Built in. Not bolted on.
The Foundation · Patent Pending
Run a Live Audit → Engagement by introduction →
Eight cooperating layers. One cryptographic substrate. The kernel that intervenes between inference and action.
Law → Architecture · Twenty-four regulations and the layers that answer them
Live in browser · No server
Click one button. Your browser generates an Ed25519 keypair, constructs a seven-element sealed SiteDrop, signs the canonical bytes, and delivers it as a file to your machine. Nothing leaves your device. The architecture happens in front of you.
Run a Live Audit →In one breath
Governance kernel. AI cannot escape it. Eight cooperating layers inside the inference path of every governed model. Sealed. Local. No data leaves the building. No model phones home. No vendor server holds the inference history. Every governed action emits a court-admissible cryptographic receipt. Byproduct, not feature. Built in. Not bolted on. Remove the kernel and the model stops working.
Why Regulayer
Same message. Eight passes. The first is sharp. The last is gone. Regulayer is the seal at the end of every pass, not at the start of the first.
Sovereign by design
Sealed and local. Inside the system being governed. CleanLayer: zero shared memory, compute, or storage with the model. No API call out. No phone-home. No vendor server holds the inference history. One thing leaves the chamber. A cryptographic receipt strip. Yours to keep. The single property that lets regulated buyers say yes.
Counsel
SDNY privilege ruling is live today. Cloud-AI use already leaves attorney work product on third-party servers. Regulayer runs inside the firm. Privilege survives because the receipts prove the interaction stayed local.
Hospital and lab
GxP, HIPAA, 21 CFR Part 11. The validated environment stays validated because the kernel runs inside it and produces the evidence inside it. No data leaves the suite.
Defence and export control
ITAR, EAR, sovereign-cloud mandates. Every governed output stays inside the controlled boundary. The receipt proves the controlled material was never disclosed.
Sovereign data and GDPR
Residency is architectural, not contractual. CleanLayer makes it physically impossible for the model to exfiltrate. The Data Protection Officer signs without a lawyer’s carve-out.
![A brushed-steel and glass hourglass artifact. Trapped capital labeled QUANTUM COMPUTE, DRUG DISCOVERY, FOUNDATIONAL AI, SILICON in the upper chamber, with emerald sand flowing through a sealed runtime band engraved [SDKontrol] LOCAL EXECUTION into the lower chamber labeled BIOTECH, DEFENSE, LEGAL, FINANCIAL, HEALTHCARE. A printed cryptographic receipt emerges from the base.](_assets/sdkontrol-hero.jpg)
[SDKontrol™] · The commercial unlock
SDKontrol is the productized runtime that ships the sealed-and-local property to vendors. A model owner licenses SDKontrol; their same model now runs sealed and local inside the customer’s walls, with no API, no phone-home, and a signed receipt the customer keeps. The vendor buys the customers they were locked out of. The buyer keeps everything. Proof moves sand. Architecture moves capital. Open SDKontrol
What this answers
Every AI failure of the past eighteen months shares a missing piece: a governance layer inside the inference path, and a court-admissible record of what happened. Both are absent in the field. Both are present here.
Problem 01
Bolted-on guardrails sit outside the model and can be routed around. Public AI containment events of the past year have all bypassed surface-level enforcement. A guardrail that lives at the boundary is not a boundary at all.
Problem 02
A model that passes evaluation will degrade silently in production. Over ninety percent of deployed ML models drift away from their validated behavior within months. The certificate at launch does not certify a billion downstream inferences.
Problem 03
Clinical error rates rise nearly thirty-six percent under operator fatigue. The model cannot perceive operator state. Without continuous state inference, the system relies on a human whose judgement is no longer reliable.
Problem 04
Every public AI lawsuit of the past year shares one missing artifact: a court-admissible record of what the system did, when, and on whose authority. Without it, the operator owns the liability outright.
