Hash-chained audit log
Every recorded action is hashed with SHA-256 over a canonical payload and chained to the previous entry. Rewriting history breaks the chain — visibly, for anyone who checks.
— TRUST · GLASS-BOX AI —
Glass-box AI.Verify it yourself.
Every AI decision on SENTINEL is hash-chained into an append-only ledger. This page lets anyone — customer, auditor, skeptic — recompute the cryptography live against our production database. No login. No trust required.
— 01 / VERIFY A DECISION —
Don't trust us.Check the math.
Paste any decision ID from your SENTINEL workspace. Our production database recomputes the SHA-256 chain hash in front of you and tells you whether the record is intact and correctly linked to its predecessor. Only hashes leave the database — never your data.
No ID at hand? — the first signed record, written the day this page shipped.
— 02 / HOW IT'S BUILT —
Safety isn't a feature.It's the spine.
Append-only by construction
Database triggers reject UPDATE and DELETE on the audit log. Not a policy promise — a constraint the database itself enforces.
Humans approve high stakes
Outbound commitments — a bid, a client-facing message, a payout — queue for human approval before execution. The AI proposes; you dispose.
Budgets and speed limits
Per-minute, per-hour, per-day caps on every automated action, plus hard spend budgets per agent. A runaway loop hits a wall, not your wallet.
Tenant isolation
Row-level security on every multi-tenant table. Your data is invisible to other tenants at the database layer, not just the application layer.
Loi 25 & PIPEDA posture
Built in Québec under Loi 25: consent records, access and erasure workflows, data residency awareness. SOC 2 Type II is on the roadmap — we publish progress honestly.
— QUESTIONS ABOUT OUR POSTURE? WRITE TO HELLO@SENTINEL-OS.CA — WE ANSWER SECURITY QUESTIONNAIRES PERSONALLY —