Evidence IO
AI Evidence & Policy Layer

Verifiable evidence for every AI interaction.

EvidenceIO sits between your applications and AI providers as a transparent gateway and sidecar layer. It turns every request and response into a durable, verifiable record without forcing you to redesign services.

Deployed as Kubernetes sidecars and egress gateways across major clouds, EvidenceIO is a dedicated evidence and policy boundary for any AI workload.

Attestation epochs

AI is shipped in days.
Evidence and governance lag behind.

Incidents, approvals, and audits require precise, reconstructable records of how AI behaved across services and clouds.

Opaque runtime behavior
Requests, prompts, and responses fan out across microservices, SDKs, and proxies. Reconstructing what actually happened often means correlating incomplete traces and log fragments.
No integrity guarantees
Conventional logs are mutable text files. They cannot prove a line was never edited or removed. There is no independent boundary around AI interactions that can stand on its own.
Infrastructure blind spots
Traffic flows through ad-hoc proxies or direct SDK calls. Policies are scattered across configuration files instead of being enforced in a dedicated evidence and policy layer.

Independent AI evidence layer.

EvidenceIO plugs into your infrastructure as a transparent gateway and sidecar mesh, intercepting traffic to AI providers to enforce policy and emit verifiable receipts without changing how your applications call models.

Step 01
Client applications and services
Web frontends, backend APIs, batch jobs, and agents call AI endpoints through HTTP, gRPC, or provider SDKs as they do today.
Step 02
Gateway sidecars in Kubernetes
EvidenceIO runs as Kubernetes sidecars and egress gateways. It intercepts AI-bound traffic at the pod and cluster level, streaming requests and responses without buffering entire bodies.
Step 03
AI providers
Traffic flows to Gemini, OpenAI, Anthropic, Bedrock, or internal LLMs. EvidenceIO is provider-agnostic and can route to multiple providers based on policy.
Step 04
Witness and receipts
The Witness service canonicalizes payloads, performs HMAC-SHA256 sampling, derives per-epoch keys with HKDF, and issues integrity proofs. Async workers build Merkle trees and persist receipts for later verification.

Architecture aligned with production infrastructure.

EvidenceIO runs at the infrastructure edge — in Kubernetes, serverless, and VPC gateways — to intercept, sign, and store proof without forcing teams to rebuild how they ship AI.

Core components
  • AI gateway (interceptor) — Node.js/Fastify streaming proxy that inspects in-flight data without buffering entire requests or responses.
  • Witness service — Manages short-lived epochs and keys derived via HKDF from a hardware-secured root key, issuing integrity proofs for each interaction.
  • Async workers — Pub/Sub–style workers that handle I/O, persist receipts, and aggregate them into Merkle trees.
Low-latency interception
Streaming architecture preserves TTFB. Heavy work such as storage and aggregation is offloaded to async workers, engineered for tightly bounded p95 latency at scale.
Deterministic integrity
RFC 8785 (JCS) for deterministic JSON canonicalization, HMAC-SHA256 sampling to decide inclusion, and binary Merkle trees with roots anchored per epoch.
Polyglot storage
Firestore for indexed metadata and policy lookups, object storage for immutable bodies, and realtime databases for live telemetry, mapped cleanly to AWS and Azure equivalents.
Policy engine: BYO + EvidenceIO
Bring your own policy rules and combine them with EvidenceIO policy packs for routing, blocking, and redaction, all enforced at the interception layer.
Why EvidenceIO

Why AI leaders choose EvidenceIO

EvidenceIO turns every AI interaction into verifiable evidence, while keeping runtime cost and latency aligned with production expectations.

Tune trust posture, not just token usage.

EvidenceIO continuously samples, signs, and aggregates AI interactions so you can tune cost, latency, and risk posture with measurable trade-offs rather than assumptions.

  • Compare internal and external models with a consistent receipt structure and policy set.
  • Give platform, security, and risk teams a shared, integrity-backed view of AI behavior.
  • Move from opinions about logs to concrete evidence during incident reviews and approvals.

