The Memory Custody Layer for Enterprise AI
TBN Protocol verifies the agent. Shango governs the write. Together: mapped to EU AI Act Article 14. 225,574 governed writes · 182,040 TBN-attested · live production attestation, independently verifiable.
Production Proof
225,574 governed writes in the ShangoVault audit trail — 182,040 cryptographically attested via TBN. Every write metadata-bearing and hash-verified at the middleware boundary. Not application-layer logging.
Regulatory Ready
Mapped to EU AI Act Article 14. Human oversight is REPLAYABLE via hash chains. 7/7 internal governance self-tests pass; independent red-team planned.
TBN + Shango — Complete Stack
TBN Protocol verifies agent identity upstream (Layer 0). Shango validates every write downstream (Layers 1-8). Together: the only end-to-end governance stack for Salesforce AI.
Production Proof at Scale
Verifiable metrics — production, test, and simulation labelled honestly
225,574 entries in the ShangoVault audit trail — 182,040 cryptographically attested via TBN. (43,534 are labelled local simulation; production attestation starts fresh.)
225,574 entries in the ShangoVault audit trail — 182,040 cryptographically attested via TBN. (43,534 are labelled local simulation; production attestation starts fresh.)
Live TBN production attestation active. Every receipt is independently verifiable at tbn.hardinai.co.uk/api/v1/verify/{receipt_id}. Joint 1,000-write run with TBN scheduled.
SHA-256 hash chain across all 225,574 entries — 0 breaks, verified. ShangoVault: append-only + tombstone. (Checkpoint rollback is on the roadmap.)
Constitution -> Contract -> Adaptation -> Implementation. An early production implementation inspired by CMA (arXiv:2603.04740, Li 2026). Governance precedes function.
Internal unit tests pass: injection patterns, tombstone flood, gate bypass, ownership checks. Independent red-team: planned, not yet performed.
Designed and mapped to EU AI Act Article 14 (human oversight). Decision trails are replayable, not post-hoc documentation. December 2027 deadline.
Shango's 1,000-write Salesforce proof was independently cited by Greg Malpass in the Constitutional Memory Report (May 2026).
Constitutional Memory Architecture
Four-layer hierarchy from arXiv:2603.04740 mapped directly into production code. TBN Protocol provides Layer 0 trust identity. Shango provides Layers 1-8 write governance. Together: the complete stack.
TBN Protocol verifies agent identity via RSA-PSS signatures before any write reaches Shango. Immutable audit trail via SHA-256 hash chain. Non-negotiable.
System rules requiring multi-party approval to change. The PENDING gate lives here.
Per-instance configuration without full approval cycle. Tuned per tenant, per region.
Technical implementations that can be swapped without governance review. Reasoning engines are interchangeable.
Every ShangoVault entry carries a mandatory metadata envelope: source, version, timestamp, sensitivity, provenance, writer_id.
Explicit Constitution / Contract / Adaptation / Implementation hierarchy. An early production implementation inspired by CMA (arXiv:2603.04740, Li 2026).
Records are never deleted. Only superseded with a tombstone marker. Full lifecycle audit preserved.
Borderline decisions enter PENDING instead of binary allow/block. Confidence threshold: 0.85. Routed to human reviewer.
One primary writer per memory category. Unauthorized writes rejected at Layer 0. Pattern matching with wildcards.
7 internal self-tests: prompt injection, cross-agent poison, tombstone flood, hash collision, metadata forgery, gate bypass, ownership spoof. (Unit tests — independent red-team not yet performed.)
Checkpoint-based chain recovery — design stage. Replay from genesis to target, post-checkpoint entries marked SUSPENDED. Being ported into the production backend.
Memories cannot be taken away. Append-only tombstoning preserves the evidence chain.
Models can be replaced without losing memory. Hash-chain is independent from model identity.
Rules must exist before any operation. Write ownership validates before all other layers.
Regulatory Compliance
EU AI Act Article 14 — December 2027 Deadline — CMA v4.0
Designed and mapped to the Article 14 human-oversight requirement through replayable decision trails — not a legal compliance certification.
Every governed decision is replayable and verifiable via SHA-256 hash chains. Two-phase replay logger.
Core enforcement and audit layers built and running. Engine hardening (authz, tenant isolation) in progress ahead of the deadline.
Logging = observability. Evidence = accountability. Metadata-bearing memory produces the latter.
Custody at the middleware write boundary with multi-layer governance + ownership checks before a write binds.
Internal unit tests pass (injection, flood, gate bypass, ownership). Independent red-team: planned, not yet performed.
Independently cited by Greg Malpass in the Constitutional Memory Report (May 2026).
Live TBN production attestation. Every receipt independently verifiable, RSA-PSS-SHA256 signed.
“Independent Salesforce write-governance proof (Shango MID): two-phase replay logger validated at 1,000-write scale; 100,000-write proof in progress — independently confirming the ungoverned memory substrate in production enterprise environments.”
Constitutional Governance: When AI Becomes the Operating Model, May 2026
“1,000 AI-driven writes, zero memory trail — until we added the two-phase replay layer. Now every write is replayable, attributable, and governable. Agentforce is already making 10,000+ autonomous writes per session with zero memory governance. The EU AI Act requires human oversight (Article 14), but oversight without interception is just post-hoc documentation.”
Constitutional Memory Report, May 2026