Platform

Prove what your AI did. Replay the exact version that was live.

When a customer disputes an outcome, or an auditor or a regulator asks what happened, you should not be reconstructing it from logs and memory. Swiftward records every decision and lets you replay it on the exact policy version that was live, months later.

Every decision produces a complete trace

Each evaluation records the whole decision: the signals computed, the rules that matched, the state that changed, the verdict, and the policy version that was live. Stored append-only, so you can explain any historical decision, not just see that one occurred.

decision trace · dec_8f3a91c4 rejected

{
  "decision_id": "dec_8f3a91c4",
  "event":    { "type": "ugc.post.created", "entity": "user:u_4471", "at": "2026-03-14T09:21:07Z" },
  "signals":  { "toxicity_score": 0.94 },
  "matched":  [ { "rule": "repeat_offender", "priority": 100 } ],
  "state":    { "user.counters.violations_30d": "+1" },
  "verdict":  "rejected",
  "policy_version": "v2026.03.02-frozen",
  "prev_hash": "0x7c1f9a02…e4",
  "hash":      "0x3b9e16d8…d0"
}

Re-run a disputed call on the version that was live

The engine is deterministic, so a decision built on deterministic rules replays exactly rather than approximately: re-run a disputed call on the policy version that was active when it happened, and it reproduces. Run last month's real traffic against a new policy to see what would change before you ship it. Where a rule defers to a model or a human, the trace still records exactly what was decided: for a model call, the model and version, the full input, and the returned output; for a human, the reviewer, their decision, and the timestamp, all captured in the same chained trace.

The evidence lands where your team already looks

Decisions and audit events forward straight into the tools your security team already runs: SIEMs like Splunk and QRadar over syslog (RFC 5424, UDP or TCP), and anything else over webhooks. Your analysts see Swiftward's decisions in their existing dashboards the day you deploy, with no new console to learn.

SplunkIBM QRadarsyslog · RFC 5424UDP / TCPWebhooks

Two audits, not one

This page is the decision audit: every policy evaluation, with its inputs, verdict, and record hash, replayable. Underneath it the enterprise foundation keeps a second, independent audit of the system itself: every configuration change, permission grant, login, and change to any record, with who, when, and the before-and-after. One proves what your AI decided; the other proves what was done to the platform that decided it. The enterprise foundation.

Decision auditwhat your AI decided

01Signals computed

02Rules matchedpriority 100

03State changed

04Verdict + policy versionfrozen

05Record hash, chainedtamper-evident

Platform auditwhat was done to the platform

—Configuration changewho · when

—Permission grantwho · when

—Loginwho · when

—Record changebefore · after

Two parallel, independent trails — neither can rewrite the other.

Tamper-evident by hash-chain

Each decision's hash is computed over its canonical contents and the hash of the decision before it, so altering any past record breaks every hash that follows it. The chain travels with the audit trail wherever it is forwarded, which is what turns “here is our log” into “here is proof the log was not edited.”

dec_8f3a91c2

0x91a4…b1

prev 0x0000…00

→

dec_8f3a91c3

0x7c1f9a02…e4

prev 0x91a4…b1

→

dec_8f3a91c4

0x3b9e16d8…d0

prev 0x7c1f9a02…e4

Verifiable agent identity, when you need it

The hash-chain proves your decisions were not altered inside your own environment. For teams whose agents act across organizations and need an externally verifiable record, we add a layer on top that registers an agent's identity and its decisions to the emerging ERC-8004 standard. We have built and demonstrated it; it runs above the engine, not inside it. Agent identity and provenance.

Book a demo