Platform · Evidence

Every run produces a cryptographically sealed evidence bundle.

Every generation run emits a canonical-JSON evidence record containing the sealed contract, per-step proof packets (inputs, outputs, parameters, hardware, timing), the quality report, the privacy report, and a correction ledger. The whole record is hashed into a single bundle hash that an offline verifier can check in one line.

For the auditor: no platform trust required. Run rady evidence verify against the bundle and get a single green line — tampering, re-ordering, or substitution all break the check. For the CISO: optional Ed25519 signing attaches a sender identity on top of the hash. For the data-science lead: every run replays byte-for-byte under the same seed.

Install rady, verify in a minute Verifier docs

~/audits / rady v1.4.2 — offlineair-gapped · no network

$ rady evidence verify ./job_e2f91b37.bundle.tar.zst
→ unpacking 9 artefacts …………………… ok
→ checking manifest sig (cosign) ……… ok
→ walking hash chain …………………… ok
01 contract.json sha 9c10ab… 1.4 KB
02 run_log.ndjson sha 5e2c1a… 48 KB
03 dataset.parquet sha 1b8d44… 3.4 MB
04 quality_report.json sha 82a09f… 12 KB
05 physics_ledger.ndjson sha 31cf7e… 8.4 KB
06 sbom.spdx.json sha 70b1d2… 14 KB
07 narrative.md sha ee04c1… 9.2 KB
08 manifest.json sha a4f2d8… 2.1 KB
09 evidence.seal sha a4f2d8… 0.3 KB
✓ chain root a4f2d8…c201 — 9 / 9 hashes match
✓ signed by rady-prod (cosign · OIDC identity verified)
$ rady evidence narrative ./job_e2f91b37.bundle.tar.zst
contract: adult-income · 50 k rows · seed 1847
engine: tabular · flagship
quality: 87.65 % (third-party QA harness, UCI Adult)
physics: 41 corrections · 0 final violations
✓ bundle is reproducible byte-for-byte under same seed

What's in the bundle

multi-part evidence, one chain.

Every run emits all nine. The final evidence seal.json chains cryptographic hashes of the prior eight, making the bundle uniquely identifiable and tamper-evident. Offline verifier recomputes the chain in under a second.

contract.json01

The sealed contract — entities, relations, constraints, seed. The root of the chain.

run_log.ndjson02

Per-step proof packet — inputs, outputs, parameters, hardware, timing, tool code version.

artefacts.ndjson03

Inventory of every data artefact produced (name, size, content hash, MIME).

quality.json04

Per-column distributional drift, adversarial detectability, correlation preservation, constraint-violation counts. Fail-closed gates.

privacy.json05

Disclosure risk, membership-inference resistance, attribute-inference resistance, and the method used.

utility.json06

Downstream-task utility score plus task-specific utility metrics.

telemetry.json07

Entity counts, total rows, warnings surfaced during the run.

sbom.json08

Software bill of materials — every library + engine version that produced this bundle.

chain_seal.json09

Cryptographic hash of the canonical concatenation of the prior artefacts. An optional digital signature is attached when the customer's signing key is configured.

Why the bundle is the product

Four readers. One artefact. Zero trust in the runtime.

Procurement, security, the data-science team, and the regulator all read the same sealed bundle from different angles. That is what makes it the product. Before synthetic data becomes enterprise data, someone has to be willing to sign for it — and signing without a provenance chain is the bit that blocks every enterprise deal.

Procurement / exec reader

"Show me the evidence this dataset is safe to use."

One command, one green line. The bundle is a self-contained record: contract, quality, privacy, physics, determinism, transcript, SBOM, and the seal. No dashboard to screenshot, no platform to log in to, no support ticket to escalate. If the verifier exits zero, the bundle is what it claims to be.

Commercial consequence: procurement unblocks deals in hours instead of quarters. The data-vendor question "can we trust this supplier?" becomes a mechanical check, not a negotiation over trust.

CISO / security review

"Prove nothing was tampered with between generation and delivery."

Every artefact is hashed into a canonical-JSON evidence record, the record is hashed into a single bundle hash, and the bundle hash is optionally signed under an Ed25519 identity. Re-ordering a file, substituting a byte, or replaying an old bundle under a new contract all break the check — deterministically. No secret to rotate on the customer side.

Commercial consequence: the supply-chain question you would normally answer with a 40-page SOC 2 Type II excerpt is answered in one grep against your own build pipeline.

Data-science lead

"Reproduce the run I shipped three quarters ago."

The sealed contract plus the seed together pin every stochastic source — RNG streams, cuBLAS workspace, library versions, thread counts. Re-run on a different cluster, a different OS, a different year — the dataset hash matches. Regression tests stay stable. A / B debugging becomes a one-command exercise, not an "it worked on my machine" argument.

Commercial consequence: the analyst who left last year's job did not take the only reproducible version of the model dataset with them. The archive is the source of truth, and it can be re-verified years later without any RadMah AI dependency alive on the customer side.

External auditor / regulator

"Trace the dataset to the contract that authorised it."

A regulator does not care about platform architecture — they care about whether a specific number on a specific report can be traced to the specific generation run that produced it, and whether that run was authorised by a specific contract, reviewed by a specific person, and executed against a specific code version. The bundle encodes every one of those answers.

Commercial consequence: the audit question "how did this row come to exist" is answered with a hash and a contract reference, not a Slack archaeology dig. GDPR Article 89 research-exemption claims, FDA Part 11 audit trail claims, and ISO 27001 information-asset-inventory claims are all evidence-backed, not paperwork-backed.

Trust no runtime

Verify any bundle offline.

The SDK ships rady evidence verify <bundle> — no network, no credentials. It recomputes the cryptographic hash chain, validates the optional cryptographic signature signature against your trust root, and reports the Merkle root.

Exit 0 on success, 1 on any mismatch. Script it into CI. An auditor can re-verify any archived bundle on a fresh laptop without any RadMah AI dependency alive.

bash

$ rady evidence verify ./bundle.tar.zst

╭──────────────────────────────────────────────────╮
│ Verify → OK                                      │
│   Integrity           OK                         │
│   Signature           cryptographic signature verified           │
│   Merkle root         b34bb1a5c7d2…e9fa          │
│   Bundle hash         f7c82e18a4bb…0e2d          │
│   Reason              integrity + cryptographic signature verified│
╰──────────────────────────────────────────────────╯
(exit 0)

Deterministic replay

Same contract, same seed.
Byte-identical output.

The contract hash + seed together pin every stochastic source: RNG streams, cuDNN algorithm selection, cuBLAS workspace, thread counts, library versions. Re-run the same sealed job on a different cluster and the dataset hash matches byte-for-byte.

Makes regulatory replay a one-command exercise. Makes A/B debugging possible without "it worked on my machine" ambiguity.

determinism.json

{
  "contract_hash":     "a8f3b21c…a7e2",
  "seed":              42,
  "library_versions": {
    "python":  "3.13.12",
    "torch":   "2.5.1",
    "cryptographic hash":  "1.0.5"
  },
  "determinism": {
    "mode":          "strict",
    "final_hash":    "7e41ba90…c4d8",
    "rng_streams":   [ /* per-op stream fingerprints */ ],
    "cublas_workspace": ":4096:8"
  }
}

Evidence is how the platform works, not a feature.

Every run emits a multi-artefact bundle. Every customer gets the offline verifier. No premium tier.

Install rady& verify a bundle See the Physics Model

The left button takes you to the CLI install page. One rady evidence verify <bundle.tar.zst> and you have the proof. The right button is the physics-constrained post-processor that rides on the same evidence chain.