SHA-256 Hash Chain · Bitcoin Anchoring · RFC 3161 Timestamps · Apache 2.0 Licensed · Ed25519 Signatures · OpenTimestamps Protocol · SQLite Backend · SHA-256 Hash Chain · Bitcoin Anchoring · RFC 3161 Timestamps · Apache 2.0 Licensed · Ed25519 Signatures · OpenTimestamps Protocol · SQLite Backend ·

Tamper-evident audit chains for AI.

Nexuscone produces time-anchored, cryptographically verifiable audit trails for AI decisions. Bitcoin anchoring via OpenTimestamps and RFC 3161 trusted timestamping. Apache 2.0 licensed, v0.2.1 on PyPI.

View on GitHub
pip install nexuscone
Live Chain State Idle
1 block
#0 e3b0c442... Genesis
$ Ready to accept entries...
2 Parallel proof tracks (OTS + RFC 3161)
3 Stackable trust tiers
1 SQLite file, whole audit log
0 Trusted parties to verify

Quickstart

Get running in under a minute

main.py
12345678910111213141516 
import asyncio
from nexuscone import Ledger


async def main() -> None:
    async with Ledger("audit.db") as ledger:
        await ledger.log(
            actor="user_service",
            action="user_login",
            payload={"user_id": "u-001", "ip": "203.0.113.7"},
        )
        count = await ledger.verify_chain()
        print(f"chain valid, {count} entries")


asyncio.run(main())
01

Install

pip install nexuscone. Pure Python, runs on Python 3.10 through 3.13, no native build step.

02

Open

Open an async Ledger context against a local SQLite file. The chain is created on first use.

03

Log

Call await ledger.log(actor, action, payload) for each event. Payload is any JSON-serialisable dict.

04

Verify

await ledger.verify_chain() walks every entry and recomputes its hash. Any tamper raises ChainVerificationError.

The Trust Model

Three layers of cryptographic assurance

3
Bitcoin Anchoring OpenTimestamps

Periodic chain state commitments to the Bitcoin blockchain provide global, immutable proof of existence at a specific point in time.

Configurable: every N entries or every M minutes
2
RFC 3161 Timestamping TSA

Trusted third-party timestamps from accredited Time Stamping Authorities provide legally admissible proof of time under eIDAS.

TSA response verified
1
Local Ledger SQLite

An append-only SHA-256 hash chain in a local SQLite database ensures tamper-evidence: any modification breaks the chain integrity.

SHA-256 hash chain in a single SQLite file

How Nexuscone Works

Every audit entry passes through cryptographic verification

01

Capture

AI decision payload received with metadata

02

Hash

SHA-256 computed with previous hash link

03

Sign

Ed25519 signature for authenticity

04

Timestamp

RFC 3161 TSA token acquired

05

Anchor

Bitcoin commitment via OpenTimestamps

CLI Reference

Command-line tools for chain and anchor verification

Terminal · nexuscone
$ nexuscone-verify audit.db --check-anchors

Open Source

Transparent by design

Nexuscone is fully open source under the Apache 2.0 licence. The cryptographic primitives, chain implementation, timestamping integrations, and CLI tooling are publicly auditable on GitHub and installable from PyPI.

Audit infrastructure has to be transparent to be trustworthy. Every byte of Nexuscone is published, every commit is in the open, every release is reproducible from source. Run it locally, read the code, verify the chain yourself.

Apache 2.0 Licensed
Open Source
aperintel/nexuscone Cryptographic audit substrate for AI
v0.2.1
View Repository

Specs and Standards

Built on battle-tested cryptographic foundations

RFC 3161

Internet X.509 PKI Time-Stamp Protocol for trusted third-party timestamps.

Read RFC

OpenTimestamps

Bitcoin-anchored timestamping standard for decentralised proof of existence.

View Spec

SHA-256 Chain

NIST FIPS 180-4 compliant hash chaining for tamper-evident sequencing.

View FIPS

Ed25519 Signing

RFC 8032 EdDSA signatures for entry authenticity and non-repudiation.

Read RFC

Start building tamper-evident audit trails today.

Open source. Battle-tested cryptography. Production ready.

View on GitHub PyPI Package Sponsor Development

Nexuscone is maintained by Aperintel Ltd, London.