P28 — AIEP — Deterministic Audit Support Without Enforcement
Publication Date: 2026-02-26 Status: Open Source Prior Art Disclosure Licence: Apache License 2.0 Author/Organisation: Phatfella Ltd Schema: AIEP_OS_SPEC_TEMPLATE v1.0.1 — https://aiep.dev/schemas/aiep-os-spec-template/v1.0.1
Field of the Invention
[0001] The disclosure relates to audit support systems within computing environments.
[0002] More particularly, the disclosure concerns a deterministic mechanism for generating structured audit artefacts as a by-product of admissible determination within an Architected Instruction and Evidence Protocol (AIEP) framework, without asserting enforcement authority, altering execution state, or producing evaluative output.
Framework Context
[0003] This invention operates within an Architected Instruction and Evidence Protocol (AIEP) environment as defined in United Kingdom patent application number GB2519711.2, filed 20 November 2025, the entire contents of which are incorporated herein by reference.
[0004] The present invention extends deterministic canonicalisation, governance, and execution integrity mechanisms defined in the AIEP environment while remaining independently implementable as described herein.
Background
[0005] Audit systems frequently combine evidence aggregation, compliance evaluation, enforcement logic, and advisory recommendations. Such systems often impose evaluative judgement, exercise execution control, introduce discretionary interpretation, and produce non-reproducible audit outcomes.
[0006] In certain contexts including neutral regulatory oversight, federated compliance review, and independent verification frameworks, it is necessary to generate structured audit artefacts without asserting enforcement authority or modifying execution state.
[0007] Conventional audit mechanisms do not cleanly separate the generation of audit evidence from the exercise of enforcement control, making it impossible for independent parties to verify admissibility outcomes without also inheriting enforcement dependencies.
[0008] Existing systems do not provide:
(a) deterministic generation of audit artefacts as a passive by-product of admissible determination without enforcement authority; (b) cryptographic binding of audit artefacts to the canonical evidence and registry versions used during determination; (c) explicit exclusion of evaluative, advisory, or enforcement output from audit artefact content; (d) suitability of audit artefacts for independent verification against registry versions without access to enforcement logic; or (e) deterministic replay of audit artefact generation independent of current system time.
[0009] There exists a need for a deterministic audit support mechanism that generates cryptographically bound, independently verifiable audit artefacts during admissible determination without asserting enforcement authority or producing evaluative output.
Summary of the Disclosure
[0011] A computer-implemented deterministic audit support method is executed by one or more processors.
[0012] During admissible determination, audit artefacts are generated as a by-product of the determination process following explicit deterministic rules.
[0013] Each AuditArtefact comprises canonical evidence references, registry version identifiers, deterministic admissibility outcome records, and processing trace commitments. No evaluative, advisory, or enforcement content is included.
[0014] An AuditArtefactHash is computed as:
AuditArtefactHash = H(CanonicalEvidenceRef || RegistryVersionId || AdmissibilityOutcome || ProcessingTraceCommitment)
[0015] An AuditRecord is generated binding AuditArtefactHash, registry version identifiers, admissibility outcome, processing trace commitment, and a timestamp recorded as data, and appended to an immutable store.
[0016] The system does not alter execution state, apply sanctions, trigger enforcement mechanisms, or modify external systems. Audit artefacts are informational only.
[0017] Audit outputs follow deterministic ordering, exclude recommendations and advisory language, contain no interpretative commentary, and are limited to structured factual records.
[0018] Audit artefacts are canonically serialised and cryptographically hashable, enabling independent validation against the registry versions used during determination.
[0019] The technical effect is modification of computing system behaviour by generating cryptographically bound, independently verifiable audit artefacts during admissible determination without introducing enforcement control or evaluative interpretation.
Brief Description of the Drawings
[0020] Figure 1 illustrates the deterministic audit artefact generation pipeline showing parallel production of audit artefacts alongside admissible determination without execution state modification.
[0021] Figure 2 illustrates the non-enforcement constraint boundary showing what the audit support system produces and explicitly does not produce or modify.
[0022] Figure 3 illustrates the AuditRecord hash binding architecture showing the cryptographic relationship between canonical evidence references, registry versions, admissibility outcomes, and processing trace commitments.
[0023] Figure 4 illustrates deterministic replay equivalence and independent verification across distributed nodes operating under identical registry versions.