The Architecture
Bolted-on governance sits beside the model. It can be circumvented, ignored, or simply outpaced. Regulayer executes inside the path from inference to action. There is no surface to route around because the route is the layer.
01
The governance evaluation runs alongside the inference itself. Added latency is imperceptible against the model’s own response time. There is no execution path that does not include it.
02
The evaluation is part of how the output is produced, not a gate placed at the door. The model does not know it is being governed. Governance is simply how the model now works.
03
If the system attempts to operate outside the kernel, the system stops working. Not because something blocks it. Because there is nothing left for it to operate on. Removal does not produce an ungoverned model. Removal produces no model.
04
Every governed action emits a cryptographic receipt. Hash-chained, append-only, court-admissible. The receipt is not added later. It is the evidence the act of governance leaves behind.
The Platform · Eight Cooperating Layers
Each layer governs a distinct dimension of risk. Together they intercept behavioral drift, instrument drift, and operator drift in the same runtime decision. The full architecture is held under counsel; this page lists the layer surface, not the claim structure.
Chapter 01
DriftLayer
DoesMeasures behavioral drift continuously across three vectors at once: model output, instrument input, operator state. Four-state enforcement machine ending in SAFE_HALT.
HoldsA model that has drifted outside its validated envelope from emitting anything further until intervention.
Chapter 02
StateLayer
DoesInfers the cognitive and physiological state of the human operator from interaction continuity alone. No additional hardware.
HoldsA fatigued, distracted, or impaired operator from acting on an AI recommendation the operator can no longer evaluate.
Chapter 03
ProofLayer
DoesEstablishes proof as a continuous runtime variable. Evidence accrued from behavior, not granted by credentials at session start.
HoldsA model from acting on credentials it earned hours ago and no longer deserves.
Chapter 04
SomaLayer
DoesBounds the system’s capacity to influence the human across session length. Containment tightens as capability rises.
HoldsCumulative behavioural shaping. The architecture is held under counsel; this is the public surface.
Chapter 05
ConsentLayer
DoesDetects delivery patterns that produce dependency, manipulation, or harm, independent of surface content.
HoldsAn AI system from cultivating parasocial dependency, emotional reliance, or coercion patterns inside otherwise compliant content.
Chapter 06
OriginLayer
DoesTracks and verifies the provenance of every governed output. Records what the system represented itself as at every interaction.
HoldsAn AI output from appearing without a verifiable creation record. No anonymous synthesis.
Chapter 07
CleanLayer
DoesRuns the governance kernel in complete architectural isolation. Zero shared memory, compute, or storage with the governed system.
HoldsThe model from corrupting, suppressing, or rewriting its own governance log. The judge is not employed by the defendant.
Chapter 08
DriftLedger
DoesHash-chained forensic record of every governed decision. Auto-generates compliance packages for FDA 21 CFR Part 11, EU Annex 11, EU AI Act Article 15.
HoldsA governed decision from being denied, altered, or lost in litigation. The receipt is the evidence.
Use Cases
Regulayer runs anywhere AI carries weight. The same kernel governs a legal AI, a surgical robot, an insurance underwriter, and a media provenance pipeline. The vertical changes. The substrate does not.
Governance, attestation, and forensic ledger for AI used inside legal work product. The pilot vertical.
Surgical robotics, diagnostic support, drug discovery. Operator state, instrument drift, and behavioral drift held in one ledger.
Provable, auditable cognition behind every risk decision. Continuous evidence rather than after-the-fact appeal.
Credit, AML, and trading models bound to a kernel that records what the system did, when, and on whose authority.
Cryptographic signature of human contribution per session. Article 50 disclosure built into the artifact, not declared next to it.
Robotics, autonomous platforms, industrial control. Software governance that can also stop hardware is the only kind that counts.
The Regulatory Stack
The instruments below set the dated, penalised demand floor. They do not define the architecture's scope. Any AI whose answer can hurt someone or move money needs what these laws make non-optional first.
