Show HN: Open-Source Article 12 Logging Infrastructure for the EU AI Act
12 by systima | 0 comments on Hacker News.
EU legislation (which affects UK and US companies in many cases) requires being able to truly reconstruct agentic events. I've worked in a number of regulated industries off & on for years, and recently hit this gap. We already had strong observability, but if someone asked me to prove exactly what happened for a specific AI decision X months ago (and demonstrate that the log trail had not been altered), I could not. The EU AI Act has already entered force, and its Article 12 kicks-in in August this year, requiring automatic event recording and six-month retention for high-risk systems, which many legal commentators have suggested reads more like an append-only ledger requirement than standard application logging. With this in mind, we built a small free, open-source TypeScript library for Node apps using the Vercel AI SDK that captures inference as an append-only log. It wraps the model in middleware, automatically logs every inference call to structured JSONL in your own S3 bucket, chains entries with SHA-256 hashes for tamper detection, enforces a 180-day retention floor, and provides a CLI to reconstruct a decision and verify integrity. There is also a coverage command that flags likely gaps (in practice omissions are a bigger risk than edits). The library is deliberately simple: TS, targeting Vercel AI SDK middleware, S3 or local fs, linear hash chaining. It also works with Mastra (agentic framework), and I am happy to expand its integrations via PRs. Blog post with link to repo: https://ift.tt/TrFiPwB I'd value feedback, thoughts, and any critique.
No comments:
Post a Comment