This gives you a zero-knowledge proof that every piece of context fed into your AI prompt really belongs to your corpus. You can check it yourself. So can your regulator. You don't have to take our word for it. You can check the math.
This is the fourth piece of XCALIBUR. It runs after AMPLIFY and before the response leaves the rail. Every corpus entry that gets injected earns a Merkle inclusion proof, and the whole certificate gets signed with a post-quantum key.
The context that gets injected into your prompt is a verified member of your committed corpus. It's not made up, and it's not swapped in from somewhere else. It's provably yours.
We build a hard cryptographic wall between tenants right when we generate the proof. No other tenant's corpus can ever produce a valid proof against your commitment root.
We hash your original prompt content and bind it into the certificate. The SHA3-256 commitment proves nobody inserted, swapped, or changed anything before it reached the LLM.
Their attestation is really just a logging system. You have to trust their audit trail, and you can't independently check corpus membership yourself. Your regulator audits them. You still never get to check the math.
No proof · trust requiredRAG frameworks inject context with nothing backing it up. Whatever the prompt got is just whatever the framework happened to retrieve. No commitment, no proof, no receipt.
No attestationThese tools attest to identity claims on-chain. That's a different problem. They don't touch inference context, corpus membership, or AI prompt integrity at all.
Wrong layerYour corpus gets Merkle-committed and the root gets signed with ML-DSA-65. Every call gets its own inclusion proof, and you can check it yourself at a public endpoint. No trust required, and it's hardened against quantum attacks. Patent Pending.
Only this existsAll paths live under https://receipts.thehiveryiq.com. The proof verification endpoint needs no login, so auditors can hit it directly.