ASCII Drawings
Figure 1 — Deterministic Audit Artefact Generation Pipeline
+---------------------------+
| Admissible Determination|
| Process |
+------------+--------------+
|
+----------+----------+
| |
v v
+--------------+ +------------------+
| Determination| | Audit Artefact |
| Outcome | | Generation |
| (Execution | | (By-product, |
| path) | | No enforcement) |
+--------------+ +--------+---------+
|
v
+--------+---------+
| AuditArtefact |
| - Canon. ev. ref |
| - Registry ver. |
| - Admiss. outcome|
| - Process trace |
| NO advisory lang.|
| NO enforcement |
+--------+---------+
|
v
+--------+---------+
| AuditArtefactHash|
| Append to |
| Immutable Store |
+------------------+
Figure 2 — Non-Enforcement Constraint Boundary
SYSTEM PRODUCES: SYSTEM DOES NOT:
+------------------------------+ +------------------------------+
| Canonical evidence references| | Alter execution state |
| Registry version identifiers | | Apply sanctions |
| Admissibility outcome records| | Trigger enforcement |
| Processing trace commitments | | Modify external systems |
| Cryptographic hash bindings | | Produce advisory output |
| Structured factual records | | Generate recommendations |
| Deterministic ordering | | Exercise discretionary logic |
| Immutable append-only entries| | Introduce interpretation |
+------------------------------+ +------------------------------+
Audit artefacts are INFORMATIONAL ONLY.
Figure 3 — AuditRecord Hash Binding Architecture
CanonicalEvidenceRef ----+
RegistryVersionId ----+
\
AdmissibilityOutcome -----+--> H(CanonicalEvidenceRef ||
/ RegistryVersionId ||
ProcessingTraceCommitment ----+ AdmissibilityOutcome ||
ProcessingTraceCommitment)
|
v
+------------------------------------+
| AuditRecord |
|------------------------------------|
| AuditArtefactHash |
| RegistryVersionId |
| AdmissibilityOutcome |
| ProcessingTraceCommitment |
| Timestamp (stored data) |
+------------------------------------+
|
v
+------------------------------------+
| Append-Only Immutable Store |
+------------------------------------+
Figure 4 — Deterministic Replay and Independent Verification
Original Node Independent Verifier
+--------------------+ +--------------------+
| CanonicalEvidenceRef | CanonicalEvidenceRef
| (stored) | | (retrieved) |
+---------+----------+ +---------+----------+
| |
v v
+---------+----------+ +---------+----------+
| RegistryVersionId | | RegistryVersionId |
| (identical) | | (identical) |
+---------+----------+ +---------+----------+
| v
v +---------+----------+
+---------+----------+ | AuditArtefactHash |
| AuditArtefactHash | | (recomputed) |
| (stored) | +---------+----------+
+---------+----------+ |
| |
+---------------+---------------+
|
v
+------------------------+
| Hash Match Verification|
| (stored timestamps |
| used — does not |
| depend on current |
| system time) |
+------------------------+
Detailed Description
1. Deterministic Audit Artefact Generation
[0024] During admissible determination, processors generate audit artefacts as a passive by-product of the determination process.
[0025] Audit artefact generation follows explicit deterministic rule definitions and does not depend on discretionary logic, heuristic selection, or evaluative interpretation.
[0026] Each AuditArtefact comprises:
(a) canonical evidence references identifying each evidence artefact used in the determination by cryptographic hash; (b) registry version identifiers identifying the registry versions governing the determination; (c) deterministic admissibility outcome records recording the outcome produced by the determination process; and (d) processing trace commitments recording the sequence of processing steps executed.
2. Non-Enforcement Constraint
[0027] The audit support system does not alter execution state as a result of audit artefact generation.
[0028] The system does not apply sanctions, trigger enforcement mechanisms, interrupt processing, or modify the state of external systems based on audit artefact content.
[0029] Audit artefacts are informational only and carry no enforcement authority within the AIEP framework.
[0030] No evaluative language, advisory recommendations, interpretative commentary, or scoring output is included in any audit artefact.
3. Neutral Output Structure
[0031] Audit outputs follow deterministic ordering defined by the applicable registry version.
[0032] Output is limited to structured factual records comprising canonical references, version identifiers, outcome records, and trace commitments.
