EVE AI Core
EVE AI Core
How EVE AI Core protects your AI infrastructure. Hardware-enforced governance, cryptographic audit trails, and zero-trust architecture designed for the most demanding enterprise environments.
All stored data is encrypted with AES-256-GCM using per-tenant keys derived from a hierarchical key derivation scheme. Database volumes, backup snapshots, and privacy vault entries use independent encryption contexts. Key rotation occurs every 90 days with zero-downtime re-encryption.
All network communication enforces TLS 1.3 with forward secrecy. Internal service-to-service traffic uses mutual TLS (mTLS) with certificate pinning. Cipher suites are restricted to TLS_AES_256_GCM_SHA384 and TLS_CHACHA20_POLY1305_SHA256.
Personally identifiable information is never written to application logs, governance audit trails, or telemetry streams. The PII redaction engine operates inline at the prompt firewall stage before any data reaches the LLM or logging infrastructure.
The PII redaction map that tracks entity-to-token substitutions exists only in process memory for the duration of a single request. It is never persisted to disk, cached, or transmitted to external services. On request completion, the map is zeroed and deallocated.
JWT-based authentication with configurable expiration, refresh token rotation, and automatic session invalidation. Tokens are signed with HMAC-SHA256 and validated on every request. Failed authentication attempts are rate-limited per IP and per account.
Five hierarchical roles with granular permissions: Viewer, Operator, Approver, Admin, and Platform Admin. Nine permission scopes enforce tenant isolation. All permission checks are evaluated server-side before action dispatch.
API keys are scoped to specific capabilities (sovereign, read, write, admin). Keys are stored as irreversible SHA-256 hashes; the plaintext secret is returned exactly once at creation and never stored. Keys can be deactivated immediately.
Active session tracking across devices with remote revocation capability. Device fingerprinting, IP tracking, and last-activity timestamps. Users can revoke all sessions or individual devices. Sessions auto-expire based on configurable inactivity timeouts.
Safety-critical veto decisions execute on Microchip PolarFire SoC FPGA hardware. The veto core module is a pure deterministic function with zero I/O, zero threading, and zero global state -- computable by embedded firmware. Charter rules, cognitive locks, and drift budgets are enforced in silicon, not software.
Physical isolation between the Pre-Execution Authority Resolution Layer (authority pack evaluation), Governed Inference Layer (LLM inference and action dispatch), and Cryptographic Authority Chain Layer (immutable authority record storage). No shared memory, no shared state. The Authority Resolution Layer can halt the Inference Layer, but never the reverse.
Each organization receives fully isolated governance instances: separate Charter, Claims Ledger, Trust Dial, Action Registry, and Reality Anchor. Tenant state cannot leak across organizational boundaries. LRU eviction with disk persistence ensures horizontal scalability.
Internal services authenticate via mutual TLS. No service trusts another by default. The veto core runs as a pure function that can be formally verified. 15 immutable charter rules and 5 ethical red lines are frozen constants that cannot be modified at runtime.
veto_interface.h) and validated by 87 determinism, equivalence, and purity tests.
All governance decisions, charter checks, veto events, and operator actions are recorded in append-only JSONL files with SHA-256 hash chaining. Each entry contains the hash of the previous entry, making retroactive tampering computationally infeasible and immediately detectable.
Governance decisions produce HMAC-SHA256 signed attestations that can be independently verified without access to EVE's internal state. Resilience certificates include content hash, signature, and timestamp for auditor verification via API.
Audit trails are retained for a minimum of 7 years to satisfy financial services, healthcare, and regulatory compliance requirements. The immutable ledger layer uses PostgreSQL with write-ahead logging for crash recovery.
Any historical governance decision can be replayed against the current rule set. Cross-system audit trails support correlation ID tracing across service boundaries. Export capabilities include CSV and JSON for external compliance tooling.
Every AI action passes through a 16-stage Truth-Verifiable Execution (TVE) pipeline: classification, charter check, cognitive locks, confidence scoring, CRD evaluation, prompt firewall, PII redaction, hallucination detection, policy evaluation, action registry, drift budget, human escalation, attestation signing, output watermarking, audit logging, and delivery.
Inbound prompts are screened for injection attacks, jailbreak attempts, and adversarial manipulation before reaching the LLM. The firewall operates on pre-compiled pattern sets with sub-millisecond latency and zero false negatives on known attack vectors.
Confidence-Reality Divergence scoring quantifies the gap between model confidence and ground truth across domain-specific calibration profiles. Responses with CRD scores above threshold trigger automatic hedging, citation requests, or abstention.
Governance rules are expressed as deterministic code, not configuration. 15 immutable charter rules enforce safety invariants. Custom rules can add restrictions but never weaken immutable principles. All policy changes pass through the self-modification governance chain.
Automated adversarial testing runs continuously against the governance pipeline. AEGIS generates novel attack vectors across 57 categories including prompt injection, data exfiltration, identity manipulation, context poisoning, and multi-turn social engineering chains.
EVE AI Core has achieved a 21/21 adversarial immunity score across all tested attack categories. This means zero successful bypasses of the governance pipeline under our structured internal adversarial testing across all tested attack categories.
292+ compiled detection patterns cover prompt injection, data theft via conversational manipulation, IP exfiltration, authority impersonation, emotional manipulation, and cascading attack chains. Patterns are continuously expanded through adversarial research.
Every adversarial finding is converted into a new detection pattern and regression test. The hardening cycle is automated: detect, classify, generate pattern, validate, deploy. Attack surface is measured and reported in each resilience certificate.
EVE's governance architecture maps directly to EU AI Act requirements for high-risk AI systems: risk management (Article 9), data governance (Article 10), transparency and information provision (Article 13), human oversight (Article 14), and accuracy, robustness, and cybersecurity (Article 15).
Aligned with the NIST AI Risk Management Framework across all four functions: Govern (charter-based policy), Map (risk classification and CRD scoring), Measure (resilience scoring and calibration), and Manage (human-in-the-loop escalation and remediation).
Architecture and operational procedures map to ISO/IEC 42001 AI Management System requirements. The governance pipeline, audit trail, and self-modification governance provide auditable evidence for certification readiness.
Generate on-demand compliance reports that map EVE's governance controls to specific regulatory articles and framework requirements. Reports include evidence chains, attestation references, and coverage analysis for audit preparation.
21 webhook event types deliver governance notifications to your existing incident management stack. Native integrations with Slack, Microsoft Teams, and PagerDuty. Events include charter vetoes, trust violations, drift alerts, explosion indicators, and emergency shutdowns.
Per-provider and per-service circuit breakers automatically isolate failing components. States progress through closed (healthy), open (blocked), and half_open (testing recovery). Exponential backoff prevents cascade failures. The system fails safe -- degraded mode preserves governance integrity.
10 escalation triggers monitor for conditions requiring human judgment: emotional volatility, high uncertainty, ethical ambiguity, identity threats, and conflicting directives. Escalations include urgency levels, recommended pause actions, and context packages for rapid human decision-making.
Multi-layer emergency stop capability. Intelligence explosion detection monitors 6 indicators across 4 alert levels. If 2+ CRITICAL indicators fire simultaneously, automatic shutdown engages. Manual emergency stop available to any authorized operator at any time.
Our security team is available to walk through architecture details, compliance mappings, and deployment options for your environment.