Sentinel v3.0.3 — Sovereign AI Decision Middleware

What's new in v3.0.3

Sovereign-first governance primitives. Quantum-safe signing. Multi-language. No external services for any of it.

Quantum-safe trace signing

ML-DSA-65 (FIPS 204), BSI TR-02102-1 recommended. Keys stay client-side, forever. Same algorithm as cloud competitors — your keys, your infrastructure, your law.

pipx inject sentinel-kernel oqs-python && sentinel keygen

Attestations · BudgetTracker · Preflight

Attestations — portable self-contained governance JSON, verifiable offline. BudgetTracker — spend recorded as sovereign traces. Preflight — check before you act, without writing a trace.

sentinel attestation generate --output governance.json

CrewAI · AutoGen · LangFuse panel

New framework integrations: CrewAI task callback and AutoGen agent hook. LangFuse gains a sovereignty widget — self-contained HTML, no CDN.

pip install sentinel-kernel[crewai,autogen]

Rust SovereigntyManifest

RFC-001 is ACCEPTED. Python reference plus a Rust implementation (sentinel-manifest v0.1.0). Go and TypeScript are wanted as good-first-issues.

cargo add sentinel-manifest

Manifesto-as-code now runs as 5 named CI theses on every PR: no US-owned deps, air-gap proven, Apache 2.0 enforced, Sentinel passes its own manifesto, trace immutability verified. The project dogfoods its own check.

Most solutions fail the sovereignty test

Three ways to log AI decisions. Only one passes the EU AI Act, the CLOUD Act, and the air-gap test.

Requirement	Cloud observability	Proprietary platforms	Sentinel
Decision records	✓	✓	✓
EU AI Act Art. 12	Partial	Partial	✓ Full
US CLOUD Act exposure	✗ Applies	✗ Applies	✓ None
Air-gapped capable	✗	✗	✓
Open source	Some	✗	✓ Apache 2.0
On-premise	✗	Expensive	✓ Default
BSI path	✗	✗	✓ v3.0 ready
Quantum-safe signing	✗	Server-side	✓ ML-DSA-65, client-side
Manifesto-as-code CI	✗	✗	✓ 5 theses, every PR

The US CLOUD Act (18 U.S.C. § 2713) requires US-incorporated companies to produce data stored anywhere in the world. No EU data-centre agreement eliminates this obligation.

The Sovereign AI Kernel

Three layers between your business logic and your AI models. One thin kernel you can read end-to-end.

Trace

What was decided. EU AI Act Art. 12, automated.

Govern

What may be decided. Policy-as-code, kill switch, preflight.

Route

Which model decides. Coming v4.0 — RFC-002 in discussion.

What Sentinel shows you

Live data from a sample deployment. Every chart is inline SVG — zero external resources.

Sovereignty score

Overall sovereignty

Runtime: EU ✓ · Storage: On-premise ✓ · CI/CD: ⚠ acknowledged

EU AI Act coverage

Art. 12

compliant

Art. 13

compliant

Art. 14

compliant

Art. 9

partial

Art. 17

partial

Art. 10

human action

Art. 15

human action

Live decision feed

Time	Agent	Result	ms
12:34:51	procurement_agent	ALLOW	3
12:34:52	access_control	DENY	2
12:34:53	doc_classifier	ALLOW	4
12:34:54	procurement_agent	ALLOW	3
12:34:55	mission_eval	EXCEPTION	8
12:34:56	access_control	ALLOW	2
12:34:57	doc_classifier	DENY	3
12:34:58	procurement_agent	ALLOW	4

Dependency map

Sovereign ✓

sentinel-kernel EU · DE
postgresql EU-neutral
langfuse/self EU · DE (self-hosted)
prometheus CNCF · neutral

Acknowledged gaps ⚠

github-actions US · Microsoft
pypi US-hosted

Acknowledged gaps are documented. Not violations.

Kill switch

● INACTIVE

EU AI Act Art. 14 — human oversight active

sentinel.engage_kill_switch("reason")

Halts all agent calls instantly. No restart.

