NI-Stack turns every LLM interaction into a post-quantum-signed, browser-verifiable audit receipt — screened on-premise, on commodity CPU, mapped to EU AI Act Art. 12 / Annex IV. Peer-reviewed. Buyer-reproducible. Available for licensing or acquisition.
Every verdict is hashed into an append-only Merkle log, signed with FIPS-204 ML-DSA-65 (real 3309-byte post-quantum signatures, not stubs), independently timestamped (RFC-3161), and exported as a W3C Verifiable Credential an auditor checks offline, in a browser — never trusting our servers.
genuine ML-DSA-65 signatures
assertions: replay, inflation & forgery all caught
browser-verifiable against a did:web key
POAW is the differentiated asset: no other guardrail ships a portable, offline-verifiable, post-quantum evidence receipt mapped to the AI Act. It is what a compliance-platform vendor licenses.
We license what is measured and real, and label the frontier as frontier. Overclaiming kills IP deals in diligence — so we don't.

A sovereign injection/content cascade led by a zero-dependency Aho-Corasick automaton (median 1.73 ms) that blocks before any GPU spend. 97.7% TPR / 4.0% FPR on public corpora; the prompt never leaves the premises.

The post-quantum, browser-verifiable receipt layer above. Real ML-DSA-65 signatures; tamper, replay and forgery detected across 96 assertions. Mapped to EU AI Act Art. 12 / Annex IV.

Memory & forecasting modules — under evaluation, not sold as finished.

Compliance-export & monitoring adapters (EU AI Act Annex IV, ISO 42001).

Energy-accounting module — measured claims pending.
Injection detection on public corpora (hackerprompt, jailbreakhub vs OR-Bench) — buyer-reproducible with one command.
Peer-review format, dated manifests, disclosed gaps (AI Summit Styria 2026, IT-Security track).
Runs on commodity CPU before any GPU; no prompt exfiltration — a data-residency win by construction.
The AI Act's logging & record-keeping obligations (Art. 12, Art. 19, Annex IV) are today produced as human-authored documents — asserted, not proven, and stale the moment the system changes. A signed, timestamped, offline-verifiable receipt per action discharges the same duty as evidence an auditor independently checks.
Conformity is a legal determination against harmonized standards and, for high-risk systems, a notified body — which a technical artifact cannot assert on its own. Verifiable evidence is a precondition for conformity, never a substitute. Stating that line precisely is why regulated buyers and licensees take the technology seriously.
Built for AI-governance platforms, compliance SaaS, and security vendors who need a differentiated, post-quantum evidence layer their competitors don't have.
| Model | What it is | Fit |
|---|---|---|
| License + royalty | Embed POAW as your "EU AI Act evidence" module; per-deployment royalty. Non-exclusive. | Governance / compliance platforms |
| Exclusive field license | Upfront fee + royalty, exclusive in your field of use (we retain adjacent fields). | A strategic platform partner |
| Acquisition | One-time asset sale — patents, code, papers, and the browser verifier. | Strategic acquirer / corp-dev |
Data room available under NDA: patent status, buyer-reproducible benchmarks, architecture, and dependency provenance.
Licensing, royalty, or acquisition — start with a 20-minute conversation and the evidence pack.
✉ IP@destill.ai