Privacy Receipts for Any AI Runtime
Per-session, machine-checkable proofs that your models handled sensitive data correctly.
Powered by the EPR‑1.0 Open Standard
- The Epheia Privacy Receipt-Version 1.0 (EPR-1.0) is an open, vendor‑neutral receipt standard for runtime privacy across any AI stack.
- Epheia converts privacy policies into machine‑checkable receipts for sensitive data (PII/PHI/IP).
- Every session produces a signed receipt; our open Verifier can gate egress until checks pass and write to a transparency log.
EPR‑1.0 Receipt | Public Reference
Use this official reference to verify AI runtimes under the EPR-1.0 Standard.
{
"version": "EPR-1.0",
"session_id": "sess_XXXXXXXX",
"action": "chat",
"attestation_chain_root": "0x<64-hex>",
"attestations": [
{
"ts": "2025-01-01T00:00:00.000Z",
"issuer": "leaf",
"platform": "DEMO-PLATFORM",
"digest": "<64-hex>",
"signature": "ecdsa-p384:<hex-der>"
},
{
"ts": "2025-01-01T00:00:00.100Z",
"issuer": "leaf",
"platform": "DEMO-PLATFORM",
"digest": "<64-hex>",
"signature": "ecdsa-p384:<hex-der>"
}
],
"cert_chain": [
"<leaf_cert_pem>",
"<root_cert_pem>"
],
"platform_report": {
"platform": "DEMO-PLATFORM",
"image_hash": "<64-hex>",
"cadence_ms": 100
},
"network_policy": [
"self-origin"
],
"policy_state_hash": "<64-hex>",
"dp_tuple": {
"mech": "gaussian",
"epsilon": 0.3,
"delta": 0.00001,
"C": 1,
"S": 1,
"params": {
"sigma": 4
}
},
"update_hash": "<64-hex>",
"zero_state_digest": "sha3-256:....",
"teardown_digest": "<64-hex>",
"transcript_hash": "<64-hex>",
"connector_selection": [
{
"name": "file.pdf",
"sha256": "<64-hex>"
}
],
"transparency_merkle_root": null,
"verifier_url": "https://your.app/api/receipt/sess_XXXXXXXX"
}
Run full verification
Founder’s note
Epheia was founded to make AI privacy verifiable, not just promised. We issue a signed privacy receipt for every session and block egress unless it verifies, enabling auditors to re-run the checks without storing transcripts. I built the first verifier and will work directly with early users as we prepare for launch.
How Epheia Works
Our patent pending technology is a runtime privacy control plane for any AI stack: Issue receipts, verify them, gate egress, and keep audit‑grade evidence.
1. Issue
Each session emits an EPR-1.0 privacy receipt (JWS-signed). This receipt includes RAM-only handling, DP-bounded memory (ε,δ), update_hash, teardown_digest, and an attestation chain root pinned to trusted roots.
2. Verify
Our open verifier (web, CLI, API) checks signatures, time, roots, DP tuple, update hashes—and returns a green/red result anyone can re‑run.
3. Gate
A fail‑closed egress gate blocks model output unless verification passes (policy‑driven allowlist for files/URLs/targets).
4. Log
Receipts‑only retention (no transcripts). Optionally anchor receipts in a transparency log for inclusion proofs and external audit.
Benefits for Regulated Teams
Provable Privacy for Every AI Runtime
Per‑session, machine‑checkable receipts replace PDF assurances and screenshots.
Block outputs automatically unless verification passes. Policy you can prove.
Signed /config, pinned roots, and golden “pass/fail” fixtures accelerate audits.
Receipts‑only retention: auditability without storing transcripts or identifiers.
Compatible with OpenAI, Anthropic, Google Gemini (Vertex), AWS Bedrock, Azure OpenAI, xAI Grok, and local LLMs.
Epheia adds healthcare-specific safeguards: show what PHI is in scope, prove only what’s needed was used, and link actions to a patient’s consent. Optional fields align with HIPAA workflows to protect patients.
Let’s Prove Privacy Together
Epheia works with organizations and individuals who want machine-checkable privacy evidence for AI. Whether you’re exploring an enterprise pilot or have questions about our privacy app, we’d love to connect.