ARCHANGEL
The Evidence Layer for AI Consent Governance
Cryptographic receipts that prove what actually happened. Not what someone claims happened.
The Problem
Audit logs are alterable. They prove what you say happened. They can be edited, deleted, or fabricated. When a regulator or court asks for proof of consent, logs are claims — not evidence.
Policy-based consent — TOS checkboxes, opt-out letters, database flags — is a promise. It can be overridden, ignored, or lost. It does not enforce anything at runtime.
15M+ voices were cloned without consent last year. The enforcement gap is not a compliance checkbox problem. It is an infrastructure problem.
The Solution
ARCHANGEL is a cryptographic evidence layer. Every AI action passes through a consent gate. The gate evaluates a Consent DNA Token (CDT) against the current policy state and revocation epoch. If the token is valid, the action executes and a signed receipt is issued. If the token is invalid or absent, the action is denied. Fail-closed. No exceptions.
Every decision — ALLOW or DENY — produces a cryptographic receipt. Dual-signed with post-quantum cryptography. Merkle-committed to an append-only accumulator. Chain-linked. Registered for non-repudiation. Verifiable offline by any third party.
Key Properties
Fail-Closed Enforcement
No valid receipt = no execution. If the gate cannot verify consent, it denies. The default state is denial, not permission.
Instant Revocation
Proprietary consent token bound to policy and epoch. Flip the epoch = instant invalidation across all enforcement points. No propagation delay.
Court-Grade Evidence
Receipts prove who authorized, what happened, which policy governed, and when. Signed, timestamped, accumulator-committed. Not database records — math.
Offline Verification
Export a receipt bundle with public keys. Any auditor, regulator, or opposing counsel can verify independently. No platform access needed.
Post-Quantum Ready
Hybrid classical + post-quantum signatures. NIST-approved algorithms. Resistant to harvest-now-decrypt-later attacks from quantum computers.
Sub-12ms Performance
Hot-path SLA: ≤ 8ms initiation, ≤ 12ms completion at p99. Benchmarked across 120 runs. All SLAs met. Real-time enforcement.
Architecture
What a Receipt Looks Like
Compliance Coverage
| Regulation | Requirement | Archangel Evidence |
|---|---|---|
| GDPR Art. 7 | Demonstrate consent was given | Signed ALLOW receipt with policy hash + timestamp |
| GDPR Art. 17 | Right to erasure | DELETE receipt with sub-8ms destruction proof |
| CCPA §1798.100 | Right to know what data collected | Receipt chain shows every access event |
| CCPA §1798.105 | Right to delete | CDT destruction receipt + epoch revocation proof |
| EU AI Act Art. 14 | Human oversight of AI | Gate receipts prove human-authorized consent before AI action |
| EU AI Act Art. 16 | Record-keeping | Append-only receipt chain, Merkle-committed, non-repudiable |
The Enforcement Stack
CDT Gate
US 19/437,072Consent DNA Token — proprietary consent verification. The foundation. Every action must present a valid CDT or it doesn't execute.
Receipt Rail
CIP of US 19/240,581Append-only, hash-chained, Merkle-batched receipt system. Every decision generates a signed receipt. Third-party verifiable offline.
LCES
Patent pendingLikeness Consent Enforcement System. No consent token = no voice clone, no face synthesis. Cryptographic permission before deepfakes.
GPU Gate
Patent pendingNo-Receipt-No-VRAM. Hardware-level enforcement. No governance receipt = no GPU memory allocation = no inference.
EDSE
Patent pendingEphemeral Data Shredding Engine. ≤ 8ms init / ≤ 12ms complete self-destruct. ZK-attested destruction receipts. Instant epoch-based erasure.
Breath Shredder
Patent pendingVoice liveness via respiration-entropy + DTW. No raw audio stored — salted feature hash only. Dual-signed, ZK-attested destruction receipts.