About

Building verifiable computing infrastructure for the AI era.

Mission

AI is writing an increasing share of the world's code. That creates a simple question: how do you create a durable record of which changes declared AI involvement?

Invariant Systems builds infrastructure to answer that — with cryptography, not policy documents.

Our first product, AIIR (AI Integrity Receipts), is free, open-source, and runs entirely on your machine. It creates cryptographic receipts for every commit, recording declared AI involvement. One command. Zero dependencies.

By the numbers

0
Dependencies
2214
Tests passing
Apache 2.0
License
3 OS × 5 Py
CI matrix
  • PyPI packagepip install aiir, zero runtime dependencies on the CLI core, Python 3.9–3.13
  • GitHub Action — one-line integration, Sigstore signing on by default
  • GitLab CI/CD Catalog — published component with 4 templates (GitLab CI, GitHub Actions, Azure Pipelines, Bitbucket)
  • Sigstore integration — keyless signing via OIDC, public transparency log, cryptographic non-repudiation
  • Delaware C-Corp — incorporated 2025, standard post-incorporation structure

Why now

AI writes 30–50% of new code at most companies today. That makes a basic engineering question more common: which changes involved AI tools, and what record do you keep with the commit?

Some teams arrive at that question because they want better local provenance and release hygiene. Others arrive there because customers, auditors, or policy teams eventually ask for a durable audit trail. The EU AI Act is part of that broader backdrop, but it is not the whole story.

AIIR is an open-source tool that answers that question for commits with declared AI markers — with cryptographic receipts, not policy documents.

What we believe

  • AI provenance is infrastructure, not a feature. Teams using AI code generation need an audit trail. It should be as automatic as version control.
  • Trust requires cryptography, not promises. Compliance documents are necessary but not sufficient. Tamper-evident receipts are.
  • Open source builds trust. The core tool is Apache 2.0 because auditors need to inspect the mechanism, not just the output.
  • Zero dependencies is a security decision. Every dependency is an attack surface. We chose none.
  • Policy matters, but the product has to stand on its own. Teams should be able to adopt AIIR because the local workflow is useful even before formal governance requirements show up.

Team

Noah Erlwein — Founder & CEO

noah@invariantsystems.io · GitHub

Want to join?

We're a small team building critical infrastructure. If you care about cryptography, developer tools, or AI accountability — we'd like to hear from you.

No open roles posted yet. Reach out anyway: noah@invariantsystems.io

Need help or want to engage?

Bug reports

File reproducible product bugs in the public tracker so fixes, regressions, and workarounds stay visible.

Open a GitHub issue →

Questions and ideas

Use discussions for implementation questions, rollout feedback, and community conversation around AIIR.

Join the discussion →

Security reports

Do not post vulnerabilities publicly. Use the coordinated disclosure path with our published policy and response target.

View security reporting options →