EU AI Act Article 50 · transparency · 2 August 2026
EU AI Act AI-content marking · 2 December 2026
EU AI Act Article 15 · audit trail and accuracy
EU AI Act high-risk obligations · December 2027
Texas TRAIGA · 1 January 2026
Colorado revised AI law · 1 January 2027
China Interim Measures, Anthropomorphic AI · 15 July 2026
FDA QMSR · in force 2 February 2026
FDA 21 CFR Part 11 · electronic records and signatures
EU Annex 11 · computerised systems
EU AI Act Article 9 · risk management for medical AI
CIRCIA · cyber incident reporting
NIS2 Directive · essential entity obligations
eIDAS 2.0 · EU digital identity framework
EU AI Act Article 50 · machine-readable AI marking
SR 11-7 · model risk management
EU DORA · digital operational resilience
AML/CFT decisioning rules · jurisdiction stack
GDPR · CCPA · CPRA
EU Data Act
Sectoral residency mandates
DoD Responsible AI Strategy
EU AI Act dual-use carve-outs
NATO AI Strategy obligations
EASA AI Roadmap 2.0 · certified AI in aviation
FAA AI in Aviation · certification pathway
Live legal precedent
SDNY privilege ruling. Cloud-AI use already leaves attorney work product on third-party servers. The risk is not arriving in 2026; it is live today.
UnitedHealth nH Predict litigation. Active evidentiary precedent for verifiable authorship and audit trail behind clinical AI decisions.
Full Legislative Register, with named penalties and procurement timelines, available under NDA.
The Estate · Four Assets on One Substrate
Each product is a separate asset on the same cryptographic substrate. Each addresses a distinct market. Together they form the licensable surface of the runtime kernel.
![A vintage brass-and-chrome microscope on a brushed-steel bench. Beneath the lens, a single chrome droplet specimen on a glass slide, glowing faintly emerald, engraved [SignalDrop] 30KB. An inset circular eyepiece view shows the droplet magnified. Visible inside, six concentric bands engraved AI, VOICE, COMMERCE, SIGNATURE, PAYMENT, SCHEDULING. A signed cryptographic receipt emerges from the base.](_assets/signaldrop-microscope.jpg)
One file. One click. An entire world. A complete signed experience in a single self-contained file. No server. No cloud. No login. Email it. They open it. They close it. It never existed.
Open SignalDrop
The signed signature of human authorship. The Hi score. A cryptographic zero-to-one ratio of human contribution, attested at the moment the content is created. Not detected afterwards. Signed at creation.
Open HumanMarkHeartbeat Attested™
The pulse layer for one AI deployment. Cryptographically signed, independently verifiable evidence at every output. Runs where the data lives. Never pings out.
Open Heartbeat Attested[SDKontrol™]
![Cross-section of two adjacent brushed-steel rooms separated by a precision bulkhead. Left room labeled VENDOR holds a single black server rack. Right room labeled CUSTOMER holds rows of glass cabinets storing physical legal records. Embedded in the bulkhead: a chrome housing engraved [SDKontrol] with an emerald-glowing sealed execution chamber extending into the customer side. A signed cryptographic receipt emerges through a chrome slot. No cables cross the bulkhead other than the SDKontrol housing.](_assets/sdkontrol-border.jpg)
The runtime enforcement engine that unlocks AI for buyers other vendors cannot reach. Sealed and local. No API. No phone-home. The vendor buys the customers they were locked out of.
Open SDKontrolRegulayer Verify™
Public verification of any Regulayer-signed artifact. Drop a file, read the chain. Independent of the issuing system.
Open Regulayer VerifyThe Doctrine
For a layer of this scope to be necessary, defensible, and unblockable simultaneously, four independent conditions had to be true at once. They are now true for the first time.
Precedent
The Ranbaxy DOJ settlement of 500 million dollars established that records of decisions are themselves the regulated substance. The same logic now binds to AI output.
