The Contract is signed. The Receipt is the proof. Every AI action in your company — Cursor, ChatGPT, Slack AI, your own apps — runs through a signed Contract and leaves a cryptographic Receipt of Record.
Verify offline → curl ctrlai.com/api/receipts/rcpt_3f7a92b8e4c1
Most "AI governance" is logging on top of an LLM. Ctrl AI flips it: the LLM picks from typed contracts your humans signed. Hallucination is not mitigated — it is structurally impossible.
Typed callable functions signed by humans. Input schema. Output schema. Post-conditions. The LLM picks a Contract and calls it — it does not invent behaviour from prose.
Standing directives with success criteria. Auto-evaluated as Contracts run. The agent has commitments, not just answers.
Durable working memory with an append-only event log. A multi-week decision is a single Case with every signed action attached.
On every invocation we sign the inputs, outputs, signers, and trust level with an Ed25519 key, then append the digest to a chained-hash transparency log. Any counterparty — your auditor, your customer, your regulator — can verify the receipt offline with one curl and one signature check.
# Verify any Ctrl AI receipt offline curl -s https://ctrlai.com/api/receipts/rcpt_3f7a92b8e4c1 \ | jq '.receipt' > receipt.json # Fetch the public signing key curl -s https://ctrlai.com/.well-known/ctrlai/receipt-keys \ > keys.json # Verify the Ed25519 signature node verify.js receipt.json keys.json # → SEALED · entry #1,847 · root 0x4e2a...b71c ✓
No SDK required · No vendor lock · Cryptographic, not theatrical
Install expert-co-signed bundles of typed Contracts. EU AI Act Starter, DORA AI Risk, B2B SaaS Rev-Ops.
Daily triage of gates pending sign-off, Contracts past review, expired Contracts, stale Mission criteria, proposals from Coverage.
Visualize a Mission's typed executor plan walking step by step. Auto-advance, gates surface inline, every step receipt-anchored.
Public, cryptographically verifiable record of every signed Contract invocation. Pin the root hash; verify offline.
Explicit delegation grants from humans to agents or API keys. Scoped, conditioned, expiring. MCP callers blocked without a matching delegation.
Expert-co-signed bundles of typed Contracts targeted at a regulation and a vertical. Install in five minutes. Inherit the jurisdiction tags, the clause mappings, the expert signatures.
Two users. One workspace. The full primitive set, no caps.
One installed Pack. Up to 25 seats. SSO and audit export.
Multi-Pack. Unlimited seats. Custom signers. Dedicated transparency log retention.
Deploy AI on work that actually matters. Receipts your auditor can verify. Authority your delegations enforce. Missions your agents honour without being asked.