The Evidence Rail — What AIEP Looks Like in Practice
When Piea answers a question, it does not return prose and a list of URLs.
It returns a governed artefact: a response bound cryptographically to every source that produced it, with source integrity flags on each one, a dissent record if confidence is insufficient, and a hash any third party can independently verify.
This page shows what that looks like.
A sample: “What is the current UK building safety duty holder framework?”
This is the kind of question a construction professional, regulator, or solicitor would ask. Here is how Piea responds, compared to how a standard AI assistant responds.
Standard AI assistant response
The UK Building Safety Act 2022 introduced a duty holder framework for higher-risk buildings. Key duty holders include the client, principal designer, and principal contractor, each with defined responsibilities under the Act…
Sources: [1] GOV.UK Building Safety Act overview [2] DLUHC guidance — October 2022
No hash. No confidence tier per source. No network-path check. No dissent record. No way to prove the page at [1] is the same page that was read, or that it hasn’t changed since.
Piea response (AIEP-governed)
Response hash (R8): a7f3d9e2c81b5046f3a8e1d7c4b29f6a3e8d1c5b7a2f4e9d0c3b8a5f2e7d4c1b
Reasoning chain (P127) — 5 steps, SSE-streamed:
[classify]Query classified: UK regulatory / construction / safety[identify]AODSR tier-1 sources matched: legislation.gov.uk (tier-1), hse.gov.uk (tier-1), GOV.UK (tier-2)[retrieve]3 sources fetched, integrity inspected, confidence tiers assigned[synthesise]Cross-source synthesis — Building Safety Act 2022 confirmed across all three; P91 attestation check passed[commit]Response hash generated:a7f3d9e2c81b5046f3a8e1d7c4b29f6a3e8d1c5b7a2f4e9d0c3b8a5f2e7d4c1b
Evidence rail (P122–P124):
| # | Source | ContentHash | Confidence | Integrity | Retrieved |
|---|---|---|---|---|---|
| 1 | legislation.gov.uk/ukpga/2022/30 | 8f4a2e...c91b | ✓ verified | Clean | 4 min ago |
| 2 | hse.gov.uk/building-safety/ | 2c7d9f...55a3 | ✓ verified | Clean | 4 min ago |
| 3 | gov.uk/guidance/building-safety-act | f1a8e3...d72c | ✓ qualified | Clean | 4 min ago |
Source integrity flags (P124): All three sources — no VPN relay, no proxy headers, valid TLS, not geo-restricted, not served via CDN cache bypass.
Dissent record: None issued. Confidence threshold met across all retrieved sources.
What each field means
Response hash (R8 — GENOME)
response_hash = sha256(
canonical_json({
answer: "...",
artefact_ids: ["8f4a2e...c91b", "2c7d9f...55a3", "f1a8e3...d72c"],
timestamp: "2026-03-27T10:14:22Z"
})
)
The hash is computed over the answer text, the evidence artefact IDs, and the timestamp — using canonical_json() (GENOME R1: deterministic key sort, NFC unicode, no scientific notation). Any party with the answer text and artefact list can recompute the hash and confirm it matches. No central authority required.
Verify it: GET /verify/a7f3d9e2c81b5046f3a8e1d7c4b29f6a3e8d1c5b7a2f4e9d0c3b8a5f2e7d4c1b returns the full evidence set and allows independent verification.
ContentHash (P37 — evidential chain)
Each source in the evidence rail carries a ContentHash — SHA-256 of the page content at retrieval time. If the source page changes after the response is generated, the hash no longer matches. The evidence chain shows what was retrieved, not just where it points now.
This is the difference between a citation (a reference to a URL) and an evidence commitment (a hash-bound record of what was at that URL when it was read).
Confidence tiers (P122–P124 — AODSR)
| Tier | Meaning | Examples |
|---|---|---|
verified | AODSR tier-1 authoritative source — legislation, treaty, standards body | legislation.gov.uk, EUR-Lex, api.congress.gov |
qualified | Recognised institutional source — government guidance, established press | GOV.UK guidance, BBC, FT |
unverified | Source not in AODSR, integrity checks passed | General web sources |
community | Source flagged as community-edited | Wikipedia, community forums |
Confidence tier governs the ceiling on response_confidence. A response citing only unverified sources cannot claim high_confidence regardless of how many sources agree.
Source integrity flags (P124)
When Piea fetches a source, it inspects the network path, not just the content:
| Flag | What it detects | What it means |
|---|---|---|
VPN_RELAY | Source served via a VPN exit node | Content may have been geographically substituted |
PROXY_HEADERS | Via: or X-Forwarded-For: in response | Intermediate proxy in the chain — content provenance uncertain |
NO_TLS | Plain HTTP fetch | In-transit modification cannot be ruled out |
PRIVATE_IP | Source resolved to RFC-1918 space | Internal network source — not public-internet provenance |
HTTP_451 | Service unavailable for legal reasons | Jurisdiction-blocked — content may be legally suppressed |
STALE | Last-Modified or Date > staleness threshold | Source may be a cached copy, not current |
A flagged source is not silently used. It is committed to the evidence rail with its flags displayed, and its confidence tier is demoted. The user sees the flag. The audit record carries it permanently.
Dissent record (P126 — negative proof)
When retrieved evidence is insufficient to meet the confidence threshold, Piea does not answer with hidden low confidence. It emits a DissentSignal:
{
"record_type": "DISSENT_SIGNAL",
"trigger": "confidence_threshold_not_met",
"sources_retrieved": 2,
"threshold_required": 3,
"confidence_ceiling": "unverified",
"reason": "No AODSR tier-1 source found for query domain",
"negative_proof_hash": "7b3f8a2d1c9e4b5f6a0d3e7c8b1f5a4d9e2c7b0a3f6d1c8e5b2a9f4c7d0e3b6a",
"persisted_to_ledger": true
}
The dissent record is a first-class artefact. It is stored in the evidence ledger with its own hash. It is not a warning message in the UI. It is a governed record of what the system determined it could not verify — which is itself a useful, auditable output.
What makes this reproducible
The entire chain is replayable from stored state:
- Session record — stored in KV with artefact IDs and hashes
- Evidence rail — each source URL + ContentHash + retrieval timestamp stored
- Response hash — recomputable from artefact IDs + answer text + timestamp
- Dissent record — if issued, stored as a separate ledger artefact
- Reasoning chain — all 5 steps stored as structured
ReasoningSteprecords
Any endpoint on any AIEP-conformant node that has access to the same stored state can replay the full reasoning sequence and arrive at the same hash — or detect divergence if any artefact has changed.
No competitor provides all five of these.
Try it
→ Ask Piea a question — see the architecture in action
→ Validate any domain for AIEP machine interface
→ Query this Hub’s own well-known endpoint
→ Inspect the hardware attestation artefact
See also: /piea · /source-integrity · /verifiable-citations · /compare · /audit