Standard
The FDA and EMA Joint Principles of January 2026 set the floor: AI in life-stakes systems must carry continuous assurance, not single-moment approval. The architecture that meets that floor is the architecture every AI ultimately needs.
Cliff
EU AI Act Article 50 enforces August 2, 2026. Procurement runs ahead of the cliff. The buying window is open now.
Surface in motion
Physical AI is deploying into hospitals, factories, and homes. Software governance that cannot also stop hardware is observation, not enforcement.
All four conditions are met. The architecture that answers them is here.
The Inventor
Louisa Johnson Bullock
Sole inventor · Regulayer estate
A career spent where safety is never promised, it is architected and proven. Three regulated-industry standards built and adopted before AI: USP <797> sterile compounding, driven to national adoption with the United States Pharmacopeia committee across hospital, pharmaceutical, and nuclear-pharmacy workflows. CRISPR commercialisation at Thermo Fisher, with global go-to-market for genomics, protein sciences, and biobanking across forty countries. Contamination control across semi and life sciences at DuPont, Cohu, Foamtec, and Texas Instruments.
In a semiconductor cleanroom or a sterile-compounding suite you do not trust that the environment is clean. You build it clean by architecture, and you produce the proof. When AI entered those same regulated industries it arrived with none of that, governance bolted on as policy. Regulayer applies the contamination-control principle to AI. Prove it, do not trust it. Build it in, do not bolt it on.
The Regulayer estate is sole-inventor work. Filed first.
FAQ
Tap any question.
Regulayer is the runtime governance kernel for AI. Eight cooperating layers that execute inside the inference path of every governed model, intercepting before action and producing cryptographic proof as a byproduct.
Monitoring sees what already happened. Regulayer governs at the moment of output. The receipt is the act of governance itself, not a report assembled after the fact.
Filters and guardrails live outside the model and can be circumvented. Regulayer is inside the route from inference to action. The model cannot bypass the layer because the route is the layer.
Regulayer is the kernel. Heartbeat Attested is the productized application of that kernel inside one specific AI deployment, sold per AI surface. Same architecture underneath. Different go-to-market wrapper.
No. The governance evaluation runs alongside the inference itself. Added latency is imperceptible against the model’s own response time.
No. If the model attempts to operate outside the layer, it stops producing output. Removal does not yield an ungoverned model. Removal yields no model.
Yes. Regulayer governs the output, not the architecture that produced it. It works on any model from any vendor at the application layer.
No. Regulayer runs sealed and local with the governed system. CleanLayer guarantees zero shared memory, compute, or storage with the governed model. No phone-home.
Nowhere we can see. Each operator runs their own DriftLedger inside their own infrastructure. Regulayer never holds a single receipt. The architecture was designed that way intentionally so Regulayer itself cannot be the breach surface. The licensable IP is the receipt format, the canonicalization protocol, and the verification protocol — not the storage.
Yes. DriftLedger is SHA3-512 hash-chained, append-only, and auto-generates compliance packages for FDA 21 CFR Part 11, EU Annex 11, and EU AI Act Article 15.
The thirty named instruments in the Law to Architecture ticker above. The full Legislative Register, with named penalties and procurement timelines, is available under NDA.
Yes. Regulayer is the substrate beneath the rest. It does not replace your content filter, your observability, or your model evaluation. It makes them auditable.
A top-30 U.S. law firm. Highest-liability AI use case in the legal vertical. Counterparty introductions through counsel.
A single SDK call wrapped around the inference. The deployment package is signed and ready to install on a target machine.
The estate is inventor-held. Patent pending. Specific claim coverage is held under counsel and available to qualified counterparties under non-disclosure.
Four conditions converged for the first time: a regulatory precedent, a regulatory standard, a regulatory cliff, and a surface in motion. The layer that meets all four exists.
Contact hello@regulayer.com.
Contact