[0033] Identical inputs processed under identical registry versions produce identical audit artefact content across distributed nodes.
4. Hash Binding and AuditRecord Generation
[0034] An AuditArtefactHash is computed as:
AuditArtefactHash = H(CanonicalEvidenceRef || RegistryVersionId || AdmissibilityOutcome || ProcessingTraceCommitment)
[0035] An AuditRecord is generated comprising:
(a) AuditArtefactHash; (b) RegistryVersionId; (c) AdmissibilityOutcome; (d) ProcessingTraceCommitment; and (e) timestamp recorded as a data field.
[0036] The AuditRecord is appended to an append-only immutable store.
5. Independent Verification
[0037] Audit artefacts are canonically serialised and cryptographically hashable, enabling independent parties to recompute AuditArtefactHash values and verify them against stored AuditRecords.
[0038] Independent verification requires only the canonical evidence references, registry versions, and admissibility outcomes — it does not require access to enforcement logic or execution state.
[0039] Independent verifiers possessing identical inputs and identical registry versions reproduce identical AuditArtefactHash values.
6. Deterministic Replay
[0040] Replay recomputes AuditArtefactHash using stored canonical evidence references, registry version identifiers, admissibility outcomes, and processing trace commitments.
[0041] Replay does not depend on current system time.
[0042] Distributed nodes operating with identical determination inputs and identical registry versions produce identical AuditArtefacts and identical AuditArtefactHash values.
Claims
-
A computer-implemented method for deterministic audit support without enforcement, the method comprising: (a) generating audit artefacts as a by-product of admissible determination, each audit artefact comprising canonical evidence references, registry version identifiers, deterministic admissibility outcome records, and processing trace commitments, without evaluative, advisory, or enforcement content; (b) computing an AuditArtefactHash as H(CanonicalEvidenceRef || RegistryVersionId || AdmissibilityOutcome || ProcessingTraceCommitment); (c) generating an AuditRecord binding AuditArtefactHash, RegistryVersionId, AdmissibilityOutcome, ProcessingTraceCommitment, and a timestamp recorded as data, and appending it to an immutable store; (d) constraining the audit support system to not alter execution state, apply sanctions, trigger enforcement mechanisms, or produce evaluative or advisory output; and (e) enabling independent verification by providing canonically serialised, cryptographically hashable audit artefacts suitable for recomputation against stored registry versions without requiring access to enforcement logic or execution state.
-
The method of claim 1 wherein audit artefact generation follows deterministic ordering defined by the applicable registry version.
-
The method of claim 1 wherein identical inputs processed under identical registry versions produce identical AuditArtefact content and identical AuditArtefactHash values across distributed nodes.
-
The method of claim 1 wherein replay recomputes AuditArtefactHash using stored fields and does not depend on current system time.
-
The method of claim 1 wherein independent verifiers possessing identical canonical evidence references and identical registry versions reproduce identical AuditArtefactHash values without access to execution state or enforcement logic.
-
A computing system comprising one or more processors and memory storing instructions which, when executed, cause the processors to perform the method of any of claims 1 to 5.
-
A non-transitory computer-readable medium storing instructions which, when executed, cause one or more processors to perform the method of any of claims 1 to 5.
Licence
Any person is granted a perpetual, irrevocable, worldwide, royalty-free licence to make, use, implement, modify, or distribute any system or method described in this disclosure for any purpose, without restriction, under the Apache License 2.0.
A copy of the Apache License 2.0 is available at https://www.apache.org/licenses/LICENSE-2.0
Abstract
A deterministic audit support system without enforcement is disclosed. Audit artefacts comprising canonical evidence references, registry version identifiers, admissibility outcome records, and processing trace commitments are generated as a passive by-product of admissible determination. An AuditArtefactHash is computed as H(CanonicalEvidenceRef || RegistryVersionId || AdmissibilityOutcome || ProcessingTraceCommitment) and an AuditRecord is appended to an immutable store. The system does not alter execution state, apply sanctions, or produce evaluative or advisory output. Audit artefacts are canonically serialised and cryptographically hashable, enabling independent verification against registry versions without access to enforcement logic. Replay uses stored fields and does not depend on current system time. Identical inputs under identical registry versions produce identical audit artefacts across distributed nodes.