Enforcement countdown

112

Days to EU AI Act Annex III

2 August 2026 · Penalties up to €15M

Start in 5 minutes

Four snippets. Real working code. No placeholders.

from sentinel import Sentinel

sentinel = Sentinel()  # SQLite, zero config

@sentinel.trace
async def my_agent(context: dict) -> dict:
    return {"decision": "approved"}

# Every call produces a sovereign trace
result = await my_agent({"amount": 5000})
print(result)  # {"decision": "approved"}

# Query traces
traces = sentinel.query(limit=1)
print(traces[0].policy_result)  # ALLOW

from sentinel import Sentinel
from sentinel.policy.evaluator import SimpleRuleEvaluator
from sentinel.storage.filesystem import FilesystemStorage

sentinel = Sentinel(
    policy_evaluator=SimpleRuleEvaluator({
        "threshold": lambda ctx: ctx["amount"] <= 10_000
    }),
    storage=FilesystemStorage("/mnt/traces"),
    sovereign_scope="EU",
    data_residency="on-premise-de",
)

@sentinel.trace
async def approve_procurement(ctx: dict) -> dict:
    return {"approved": ctx["amount"] <= 10_000}

# DENY recorded automatically for high-value requests
await approve_procurement({"amount": 50_000})

from sentinel import Sentinel
from sentinel.manifesto import SentinelManifesto
from sentinel.manifesto.requirements import (
    EUOnly, Required, AcknowledgedGap,
)
from sentinel.compliance.euaiact import EUAIActChecker

class OurPolicy(SentinelManifesto):
    name = "Production Sovereignty Policy v1"
    jurisdiction = EUOnly()
    kill_switch = Required()
    ci_cd = AcknowledgedGap(
        provider="GitHub Actions (Microsoft/US)",
        migrating_to="Self-hosted Forgejo",
        by="2027-Q2",
        reason="No EU-sovereign CI with comparable UX",
    )

sentinel = Sentinel()

# Check EU AI Act compliance
report = EUAIActChecker().check(sentinel)
print(report.diff())

# Generate self-contained HTML report
report.save_html("sovereignty_report.html")

# Check manifesto vs reality
manifesto_report = OurPolicy().check(sentinel_instance=sentinel)
print(f"Score: {manifesto_report.overall_score:.0%}")

from sentinel import (
    Sentinel, BudgetTracker,
    generate_attestation, verify_attestation,
)
from sentinel.crypto import QuantumSafeSigner

# Quantum-safe signing — keys stay on your infrastructure
signer = QuantumSafeSigner(
    key_path="/etc/sentinel/keys/signing.key",
    public_key_path="/etc/sentinel/keys/signing.pub",
)
sentinel = Sentinel(signer=signer)

# Preflight — check before you act, no trace written
result = sentinel.preflight("data:delete:production")
if not result.cleared:
    raise RuntimeError(result.reasons)

# BudgetTracker — every cost entry is a sovereign trace
budget = BudgetTracker(sentinel=sentinel, limit=10.0)
check = budget.check(estimated_cost=0.25)
budget.record("api:mistral", actual_cost=0.23)

# Portable attestation — verifiable offline, no service needed
att = generate_attestation(sentinel=sentinel)
assert verify_attestation(att).valid

Built for regulated industries

Four scenarios where a missing trace is worse than a crash.

Defence & Aerospace

Autonomous go/no-go decisions with mission policy evaluation. Kill switch for immediate halt (Art. 14). Air-gapped deployment verified by dedicated test suite. VS-NfD roadmap.

Healthcare AI

Treatment recommendation audit trail. GDPR-compliant data residency. Every clinical AI decision recorded with SHA-256 hash. Art. 14 human oversight for escalation workflows.

Financial Services

Transaction approval automation with DORA-aligned logging. Append-only tamper-resistant records. Regulators get the full trace: what, when, which model, which policy.

Public Administration

Government AI transparency requirements met by default. Sovereign deployment — no foreign jurisdiction access possible. EU AI Act compliance diff for internal auditors.

What's inside

Every v1 → v3 capability. Eleven articles mapped. One honest compliance story.

