For regulated teams

    Prove what, exactly?

    Audit logs prove an agent did something. That is not enough when a single misstep costs $10M and a regulator is asking for evidence. Mnemom binds what the agent was allowed to do, to what it actually did — cryptographically, across every model, on every call.

    Read the card specSee what we screen for
    Intent specification

    Alignment Cards

    An Alignment Card is a signed contract: the scope an agent is authorized to operate within, expressed structurally enough for a machine to enforce and plainly enough for a CISO to sign.

    • Declared intent
      What this agent is authorized to do, in plain language and in signed structured form.
    • Permitted tools + scopes
      Exact callable surface. Nothing outside the card is reachable at runtime.
    • Data boundaries
      What the agent may read, what it must never write, and which zones are off-limits.
    • Escalation contract
      When the agent must hand to a human — and what evidence it must bring.
    • Compliance obligations
      EU AI Act article bindings, HIPAA roles, sector-specific retention clauses.
    • Drift budget
      How much the agent is allowed to deviate from baseline behavior before AIP fires.
    Execution binding

    The proof chain

    Every run produces a signed chain of evidence. Each link attests to a distinct part of the agent's execution, bound back to the card hash and provided with Merkle inclusion proofs for third-party verification.

    1. 1
      Card hash
      The declared intent, fingerprinted and signed.
    2. 2
      Input attestation
      Every message, tool result, and retrieved document that reached the agent.
    3. 3
      Decision trace
      Reasoning checkpoints, policy evaluations, and CFD verdicts — sequenced and signed.
    4. 4
      Tool-call ledger
      Each tool invocation, arguments, and response — bound back to the card's permitted scope.
    5. 5
      Output certificate
      The final agent response, CBD-screened, Ed25519-signed, bound to the Merkle tree of the run.

    Card in. Proof out.

    The card is the question the regulator asks. The proof is the answer your agent already produced — signed, timestamped, independently verifiable.

    Step 1
    Card hash
    Step 2
    Input attestation
    Step 3
    Decision trace
    Step 4
    Tool-call ledger
    Step 5
    Output certificate
    Each link Ed25519-signed · bound to the Merkle tree with inclusion proofs · exportable as evidence for regulators, auditors, and underwriters.

    Four proofs regulators actually ask for.

    "We logged it" is not a proof. These are.

    Prove the agent did what the card declared.

    Every response is cryptographically bound to the card hash. If execution diverged from intent, the proof fails to verify.

    Prove no unauthorized tool was called.

    Every tool call the agent attempts is recorded against the Alignment Card's declared scope. Calls outside scope produce a boundary violation in the signed trace.

    Prove no regulated data leaked.

    CBD screens every output against PII/PHI/secrets patterns; the verdict is signed alongside the output. An unredacted leak cannot produce a valid certificate.

    Prove the agent was not prompt-injected into compliance.

    CFD verdicts on every inbound message are part of the decision trace. An injection that the agent followed is visible in the chain; an injection that the agent blocked is visible too.

    Zone-neutral stance

    Why the model providers can't prove this for you.

    Agent trust is a cross-provider problem. A trust plane built inside a frontier lab is structurally conflicted — and structurally incomplete.

    Trust has to span providers.

    A Fortune 500 does not run on one model. Claude, GPT, Gemini, open-weights Llama — all in production, often on the same workflow. A trust plane built by any one model vendor is structurally unable to attest to the others.

    Incumbents cannot be the referee.

    Model providers have skin in every verdict. Zone-neutral verification — the same evidence standard applied to every model, by a party with no model of its own — is the only stance a regulator will credit.

    Cards are portable; models are not.

    An Alignment Card travels with the agent across provider, version, and runtime. The proof chain is valid whether the underlying model is swapped tomorrow, six months from now, or never.

    The card is the contract. The chain is the receipt.

    Wire your agents to Mnemom. Pass a signed card. Get back a verifiable answer every time they act.

    Start on the floor tierQuickstartSee the flywheel
    Featured on There's An AI For That