The audit ledger and runtime safety stack every regulated AI agent needs to deploy in production. One SDK wraps any agent — LangGraph, OpenAI Assistants, Anthropic — and ships SOC 2, HIPAA, FFIEC, FINRA, and SEC 17a-4 evidence packs from your runtime stream.
Capability isn't the bottleneck. Compliance is. Auditors don't accept LLM trace dumps as evidence.
70% of regulated AI agent pilots never reach production.
And the blocker isn't capability — it's the audit story.
Trace logs are mutable. An auditor cannot prove that what you show them today is what happened last quarter.
SOC 2 trust services criteria, HIPAA Security Rule, FFIEC IT Examination Handbook — none of them speak in spans and traces.
If a single byte is mutated, you can't tell. Regulators move on to the next vendor.
Six things ship in v0.1.0 — together they replace the audit ledger and runtime safety stack every regulated AI agent team is currently rebuilding from scratch.
Every meaningful agent action — tool calls, LLM calls, permission decisions, contract violations — becomes a typed, immutable event with a SHA-256 link to its predecessor. Modify a row → the chain breaks → /v1/verify catches it.
Every API key binds to exactly one tenant. Every query filters on tenant_id. Per-tenant advisory locks serialize chain extension. Cross-tenant reads are structurally impossible through the public API.
Event schemas evolve forward without rewriting history. Bump the version, register an upcaster — historical rows transform forward at read time. The auditor's chain of custody survives your refactor.
Replay your tenant's history under alternate policies. Tighter velocity? Stricter permission mode? New deny rule? You get the deterministic counterfactual ledger — not speculation.
Permission-mode gates (PLAN / DEFAULT / AUTO / STRICT), Redis-backed velocity limits, fraud guards, biometric confirmation hooks, conversation budgets, cancellation tokens — lifted from a real banking deployment.
SOC 2 · HIPAA · FFIEC · FINRA · SEC Rule 17a-4. Each produces a signed ZIP with manifest, chain-verified events, and per-control evidence already mapped to the regulation's specific criteria.
Goderash works with the agent framework you already use. No rewrite. No lock-in.
from goderash_sdk import GoderashClient, wrap_tool
goderash = GoderashClient(
api_key="gdr_live_...",
tenant="acme",
agent_id="ops-v1",
)
@wrap_tool(goderash, category="action", confirmation="biometric")
def transfer_money(src: str, dst: str, amount: float) -> dict:
return bank_api.transfer(src, dst, amount)Customer agents emit typed events through the Goderash SDK. The control plane stores them in a per-tenant, append-only Postgres ledger with a SHA-256 hash chain. Auditors verify the chain themselves; evidence packs render on demand.
POST /v1/events Multi-tenant, idempotent on event_id, advisory-locked per tenant.Postgres · append-only SHA-256 chain · canonical JSON · monotonic per-tenant sequence_no.UpcasterRegistry Forward migrations at read time. History is never rewritten.POST /v1/whatif Deterministic counterfactual replay under alternate policies.POST /v1/verify Auditor-callable chain integrity check. No trust required.POST /v1/packs/{reg} SOC 2 · HIPAA · FFIEC · FINRA · 17a-4. Signed ZIP + manifest.UPDATE.tenant_id, agent_id, conversation_id, turn_id, parent_event_id, both timestamps. No orphans.tenant_id. Every API key binds to exactly one tenant. Cross-tenant reads are structurally impossible.Each pack queries the chain-verified ledger, renders templates pre-mapped to that regulation's specific control vocabulary, and ships a signed ZIP with manifest. New regulations take days, not quarters.
/v1/packs/soc2SaaS, fintech, healthtech, infra vendors
AICPA Trust Services Criteria — Security, Availability, Processing Integrity, Confidentiality, Privacy.
/v1/packs/hipaaHealthcare apps, EHR/EMR, telehealth
HHS Security Rule — administrative, physical, and technical safeguards for ePHI.
/v1/packs/ffiecUS banks, credit unions, BSA/AML programs
Federal Financial Institutions Examination Council IT Examination Handbook.
/v1/packs/finraBroker-dealers, registered reps
Books-and-records preservation and supervision rules for FINRA-regulated firms.
/v1/packs/sec_17a4Broker-dealers, exchange members
SEC books-and-records rule — non-rewritable, non-erasable storage of communications and trade records.
Goderash's runtime safety stack and audit ledger were built for Dashen AIR — an AI banking agent on top of Dashen Bank's super-app surface, in Ethiopia.
To make AIR a candidate for a Tier-1 bank's risk-and-compliance committee, we had to design a permission-mode gate, per-tool velocity limiters in Redis, a fraud guard at the input boundary, biometric and PIN confirmation, conversation budgets, cancellation tokens, and a hash-chained audit log every decision flowed through.
Goderash is that work — made framework-agnostic, multi-tenant, regulator-mapped, and open-sourced under Apache 2.0.
Self-host for free under Apache 2.0. Or get the hosted control plane with managed Postgres, dashboards, and pack generation included.
Self-hosted, Apache 2.0
Hosted control plane for product teams
Private VPC + WORM storage
All tiers include the same audit primitives. Enterprise adds private deployment, WORM storage, and dedicated support. Education and non-profits — talk to us.
Open source under Apache 2.0. Hosted control plane in beta. Production deployments live in regulated banking.