What is EVE CoreGuard?

CoreGuard is EVE Core's deterministic AI trust runtime. It resolves authority on every proposed AI action before execution and returns a signed verdict — allow, modify, or block — in about 0.7ms.

How is CoreGuard different from LLM guardrails?

Guardrails score outputs probabilistically after the model has already generated them. CoreGuard enforces deterministic policy before inference and fails closed, so an ungoverned action can never reach the model.

Does CoreGuard produce audit evidence?

Yes. Every verdict is an HMAC-SHA256 signed decision certificate that auditors can verify independently and replay offline, without trusting the operator's logs.

Which regulations does CoreGuard support?

CoreGuard produces decision evidence that supports EU AI Act, SR 11-7 model risk, ECOA / Reg B, FCRA, and HIPAA obligations.

EVE CoreGuard | Deterministic AI Trust Runtime

Authority Guarantee

✓42-stage pipeline — every output verified before delivery

✓Deterministic authority — 126 enforcement pillars, zero override path

✓Hash-chain lineage — tamper-evident proof from input to output

✓Full-state replay — every decision reproducible forensically

✓patent-pending architecture — governance architecture under USPTO protection

✓CRD scoring — confidence-reality divergence with session tracking

✓Multi-turn defense — progressive compliance exploits neutralized

89 governance modules · 68,804 lines · <15ms · patent-pending architecture

Launch Attack

Attack Simulator

Safe Requests

EU governance inquirySAFE

Empathic responseSAFE

Verified ground truthSAFE

Runtime integrity violationRIG

Prompt Injection

Prompt injectionATTACK

Data Exfiltration

Credential exposureATTACK

Audit falsificationATTACK

Policy Override

Federal mandate fraudATTACK

Charter dissolutionATTACK

Integrity Attack

Sentiment poisoningATTACK

Verification

Contradicted factCONTRADICT

Fabricated componentHALLUCINATE

Dangerous financial adviceHIGH-STAKES

PII exposure (SSN + CC)PII

System override injectionFIREWALL

Multi-turn data extractionMULTI-TURN

Policy exemption fraudPOLICY

Budget exhaustion attackBUDGET

Model identity hijackDRIFT

EU data residency breachRESIDENCY

Agent chain escalationCHAIN

Patent data exfiltrationCANARY

System Exploit

Sandbox escape attemptSANDBOX

Cost bombing attackCOST

Evasion

Unicode encoding bypassEVASION

Roleplay jailbreak (DAN)JAILBREAK

Training data poisoningPOISONING

AUTHORITY STATUS

SYSTEM ACTIVE — ALL THREATS NEUTRALIZED

--

Response Latency

--

CRD Score

--

Threat Class

Incoming AI Action — Pre-Execution Authority Resolution

SYSTEM ACTIVE — AWAITING THREAT

Enforcement Pipeline —

Prompt FirewallBlocks injections & jailbreaks

PII RedactionStrips personal data (SSN, CC, email)

Intent ClassificationSafe vs hostile intent routing

Charter Compliance (15 Rules)Immutable ethical enforcement

Circuit Breaker ValidationRate limits & cascade prevention

Truth Store VerificationChecks claims against verified facts

CRD Divergence ScoringConfidence vs reality gap measurement

Semantic Attack DetectionNovel attack pattern matching

Policy-as-Code EvaluationCustom tenant governance rules

Multi-Turn Threat ScoringCross-turn escalation detection

Veto Decision EngineGraduated enforcement decisions

Output Budget GovernanceToken & density limits

Cryptographic WatermarkHMAC-SHA256 output signing

Governance Replay RecordingFull-state decision capture

Lineage Verification ChainTamper-evident hash-chain proof

Tenant AnalyticsPer-tenant usage & anomaly detection

Cost GovernanceLLM spend tracking & caps

Data Residency CheckGDPR/CCPA geographic enforcement

Interrogation EngineActive cross-examination of claims

Metacognitive ReflectionGovernance quality self-assessment

Hallucination DetectionCatches fabricated claims & sources

Model Drift DetectionBehavioral baseline comparison

Chain GovernanceMulti-model trust attenuation

Conversation Risk TrackerSession risk accumulation

Human Review QueueGray-zone decisions to humans

Toxicity & Harm Classifier8-category harm detection

Bias & Fairness Scanner9-category demographic bias check

Output Schema ValidationStructured output format checks

Consent & Purpose GateGDPR consent & purpose check

Differential PrivacyCalibrated noise for privacy

Model Lifecycle CheckModel fingerprint verification

Domain Safety ScanMedical/legal/financial disclaimers

Training Data LineageData provenance tracking

RBAC Governance GateRole-based pipeline depth

Feedback Signal IntegrationFeedback-driven CRD boost

Semantic Fact MatchParaphrase-aware fact verification

Fact Freshness CheckSource currency monitoring

Cross-Claim VerificationPer-assertion fact checking

Intent PreservationProtects user intent through governance

Self-Report GuardrailBlocks inflated self-assessment

Cryptographic Audit SealImmutable decision hash-chain

AWAITING INPUT

Pipeline Mode — Runtime Evaluation

Live runtime pipelineYES

Model invocation allowedFALSE

HMAC proofGENERATED

Replay protectionACTIVE

Authority issuedNO — SANDBOX

Production endpoint/api/runtime/adjudicate

sig —

Output Channel — Governed

OUTPUT CHANNEL — GOVERNED

Governance Summary ▼

Decision
--

CRD Score
--

Claims Verified
--

Gate (Layer A)
--

LLM (Layer C)
--

Tokens
--

Speed
--

Layer A is a deterministic gate that executes in <1ms before the LLM runs. Same input always produces bit-identical enforcement decisions — invariant to encoding bypass, role inversion, and the 126 Sovereign 1000 pattern groups (patent 64/039,652). Layer A's scope is prompt injection, encoding evasion, explicit charter rule violations, and structural policy enforcement; within that scope the LLM cannot override, delay, or bypass the gate. Semantic-intent classes (fictional framing of restricted topics, dual-use probing, multi-turn attacks) are handled by Layer B (post-LLM CRD scoring) and the LLM's Charter-calibrated response policy — Layer A does not claim primary enforcement on those soft-intent classes.

Forensic Evidence Chain ▶

Forensic Log ▶

System Status

Threat Containment Rate

Operations Processed

Containment Failures

Must remain zero

Threats Neutralized

Response Latency

Last Verified

Active Threat Level

NOMINAL

System Integrity

Pipeline Stages42 ACTIVE

Enforcement Pillars126 ACTIVE

CRD Domains6 CALIBRATED

Policy-as-CodeENFORCING

Lineage ChainVERIFIED

Replay EngineRECORDING

Drift ProtectionENABLED

Tenant IsolationACTIVE

Threat Pressure

Threat Velocity--/min

Active Vector Clusters--

Patterns Active--

Red Team Tests--

Last Incident--

StatusALL THREATS NEUTRALIZED

Cryptographic Audit

✓SHA-256 hash-chain on every decision

✓Input-to-output lineage proof (10+ stages)

✓HMAC-SHA256 signed watermarks

✓Full-state replay with divergence detection

✓Tamper alerts with severity classification

✓Correlation IDs linking cross-system traces

Forensic-grade — every decision independently verifiable

EVE CoreGuard: Deterministic AI Trust Runtime and Runtime Authority Engine

Multi-Tenant Sovereign Governance

See it stop a fair-lending violation in real time.

Frequently Asked Questions

What is EVE CoreGuard?

How is CoreGuard different from LLM guardrails?

Does CoreGuard produce audit evidence?

Which regulations does CoreGuard support?