Trust Layer Architecture¶

The Trust Layer makes enterprise AI independently verifiable without trusting Archivus's infrastructure.

The Problem¶

Traditional enterprise AI: "Trust us. We say this claim was verified at time T."

The issue: You must trust the vendor's database, audit logs, and security.

The Solution: Three-Layer Trust¶

graph TB
    subgraph Layer3["Layer 3: Global Trust"]
        HEDERA[Hedera Consensus Service]
        COUNCIL[39 Enterprise Council Members]
    end

    subgraph Layer2["Layer 2: Tenant Compliance"]
        MOTHER[MotherDuck Analytics]
        S3[S3 Parquet Evidence Bundles]
        CANON[RFC 8785 Canonicalization]
    end

    subgraph Layer1["Layer 1: Local Verification"]
        HASH[SHA256 Hash Chains]
        CLAIM[Content-Addressed Claims]
    end

    HASH --> MOTHER
    CLAIM --> MOTHER
    MOTHER --> HEDERA
    S3 --> HEDERA
    CANON --> HEDERA

Layer 1: Local Hash Chains¶

Every claim gets a content hash at creation:

Claim: "Q3 revenue increased 20%"
  ↓
Canonicalize: RFC 8785 JSON canonicalization
  ↓
Hash: sha256:a91f3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a...
  ↓
Store: claim_hash column (indexed)

Benefits: - Tamper detection (any modification changes the hash) - Content addressing (same claim = same hash) - Deduplication (duplicate claims merge sources) - Local verification (no external dependency)

Hash Chain:

Claim 1 → Hash A
Claim 2 → Hash B (includes Hash A)
Claim 3 → Hash C (includes Hash B)

If any claim is altered, the entire chain breaks.

Layer 2: Tenant Compliance Backbone¶

MotherDuck Analytics¶

What it does: Long-term, cost-effective analytics storage with vendor-independent verification.

Data Flow:

1. Agent decision recorded in PostgreSQL
   ↓
2. Background sync (hourly) extracts to S3 Parquet
   ↓
3. DuckDB queries S3 directly (no data duplication)
   ↓
4. 10-100x faster aggregations than PostgreSQL
   ↓
5. 7+ year retention at $0.023/GB (vs $0.125/GB in Postgres)

What Gets Synced: - Agent decisions (GOLAG verification audit trail) - Claim verification events - Entity merge decisions - Voice compliance logs - Federation exchange records - Hedera anchor references

Not document analytics—this is the compliance backbone for AI decisions.

Content-Addressed Evidence Bundles¶

Self-Verifying Exports:

When you export compliance data:

{
  "version": "1.0",
  "exported_at": "2026-02-07T14:30:00Z",
  "tenant_id": "...",
  "content_hash": "sha256:...",
  "claims": [
    {
      "claim_hash": "sha256:a91...",
      "claim_text": "Q3 revenue increased 20%",
      "source": "financial_report_q3.pdf",
      "confidence": 0.92,
      "verified_at": "2026-02-01T10:00:00Z",
      "hedera_anchor": {
        "topic_id": "0.0.12345",
        "tx_id": "0.0.12345@1234567890.123456789",
        "consensus_time": "2026-02-01T10:00:05.123456789Z"
      }
    }
  ],
  "signature": "..."
}

Verification Steps: 1. Verify JSON canonicalization (RFC 8785) 2. Recompute content hash 3. Check signature 4. Query Hedera for anchor proof

Result: Anyone can verify this export without accessing Archivus.

RFC 8785 Canonicalization¶

The Problem: JSON objects can serialize in different orders:

{"a": 1, "b": 2}  vs  {"b": 2, "a": 1}

Same data, different hash = verification breaks.

The Solution: RFC 8785 defines canonical JSON serialization: - Deterministic key ordering - Whitespace normalization - Number formatting rules

Result: Same data always produces the same hash.

Layer 3: Hedera Public Ledger¶

Why Hedera?¶

How It Works¶

Individual Claim Anchoring (Enterprise tier - immediate):

1. Claim created with content hash
   ↓
2. Submit to Hedera topic
   ↓
3. Receive consensus timestamp
   ↓
4. Store anchor receipt
   ↓
5. Link claim to anchor

Batch Anchoring (Team+ tier - hourly):

1. Collect unanchored claims (1 hour window)
   ↓
2. Build Merkle tree from claim hashes
   ↓
3. Submit Merkle root to Hedera
   ↓
4. Receive consensus timestamp
   ↓
5. Generate Merkle proofs for each claim
   ↓
6. Store anchor receipts with proofs

Cost Comparison: - Individual: $0.0008 per claim - Batch (1000 claims): $0.0008 total = $0.0000008 per claim

Merkle Batch Anchoring¶

Concept: Anchor thousands of claims with one Hedera message.