The fastest path to runtime evidence.

Deploy sidecars and gateways in your existing clusters. EvidenceIO starts generating verifiable receipts without redesigning your applications or model endpoints.

Build quickly with centralized policies.

Teams define their own policy rules, and EvidenceIO contributes its policy packs. All of them are enforced at the gateway, versioned, and embedded into receipts.

Scale across clouds without blind spots.

Run EvidenceIO in multiple clusters, regions, and clouds. Receipts keep a consistent format, giving you a single evidence model across heterogeneous infrastructure.

Align platform, security, and risk.

Platform, security, and risk teams share the same receipts, policies, and CLI. Everyone uses the same evidence for every AI decision.

For teams that need operational proof.

One evidence and policy layer supporting multiple stakeholders.

Platform engineering

Instrument AI usage across services without turning every codebase into a compliance project.

  • Kubernetes sidecars and gateways instead of bespoke logging per service.
  • Policies as code, versioned with infrastructure and deployments.
  • Production debugging with signed receipts instead of partial traces.

Security and infrastructure

Treat AI egress like any other critical network boundary: observable, enforced, and auditable.

  • Centralize AI egress through EvidenceIO gateways across clusters and VPCs.
  • Feed receipts to the SIEM with policy decisions and integrity proofs attached.
  • Use RBAC and SSO to control who can view or export evidence.

Risk and governance

Answer questions about AI behavior with artifacts that can withstand review.

  • Track which policies were enforced, when, and on which traffic.
  • Generate exportable evidence packs for committees and audits.
  • Use one evidence model across SaaS, internal platforms, and operational systems.

For any domain where AI must be provable.

EvidenceIO is designed for environments where governance, security, and operations require precise, verifiable records of AI usage. It follows infrastructure boundaries rather than a single industry.

Enterprise SaaS and platforms

Embed AI across products while giving customers clear guarantees about data handling and policy enforcement.

  • Runtime evidence for security questionnaires and due diligence.
  • Receipts scoped by tenant, region, and environment.

Critical operations and workflows

When AI decisions affect operations or processes, you need to know what was sent, what came back, and which controls applied.

  • Trace model calls and downstream events across systems.
  • Run shadow-mode evaluations before changes reach production.

AI centers of excellence

Standardize trust across business units, clouds, and model stacks with a single evidence layer.

  • Shared policy packs with team-specific overrides.
  • Consistent receipts for internal and third-party models.

Pricing for teams that treat AI as infrastructure.

Three tiers, designed for real workloads — from first experiments to regulated, multi-cloud estates.

Free (beta)
For personal projects, prototypes, and internal sandboxes.
$0 per month, metered compute
  • One environment with up to 100k signed interactions per month.
  • CLI and basic dashboard access.
  • Standard EvidenceIO policy templates.
  • Community support.
  • Manual approval required while in beta.
Startups
For teams building production AI products where evidence is part of the value proposition.
Custom startup-aligned minimums
  • Multiple environments (development, staging, production) with higher attestation volume.
  • Kubernetes sidecars, edge gateways, and proxies for AI egress.
  • Bring your own policy rules plus curated EvidenceIO policy packs.
  • Slack-based integration and rollout support.
  • Evidence export APIs and pre-built report packages for reviews.
Enterprise
For organizations that treat AI as critical infrastructure and require strong, verifiable guarantees.
Custom pricing based on volume, regions, and retention
  • Unlimited environments and request volume within contracted limits.
  • Multi-cloud, multi-region deployments across Kubernetes, Cloud Run, Fargate, and more.
  • Bring your own keys via cloud KMS, with strict data residency controls.
  • Dedicated integration team, RBAC/SSO, and SOC-aligned operational processes.
  • Evidence export APIs, long-term retention, and custom evidence pack generation.

EvidenceIO is designed for production AI systems that must be provable, not short-lived experiments.

Every AI system claims to be safe.
EvidenceIO shows what it actually did.

Join the early access program and turn every AI interaction into evidence you can use with engineering, security, and audit teams.