@sentinel.trace — any agent, sync or async
Kill switch — Art. 14, no restart, thread-safe
Preflight — check before you act, no trace written
BudgetTracker — spend as sovereign DecisionTrace
Attestations — portable, verifiable offline
Output verification — hash-check any stored output
Quantum-safe signing — ML-DSA-65, client-side keys
RFC 3161 timestamping — EU TSAs only (DFN, D-Trust)
SimpleRule + LocalRego (OPA) policy evaluation
SQLite + PostgreSQL + Filesystem storage backends
Air-gapped — network blocked at socket level in CI
LangChain · CrewAI · AutoGen callbacks & hooks
Haystack · LangGraph integrations
OpenTelemetry — sovereignty attrs in every span
LangFuse sovereignty panel — self-contained HTML widget
Jupyter · FastAPI · Django · Prometheus integrations
Sovereignty scanner — 60+ packages mapped
Manifesto-as-code — 5 theses as named CI checks
EU AI Act · DORA · NIS2 compliance checkers
RFC-001 SovereigntyManifest — Python + Rust impls
Full CLI — demo, scan, compliance, report, attestation, keygen
Docker Compose — Grafana + LangFuse + OTel

Article	Requirement	Sentinel	What to do
Art. 12	Automatic logging	✓ Full	Nothing — automated
Art. 13	Transparency	✓ Full	Nothing — automated
Art. 14	Human oversight	✓ Full	Name the operator of the kill switch
Art. 9	Risk management	~ Partial	Document risk categories and plan
Art. 11	Technical documentation	→ Human action	Write the Annex IV tech doc package
Art. 17	Quality management	~ Partial	Define change control and QMS procedures
Art. 16	Provider obligations	~ Partial	Register, CE mark, conformity assessment
Art. 26	Deployer obligations	~ Partial	Staff training, oversight procedures
Art. 10	Data governance	→ Human action	Document training data provenance
Art. 15	Accuracy & robustness	→ Human action	Accuracy metrics and pen testing
Art. 72	GPAI post-market	~ Conditional	Model card if deploying GPAI as high-risk

Sentinel is honest about what can and cannot be automated. Articles requiring human action are clearly marked — we never overclaim.

Roadmap

Phase 1 done. Phase 2 in motion. Phase 3 designed. Every version reflects shipped code, not plans.

Trace + Govern · v3.0 ✓

trace Sovereign decision records
gov Policy-as-code · manifesto-as-code
safe Kill switch (Art. 14)
bsi BSI pre-engagement ready · 608 tests · 100% cov

Shipped and verified on main.

Certify + Route · 2026 →

v3.1 Linux Foundation Europe application
v3.2 BSI IT-Grundschutz assessment
v4.0 SovereignRouter — policy-driven model selection
v4.1 Local adapters: Ollama · vLLM · llama.cpp

RFC-002 in discussion. Issues #19, #20 open.

Ecosystem · 2027+

pipe EU-sovereign build pipeline
ml Multi-language: Python · Rust · Go · TS
llm LLM-guided deployment
pkg EU package registry instead of PyPI

Breaking the American convenience layer completely.

⚠ 112 days until EU AI Act Annex III enforcement (2 August 2026)

Try it now

macOS (recommended)

$ brew install pipx && pipx install sentinel-kernel

$ sentinel demo

Linux / Docker / CI

$ pip install sentinel-kernel

$ sentinel demo

Runs 50 decisions · Kill switch demo · Compliance check
Generates sovereignty_report.html · No Docker required

or — full Grafana demo

git clone https://github.com/sebastianweiss83/sentinel-kernel
cd sentinel-kernel/demo
docker compose -f docker-compose.minimal.yml up
# http://localhost:3001 — Grafana dashboard

AI decisions. Sovereign. Auditable.

What's new in v3.0.3

Quantum-safe trace signing

Attestations · BudgetTracker · Preflight

CrewAI · AutoGen · LangFuse panel

Rust SovereigntyManifest

Most solutions fail the sovereignty test

The Sovereign AI Kernel

Trace

Govern

Route

What Sentinel shows you

Sovereignty score

EU AI Act coverage

Live decision feed

Dependency map

Sovereign ✓

Acknowledged gaps ⚠

Kill switch

Enforcement countdown

Start in 5 minutes

Built for regulated industries

Defence & Aerospace

Healthcare AI

Financial Services

Public Administration

What's inside

Roadmap

Trace + Govern · v3.0 ✓

Certify + Route · 2026 →

Ecosystem · 2027+

Try it now