AI wrote your code.
Here's the receipt.

Every AI-generated commit gets a tamper-proof cryptographic receipt. Audit trail for the AI era. EU AI Act ready. 

┌─ Receipt: g1-a3f8b2c1d4e5f6a7...
  Commit:  c4dec856
  Subject: feat: add auth middleware
  Author:  Jane Dev <jane@example.com>
  Files:   4 changed
  AI:      YES (copilot)
  Hash:    sha256:7f3a8b...
  Time:    2026-03-07T09:48:59Z
  Signed:  ✓ Sigstore (rekor.sigstore.dev)
└──────────────────────────────────
pip install aiir && cd your-repo && aiir --pretty
GitHub → PyPI

The problem

AI writes 30–50% of new code at most companies. Copilot, ChatGPT, Claude, Cursor — it all goes into git commit with no systematic record of what was human and what was machine.

EU AI Act, Article 13 takes effect August 2026. AI systems in production require transparency and audit trails. AI-generated code with no provenance is a compliance gap.

Your auditors will ask: "Which code was AI-generated? Can you prove it?"

AIIR answers that question cryptographically. One command. Zero dependencies. Apache 2.0.

Who asksWhat they need
SOC 2 / ISO 27001 auditorTamper-evident record of AI involvement per commit
EU AI Act complianceTransparency trail for AI-generated artifacts
Insurance underwriterProof of human oversight over AI code
Engineering leadership"We review all AI code" — now you can prove it

AIIR — AI Integrity Receipts

One tool, three interfaces. Scans every commit for AI signals and generates a content-addressed receipt. Change one character — the receipt breaks.

🤖 MCP Tool

Your AI assistant generates receipts automatically. Works with Claude, Copilot, Cursor.

💻 CLI

pip install aiir — receipt any commit, range, or PR. Zero dependencies.

⚙️ GitHub Action

One YAML file. Every push and PR gets a receipt. Uploaded as build artifact.

🔏 Sigstore Signing

Optional keyless signing via Sigstore. Cryptographic non-repudiation + public transparency log.

0
Dependencies
285
Tests
73
Security Controls
9
Adversarial Rounds

Quick start

# Receipt your last commit
pip install aiir
aiir --pretty

# Receipt a whole PR branch
aiir --range origin/main..HEAD --pretty

# GitHub Action (one line)
uses: invariant-systems-ai/aiir-action@v1

Full documentation on GitHub →

Deploy across your organization

AIIR works today, at any scale. One CLI for a solo developer. One GitHub Action for a 500-person engineering org. Same cryptographic guarantees either way.

🏢 Enterprise rollout

Add one YAML file to every repository. Every commit gets a receipt. Central audit dashboard via JSONL export.

→ "We receipt 100% of AI code" in 30 minutes

📋 EU AI Act readiness

Article 13 transparency requirements take effect August 2026. AIIR provides the provenance trail auditors will ask for.

→ Compliance gap closed before the deadline

🔒 AI code governance

Policy: "All AI-generated code must be receipted before merge." Enforceable via GitHub Action + branch protection.

→ Governance framework your board can point to

📊 Risk & insurance

Cryptographic proof of human oversight. Tamper-evident audit trails. Sigstore transparency log for non-repudiation.

→ Evidence package for underwriters and auditors

Company

Invariant Systems, Inc. is a Delaware C-Corp building verifiable computing infrastructure for AI systems. Patent applications filed. Counsel: Wilson Sonsini Goodrich & Rosati.

Contact

noah@invariantsystems.io