v3.0.1 · EU AI Act Art. 12/13/14 · ML-DSA-65 signing · Apache 2.0

AI decisions. Sovereign. Auditable.

Sentinel wraps any AI agent and records tamper-resistant decision traces to local sovereign storage. Quantum-safe signing with client-side keys. Zero cloud dependencies, zero US CLOUD Act exposure, air-gapped capable.

✓v3.0.1 ✓596 passing ✓100% coverage ✓40/40 smoke

View on GitHub → sentinel report ↗

~/sentinel — python

$ pip install sentinel-kernel
$ python3
>>> from sentinel import Sentinel
>>> s = Sentinel()
>>> @s.trace
... async def approve(ctx):
...     return {"ok": True}
>>> import asyncio
>>> asyncio.run(approve({"amount": 5000}))
{

  "trace_id": "01hx7k9m2n3p",

  "policy_result": "ALLOW",

  "sovereign_scope": "EU",

  "data_residency": "local",

  "inputs_hash": "sha256:a3f8c2d1...",

  "latency_ms": 3,

  "schema_version": "1.0.0"

}
✓ Trace written. Sovereign. Local. Yours.

What's new in v3.0.1

Sovereign-first governance primitives. Quantum-safe signing. Multi-language. No external services for any of it.

Quantum-safe trace signing

ML-DSA-65 (FIPS 204), BSI TR-02102-1 recommended. Keys stay client-side, forever. Same algorithm as cloud competitors — your keys, your infrastructure, your law.

pip install sentinel-kernel[pqc] && sentinel keygen

Attestations · BudgetTracker · Preflight

Attestations — portable self-contained governance JSON, verifiable offline. BudgetTracker — spend recorded as sovereign traces. Preflight — check before you act, without writing a trace.

sentinel attestation generate --output governance.json

CrewAI · AutoGen · LangFuse panel

New framework integrations: CrewAI task callback and AutoGen agent hook. LangFuse gains a sovereignty widget — self-contained HTML, no CDN.

pip install sentinel-kernel[crewai,autogen]

Rust SovereigntyManifest

RFC-001 is ACCEPTED. Python reference plus a Rust implementation (sentinel-manifest v0.1.0). Go and TypeScript are wanted as good-first-issues.

cargo add sentinel-manifest

Manifesto-as-code now runs as 5 named CI theses on every PR: no US-owned deps, air-gap proven, Apache 2.0 enforced, Sentinel passes its own manifesto, trace immutability verified. The project dogfoods its own check.

Most solutions fail the sovereignty test

Three ways to log AI decisions. Only one passes the EU AI Act, the CLOUD Act, and the air-gap test.

Requirement	Cloud observability	Proprietary platforms	Sentinel
Decision records	✓	✓	✓
EU AI Act Art. 12	Partial	Partial	✓ Full
US CLOUD Act exposure	✗ Applies	✗ Applies	✓ None
Air-gapped capable	✗	✗	✓
Open source	Some	✗	✓ Apache 2.0
On-premise	✗	Expensive	✓ Default
BSI path	✗	✗	✓ v3.0 ready
Quantum-safe signing	✗	Server-side	✓ ML-DSA-65, client-side
Manifesto-as-code CI	✗	✗	✓ 5 theses, every PR

The US CLOUD Act (18 U.S.C. § 2713) requires US-incorporated companies to produce data stored anywhere in the world. No EU data-centre agreement eliminates this obligation.

What Sentinel shows you

Live data from a sample deployment. Every chart is inline SVG — zero external resources.

Sovereignty score

Overall sovereignty

Runtime: EU ✓ · Storage: On-premise ✓ · CI/CD: ⚠ acknowledged

EU AI Act coverage

Art. 12

compliant

Art. 13

compliant

Art. 14

compliant

Art. 9

partial

Art. 17

partial

Art. 10

human action

Art. 15

human action

Live decision feed

Time	Agent	Result	ms
12:34:51	procurement_agent	ALLOW	3
12:34:52	access_control	DENY	2
12:34:53	doc_classifier	ALLOW	4
12:34:54	procurement_agent	ALLOW	3
12:34:55	mission_eval	EXCEPTION	8
12:34:56	access_control	ALLOW	2
12:34:57	doc_classifier	DENY	3
12:34:58	procurement_agent	ALLOW	4

Dependency map

Sovereign ✓

sentinel-kernel EU · DE
postgresql EU-neutral
langfuse/self EU · DE (self-hosted)
prometheus CNCF · neutral

Acknowledged gaps ⚠

github-actions US · Microsoft
pypi US-hosted

Acknowledged gaps are documented. Not violations.

Kill switch

● INACTIVE

EU AI Act Art. 14 — human oversight active

sentinel.engage_kill_switch("reason")

Halts all agent calls instantly. No restart.

