Proof artifact

Inspect a Governed Event Receipt before the first call.

A Governed Event Receipt is a portable proof record for one event handled by StreamKernel: what ran, what policy decided, what route was selected, what model or transform context was active, what provenance was stamped, and what audit-chain reference connects the event to the wider run.

Download

A single-event proof envelope.

The sample receipt uses synthetic PHI-aware event data and current StreamKernel field names. It is collateral for inspection, not a certification, accreditation, or production customer reference.

Receipt contents

Readable by buyers, auditors, and engineers.

The receipt is deliberately concrete. It gives reviewers a one-event artifact before they need to reconstruct the path from logs, metrics, Kafka headers, workflow cases, or audit JSONL.

Receipt

Schema version, receipt id, creation time, artifact type, and a plain claim boundary so the artifact does not imply certification.

Event

Pipeline id, run id, event id, source, sink, topic, timestamp, and sequence context for the event being inspected.

Execution

Enforcement model, policy decision, route, reason codes, transform chain, model context, delivered-payload posture, and redaction evidence when applicable.

Provenance

The streamkernel.provenance.* headers and use-case-specific headers emitted with the governed event.

Audit chain

Hash algorithm, canonicalization note, previous hash reference when applicable, current event hash, and audit JSONL path.

Attachments

Links back to the use case, demo steps, evidence checklist, pipeline profile, and benchmark matrix that make the receipt replayable.

Claim boundary

Proof-backed without overclaiming.

StreamKernel's external claim boundary is intentionally explicit: what is proven in the current build, what belongs in a scoped pilot, and what is not claimed yet.

Proven today

  • Inline fail-closed authorization gates on the event-execution path.
  • Embedded MCP control plane with 22 registered tools: 16 read-only tools and 6 guarded mutations in the current codebase.
  • Per-event provenance headers for pipeline, run, transform, config, model, and policy context where configured.
  • Tamper-evident MCP audit hash chains when hash chaining is enabled.
  • CostProof-style routing, budget caps, circuit-breaker behavior, and spend audit records in the frontier-agentic benchmark lane.
  • Air-gap, on-prem, and embedded deployment posture by design with no required SaaS control plane.
  • Reproducible in-house benchmark rows with matrix files, pipeline configs, logs, metrics snapshots, and metadata.

Scoped pilot work

  • Integration into a customer's event topology, policy source, identity boundary, and downstream systems.
  • Customer-specific MCP allowlists, authorization policy, audit retention, and case-system integration.
  • Customer-specific evidence schemas, audit exports, and sink-side verification.
  • Multi-node tuning and customer-volume validation against real event shapes and real sinks.
  • Enclave-specific packaging, deployment hardening, and operational runbooks.

Not claimed yet

  • Certification, accreditation, FedRAMP authorization, SCIF approval, or NIPRNet authorization without the customer's formal assessment process.
  • Fully autonomous multi-agent handoff governance at production scale.
  • Prebuilt regulatory policy-pack libraries for EU AI Act, NIST, ISO, or agency-specific control mappings out of the box.
  • Cryptographic human-attestation binding in the hot path; AuthorityProof remains a separate sidecar proof lane.
  • Production enterprise references at scale; StreamKernel is early-stage and pre-revenue.

Governance note: technical evidence is not a substitute for the customer's formal compliance, accreditation, security, or authorization process.

Commercial path

Start with one event lane and one receipt.

A focused evaluation should prove which policy, model, route, cost posture, action, and sink contract applied before the event moved on.