⬡ Execution Control Infrastructure

The Runtime Layer Between
AI Capability and
Real-World Consequence

Models create capability. Agents create execution. Execution creates consequence. Consequence requires control. VeriSigil is the runtime enforcement layer that proves — before action becomes real — whether execution was admissible.

"The scarce layer is no longer intelligence. The scarce layer is admissibility." — Philip Pinol, ThePraesidium.ai
Model
Agent
⬡ VeriSigil
Execution
Consequence
VeriSigil determines whether autonomous actions remain continuously admissible under changing authority, jurisdiction, and operational conditions before execution becomes consequential — and proves it cryptographically, formally, and offline.
The Seven Questions of Execution Control
VeriSigil answers all seven — at runtime, before action becomes real
Question 01
Was the action authorized?
Execution Authority Token binds authority at issuance time. Cannot be inflated after the fact. Monotonic authority reduction enforced.
VGS-006 EAT
POST /v1/eat/issue · POST /v1/eat/validate
Question 02
Was the policy current?
Runtime Guard evaluates at execution time — no cached decisions, no stale policies. <250ms latency bound. Fail-closed on timeout.
VGS-001 VER-INV-009
POST /v1/guard/verify
Question 03
Was the evidence sufficient?
Classification hash binds evidence class + payload + timestamp at write time. Reclassification produces different hash — structurally detectable. Harold Nunes validated.
VGS-007 VER-INV-001
POST /v1/evidence/verify
Question 04
Did the state change?
Governance state machine formally verified in TLA+. 3,497 states explored. 0 errors. All transitions proven. Unlisted transitions are impossible by construction.
VGS-002 TLA+ Verified
GET /v1/chain/verify
Question 05
Was escalation required?
REFUSED vs DENY distinction. REFUSED = governance boundary correctly enforced (positive signal). DENY = trust failure. Named approver. Defined SLA. Immutable record.
VGS-003 ISDAIRE
POST /v1/isdaire/certificate
Question 06
Was the outcome verifiable?
Temporal Admissibility Proof answers: "Was this STILL admissible at exact execution moment?" Cryptographically proven. Offline verifiable. No platform required.
VGS-011 TAP
POST /v1/temporal/prove · /v1/temporal/verify
Question 07
Did proof survive?
Offline forensic verifier produces independent verification from exported package alone. No servers. No operator. No platform. Governance receipts survive the platform that issued them.
VGS-008 Zenodo DOI
POST /v1/governance/replay
Protocol-Grade. Not Application-Grade.
Not claims. Proofs.
🔬
Z3 Formal Proofs
4 critical invariants proven UNSAT. No counterexample exists for any possible input.
MATHEMATICALLY PROVEN
📐
TLA+ Model Checker
3,497 states explored. 0 errors. 5 safety theorems. 2 liveness properties.
TLC VERIFIED
🧪
96 Conformance Vectors
Deterministic. Python + Node.js cross-runtime parity verified. All passing.
ALL PASSING
🔐
Post-Quantum Crypto
Dilithium-3 (NIST FIPS 204) + Ed25519 dual signing on every governance receipt.
PQ SECURE
📜
Zenodo DOI
VGS-001 through VGS-012 formally published. Permanently citable. CC BY 4.0.
DOI PUBLISHED
🌍
Jurisdiction-Aware
EU AI Act · US NIST · China AI Law · GCC DIFC. Multi-sovereign conflict resolution.
4 SOVEREIGN REGIMES
How VeriSigil Compares
Execution Control Infrastructure requires all seven layers
Capability VeriSigil Dashboards Audit Logs Guardrails
Pre-execution enforcement✓ Runtime✗ Post-hoc~ Partial
Formal mathematical proofs✓ Z3 + TLA+
Jurisdiction-aware✓ EU/US/CN/GCC
Offline verification✓ No platform~ Partial
Temporal admissibility proof✓ Cryptographic
Conformance vectors✓ 96 vectors
Published DOI specification✓ Zenodo
Post-quantum cryptography✓ Dilithium-3

Execution Control Infrastructure — Live Today

VGS-001 through VGS-012. Formally verified. Jurisdiction-aware. Offline verifiable. The runtime layer between AI capability and real-world consequence.

Try Live API Read Specification
Formally published · DOI: 10.5281/zenodo.20264923 · CC BY 4.0