The signed, portable trust layer for AI
Approved before it runs.
Provable after.
Every action your AI takes: signed, permitted, and verifiable. Across every model your stack uses.
In plain terms: a drop-in gateway your AI traffic flows through, approving or blocking each action and signing a verifiable receipt for every one.
Every model, every tool call, every pipeline release: gated, signed, and independently verifiable. SynOI® sits between intent and execution and refuses to let anything through without a receipt. Open protocol. Multi-vendor. Self-hostable. The opposite shape from a closed control tower. vs ServiceNow + NVIDIA →
export ANTHROPIC_BASE_URL=http://localhost:3000/anthropic # or OPENAI_API_BASE=http://localhost:3000/v1
Self-hosted: your keys, your machine, traffic never leaves your box. BYO keys. Multi-vendor. Signed receipts on every call. 20 tools verified →
receipt_id rcpt_8b3c9f...
tenant acme-prod
action_class tool.deploy
model claude-opus-4-7
decision allow
risk_level medium
approver a.rivera (mobile · 14s)
elapsed_ms 3
recorded_at 2026-05-14T14:32:01Z
signature 3a9f2b…Ed25519 + ML-DSA-65
Verifiable at verify.synoi.systems/<id> by anyone, offline, with any Ed25519 library.
Every governed action mints one of these. Try the verifier →
Three primitives, one substrate
Receipts, approval gates, an open protocol.
The three things accountable AI execution needs. SynOI ships them as composable products you can adopt one at a time, or as a unified runtime.
01
Receipts
Every governed action produces a hybrid-signed (Ed25519 + ML-DSA-65) Decision Receipt. Canonical JSON body, public verification surface. Anyone (auditors, customers, regulators) can verify offline with no SynOI dependency. The audit trail is the data.
Receipt Verifier →02
Approval gates
When risk policy says "ask a human," SynOI routes the request to the surfaces that fit your team: mobile push, Slack, SMS, desktop toast, or email magic link. Approve or deny in a tap. Timeouts fail closed. The approval itself is signed and part of the receipt.
How HITL works →03
Open protocol
An open, content-addressed provenance substrate underneath every receipt: canonical JSON wire format, federable across implementations. We’re building the canonical reference; anyone can interoperate. TLS for AI provenance.
Read the spec →Featured
The first three doors in.
Three products covering three audiences: the developer dropping in a proxy, the security team specifying tomorrow's supply chain defense, the auditor verifying a receipt this afternoon. Pick one. The rest is 44 more.
SynOI Gateway
Drop-in proxy. One env var.
Traffic flows through gateway.synoi.systems. BYO provider keys never persist. Every call mints a signed receipt. Works with Claude Code, Cursor, OpenClaw, and 14 other tools you already use.
Learn more →RoadmapSupply Chain Guard (Hlíf)
Q1 2027 · State-divergence sensor.
Open sensor for state-divergence in npm/PyPI packages. Registry mirror, PR bot, and publisher-side HITL land Q1 2027. Designed to feed the Althing governance layer with signed provenance.
Learn more →Available · FreeReceipt Verifier
Paste a URL. See the math.
Public, no-auth tool. Paste any SynOI receipt URL: the page renders the canonical body, the hybrid (Ed25519 + ML-DSA-65) signature, and the verification result. No account required. No SynOI dependency.
Learn more →Standards alignment · what we build on
- CSA · STAR for AI· application in flight
- OpenSSF
- sigstore
- in-toto
- NIST FIPS 204· PQ migration path
- NIST AI RMF
- RFC 8949 · CBOR· reserved · future profile
- RFC 8152 · COSE· reserved · future profile
- RFC 8032 · Ed25519
- ISO/IEC 42001· planned
We don't invent crypto. How SynOI aligns with each body →
Quietly trusted
An available product, in production, with teams building agents that ship.
We don't publish customer names without permission. The shape of the deployments is below, anonymized but accurate. Public references are coming with the next round of customer-story permissions.
Deployment
Series-B AI infra
observability product · 14-tool MCP fleet
Deployment
Regulated SaaS
HIPAA workload · CI/CD release governance
Deployment
Solo developer
OpenClaw + BYO keys · production agents
Deployment
Bootstrapped consultancy
multi-tenant gateway · 6 client tenants
One environment variable.
Receipts from the next request on.
The gateway is free to start. The receipts are free to verify. The protocol is open. Drop SynOI in front of any model call and the audit trail begins.