC. Patent pending. Apache 2.0 licensed.
|
data/lib/swt3_ai.rb
CHANGED
metadata
CHANGED
|
@@ -1,28 +1,31 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: swt3-ai
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- TeNova Labs
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-04-
|
|
11
|
+
date: 2026-04-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Cryptographic accountability protocol for AI inference, training, and
|
|
14
14
|
deployment.
|
|
15
15
|
email:
|
|
16
|
+
- engineering@tenovaai.com
|
|
16
17
|
executables: []
|
|
17
18
|
extensions: []
|
|
18
19
|
extra_rdoc_files: []
|
|
19
20
|
files:
|
|
21
|
+
- README.md
|
|
20
22
|
- lib/swt3_ai.rb
|
|
21
23
|
homepage: https://tenova.io
|
|
22
24
|
licenses:
|
|
23
25
|
- Apache-2.0
|
|
24
26
|
metadata:
|
|
25
27
|
source_code_uri: https://github.com/tenova-labs/swt3-ai
|
|
28
|
+
homepage_uri: https://tenova.io
|
|
26
29
|
post_install_message:
|
|
27
30
|
rdoc_options: []
|
|
28
31
|
require_paths:
|
|
@@ -31,7 +34,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
31
34
|
requirements:
|
|
32
35
|
- - ">="
|
|
33
36
|
- !ruby/object:Gem::Version
|
|
34
|
-
version:
|
|
37
|
+
version: 2.7.0
|
|
35
38
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
36
39
|
requirements:
|
|
37
40
|
- - ">="
|