raucle

Provable authorisation for every agent action.

Cryptographic capability receipts you can verify offline, hand to your regulator, or stream to your SIEM. Open-source engine (raucle-detect), hosted SaaS, three soundness theorems machine-checked in Lean 4.

Read the spec Join the waitlist

An open standard, not just a product

The format underneath raucle is a versioned, open specification — the way an AI agent proves what it was authorised to do. Like Sigstore did for software signing, we're making the receipt the thing everyone can emit and verify, not a vendor lock-in.

Hardware-attested variant verified on AMD SEV-SNP. Offered for public comment — feedback via the raucle-detect issue tracker.

What's inside today

A working SaaS. Every feature below is live in production and exercised by demo customer orgs.

Signed capability receipts

Every gated tool call emits an Ed25519-signed receipt with proof binding (grammar_hash + policy_hash). Verifiers don't need to trust us — or each other.

Hosted Z3 prover

Policies are formally proved before they go to production. Counterexamples come back with the witness — your authors see why a policy is unsatisfiable, not just that it is.

Hash-chained audit log

Per-org Merkle chain plus an Ed25519-signed manifest. A third-party auditor verifies any range using just your published public key — even we can't backdate or alter rows without breaking the signature.

SOC stream + custom dashboards

Live receipt tape with 2-second bucketed allow/deny counts; per-user tiles for the metrics your team actually watches.

Enterprise auth

OIDC SSO, TOTP MFA, IP allow-list per API key, configurable two-person rule on policy approval, and break-glass admins.

Legal hold + ratchet retention

Subject to FRCP / DORA / HIPAA: receipts under hold can't be purged, and retention is ratchet-only — admins can extend but never shorten it.

Compliance, built-in

Each framework below is a first-class workflow in the platform — not a checklist or a doc template. Live data feeds the gap report; sign-off is a click, not a quarter-long project.

EU DORA ICT incidents with the 24h/72h/1mo cascade · Article 28 third-party register · concentration-risk + exit-testing tracking
EU EU AI Act High-risk system inventory · Art 9 risk register · Art 14 human-oversight config · Art 27 FRIA tracking · Art 49 EU database refs
US NIST AI RMF 1.0 Full GOVERN / MAP / MEASURE / MANAGE taxonomy with coverage scoreboard and evidence-link tracking
US HIPAA Business Associate Agreement + sub-processor register · § 164.528 Accounting of Disclosures · § 164.312(b) view-event logging
EU GDPR Art 15 DSAR · Art 17 Right to Erasure with legal-hold guard · Art 30 RoPA register + CSV export
UK · US Senior officer attestation SMCR (FCA SMF) · SOX § 302/§ 404 · NYDFS 23 NYCRR § 500.17 CISO certification · GLBA Safeguards · HIPAA Security Officer

Why this exists

AI agent security today is vendor heuristics and prompt-engineering folklore. None of it survives the kind of scrutiny a payments system or a government workload gets. raucle is built to the standard regulated industries already demand for everything else — formal, mechanised, provable.

Research

Verified Capability Discipline for LLM Agent Tool Calls. Three soundness theorems mechanised in Lean 4; under submission to IEEE S&P 2027. Branded preprint available — request a copy.

Status

Live raucle-detect — the open-source engine (AGPL-3.0). Source at github.com/craigamcw/raucle-detect.
Live raucle Cloud — the hosted SaaS. Active customer orgs across financial, healthcare, and government verticals. Sign in or join the waitlist below.

Join the waitlist

We'll only email you when there's something real to show. No marketing list, no drip campaign. Existing customer? Sign in.