Enforcement countdown

113

Days to EU AI Act Annex III

2 August 2026 · Penalties up to €15M

Start in 5 minutes

Four snippets. Real working code. No placeholders.

from sentinel import Sentinel

sentinel = Sentinel()  # SQLite, zero config

@sentinel.trace
async def my_agent(context: dict) -> dict:
    return {"decision": "approved"}

# Every call produces a sovereign trace
result = await my_agent({"amount": 5000})
print(result)  # {"decision": "approved"}

# Query traces
traces = sentinel.query(limit=1)
print(traces[0].policy_result)  # ALLOW

from sentinel import Sentinel
from sentinel.policy.evaluator import SimpleRuleEvaluator
from sentinel.storage.filesystem import FilesystemStorage

sentinel = Sentinel(
    policy_evaluator=SimpleRuleEvaluator({
        "threshold": lambda ctx: ctx["amount"] <= 10_000
    }),
    storage=FilesystemStorage("/mnt/traces"),
    sovereign_scope="EU",
    data_residency="on-premise-de",
)

@sentinel.trace
async def approve_procurement(ctx: dict) -> dict:
    return {"approved": ctx["amount"] <= 10_000}

# DENY recorded automatically for high-value requests
await approve_procurement({"amount": 50_000})

from sentinel import Sentinel
from sentinel.manifesto import SentinelManifesto
from sentinel.manifesto.requirements import (
    EUOnly, Required, AcknowledgedGap,
)
from sentinel.compliance.euaiact import EUAIActChecker

class OurPolicy(SentinelManifesto):
    name = "Production Sovereignty Policy v1"
    jurisdiction = EUOnly()
    kill_switch = Required()
    ci_cd = AcknowledgedGap(
        provider="GitHub Actions (Microsoft/US)",
        migrating_to="Self-hosted Forgejo",
        by="2027-Q2",
        reason="No EU-sovereign CI with comparable UX",
    )

sentinel = Sentinel()

# Check EU AI Act compliance
report = EUAIActChecker().check(sentinel)
print(report.diff())

# Generate self-contained HTML report
report.save_html("sovereignty_report.html")

# Check manifesto vs reality
manifesto_report = OurPolicy().check(sentinel_instance=sentinel)
print(f"Score: {manifesto_report.overall_score:.0%}")

from sentinel import (
    Sentinel, BudgetTracker,
    generate_attestation, verify_attestation,
)
from sentinel.crypto import QuantumSafeSigner

# Quantum-safe signing — keys stay on your infrastructure
signer = QuantumSafeSigner(
    key_path="/etc/sentinel/keys/signing.key",
    public_key_path="/etc/sentinel/keys/signing.pub",
)
sentinel = Sentinel(signer=signer)

# Preflight — check before you act, no trace written
result = sentinel.preflight("data:delete:production")
if not result.cleared:
    raise RuntimeError(result.reasons)

# BudgetTracker — every cost entry is a sovereign trace
budget = BudgetTracker(sentinel=sentinel, limit=10.0)
check = budget.check(estimated_cost=0.25)
budget.record("api:mistral", actual_cost=0.23)

# Portable attestation — verifiable offline, no service needed
att = generate_attestation(sentinel=sentinel)
assert verify_attestation(att).valid

Built for regulated industries

Four scenarios where a missing trace is worse than a crash.

Defence & Aerospace

Autonomous go/no-go decisions with mission policy evaluation. Kill switch for immediate halt (Art. 14). Air-gapped deployment verified by dedicated test suite. VS-NfD roadmap.

Healthcare AI

Treatment recommendation audit trail. GDPR-compliant data residency. Every clinical AI decision recorded with SHA-256 hash. Art. 14 human oversight for escalation workflows.

Financial Services

Transaction approval automation with DORA-aligned logging. Append-only tamper-resistant records. Regulators get the full trace: what, when, which model, which policy.

Public Administration

Government AI transparency requirements met by default. Sovereign deployment — no foreign jurisdiction access possible. EU AI Act compliance diff for internal auditors.

What's inside

Every v1 → v3 capability. Seven articles. One honest compliance story.

@sentinel.trace — any agent, sync or async
Kill switch — Art. 14, no restart, thread-safe
Preflight — check before you act, no trace written
BudgetTracker — spend as sovereign DecisionTrace
Attestations — portable, verifiable offline
Output verification — hash-check any stored output
Quantum-safe signing — ML-DSA-65, client-side keys
RFC 3161 timestamping — EU TSAs only (DFN, D-Trust)
SimpleRule + LocalRego (OPA) policy evaluation
SQLite + PostgreSQL + Filesystem storage backends
Air-gapped — network blocked at socket level in CI
LangChain · CrewAI · AutoGen callbacks & hooks
Haystack · LangGraph integrations
OpenTelemetry — sovereignty attrs in every span
LangFuse sovereignty panel — self-contained HTML widget
Jupyter · FastAPI · Django · Prometheus integrations
Sovereignty scanner — 60+ packages mapped
Manifesto-as-code — 5 theses as named CI checks
EU AI Act · DORA · NIS2 compliance checkers
RFC-001 SovereigntyManifest — Python + Rust impls
Full CLI — demo, scan, compliance, report, attestation, keygen
Docker Compose — Grafana + LangFuse + OTel

Article	Requirement	Sentinel
Art. 12	Auto logging	✓ Full
Art. 13	Transparency	✓ Full
Art. 14	Human oversight	✓ Full
Art. 9	Risk management	~ Partial
Art. 17	Quality management	~ Partial
Art. 10	Data governance	→ Human action
Art. 15	Accuracy	→ Human action

Sentinel is honest about what can and cannot be automated. Articles requiring human action are clearly marked.

AI decisions. Sovereign. Auditable.

What's new in v3.0.1

Quantum-safe trace signing

Attestations · BudgetTracker · Preflight

CrewAI · AutoGen · LangFuse panel

Rust SovereigntyManifest

Most solutions fail the sovereignty test

What Sentinel shows you

Sovereignty score

EU AI Act coverage

Live decision feed

Dependency map

Sovereign ✓

Acknowledged gaps ⚠

Kill switch

Enforcement countdown

Start in 5 minutes

Built for regulated industries

Defence & Aerospace

Healthcare AI

Financial Services

Public Administration

What's inside

Try it now