Claim Hashes:
├─ sha256:a91...
├─ sha256:b82...
├─ sha256:c73...
└─ sha256:d84...
    ↓
Build Merkle Tree:
        Root
       /    \
    Node1  Node2
    /  \    /  \
   A    B  C    D
    ↓
Submit Root to Hedera
    ↓
Generate Proofs:
├─ Claim A: [B, Node2] → proves A is in tree
├─ Claim B: [A, Node2] → proves B is in tree
├─ Claim C: [D, Node1] → proves C is in tree
└─ Claim D: [C, Node1] → proves D is in tree

Verification: 1. Receive claim with Merkle proof 2. Recompute hash path to root 3. Check root against Hedera 4. Verify consensus timestamp

Result: Proof of existence + timestamp without revealing other claims.

Public Verification Endpoint¶

No authentication required:

GET https://verify.archivus.ai/sha256:a91f3b4c5d6e7f8a...

Response:
{
  "content_hash": "sha256:a91f3b4c5d6e7f8a...",
  "verified": true,
  "hedera_tx_id": "0.0.12345@1234567890.123456789",
  "consensus_time": "2026-02-01T10:00:05.123456789Z",
  "merkle_proof_valid": true,
  "explorer_url": "https://hashscan.io/mainnet/transaction/0.0.12345@1234567890.123456789"
}

What this enables: - Third parties can verify claims independently - Legal discovery without data room access - Auditors can validate compliance without system access - Cross-organizational trust without institutional agreements

Trust Propagation¶

In Federation¶

When Enterprise B receives claims from Enterprise A:

Enterprise A:
1. Creates claim in Knowledge Graph
2. Anchors to Hedera (Merkle batch)
3. Exports claim with Merkle proof

Enterprise B:
1. Receives claim + proof
2. Queries Hedera mirror node
3. Verifies Merkle proof
4. Confirms consensus timestamp
5. Trusts claim WITHOUT trusting Enterprise A's database

The breakthrough: Cryptographic proof replaces institutional trust.

Source Authority¶

Trust levels propagate through the graph:

Primary Source (Document) → Confidence: 0.85
    ↓
Extracted Claim → Inherits: 0.85 × 0.95 (extraction confidence) = 0.81
    ↓
Hedera Anchored → Boost: +0.05 (cryptographic proof) = 0.86
    ↓
Federated Claim → Maintains: 0.86 (proof travels with claim)

Cost Model¶

Storage Costs¶

Anchoring Costs¶

Enterprise tier: Individual anchoring (immediate proof) Team tier: Hourly batches (cost-effective)

Security Guarantees¶

What You Can Verify¶

Without trusting Archivus: - ✅ Claim existed at time T (Hedera consensus timestamp) - ✅ Claim content hasn't been altered (hash verification) - ✅ Claim was part of exported bundle (Merkle proof) - ✅ Export is authentic (signature verification)

Requires trusting Archivus: - Source document authenticity (you must trust the upload process) - AI extraction accuracy (LLM behavior) - Agent decision logic (GOLAG implementation)

What Can't Be Tampered¶

Once anchored to Hedera: - ❌ Cannot alter claim text - ❌ Cannot backdate timestamps - ❌ Cannot delete anchor records - ❌ Cannot forge Merkle proofs

Hedera consensus is immutable.

Compliance Benefits¶

Regulatory Requirements¶

Audit Scenarios¶

Internal Audit: - Query MotherDuck for compliance analytics - Export evidence bundles - Verify hash chains

External Audit: - Provide evidence bundle exports - Auditor verifies via Hedera (no system access needed) - Merkle proofs validate claim inclusion

Legal Discovery: - Export claims for date range - Include Hedera anchor proofs - Court-admissible timestamps

The Result¶

Enterprise AI with: - Tamper detection (hash chains) - Long-term retention (S3 Parquet) - Independent verification (Hedera) - Vendor-independent proof (anyone can verify) - Cost-effective storage (82% savings)

Not "trust Archivus"—verify cryptographically.

Trust through mathematics, not authority.