DSG

DSG ONE

ProofGate Control Plane

Evidence Pack

Audit evidence for governed AI execution

DSG ONE produces structured AI action governance evidence with runtime decisions, request hashes, record hashes, benchmark evidence, invariant checks, evidence bundle hash/signature metadata, and exportable audit records.

Evidence source
Purpose
Status
Production Gateway Benchmark
6/6 checks passed, 100% pass rate
Implemented
SMT2 Runtime Invariants
6/6 invariant cases passed
Implemented
Comparison Rubric
190/200, 95% internal rubric score
Implemented
Public Vendor Baseline
5 public documentation baselines, vendorRuntimeTested=0
Implemented
Audit Export API
Exportable JSON audit evidence
Implemented
Evidence Bundle with Hash/Signature Metadata
Portable bundle with bundleHash, eventHashes, and signature metadata
Implemented
GitHub Secure Deploy Gate Action
CI/CD gate evidence with verdict and evidence hash
Implemented
PDF Evidence Report
Human-readable reviewer report
Planned

Sample evidence bundle structure

{
  "type": "dsg-gateway-signed-evidence-bundle",
  "version": "1.0",
  "orgId": "org-smoke",
  "count": 1,
  "bundleHash": "sha256-bundle-placeholder",
  "eventHashes": ["sha256-event-placeholder"],
  "signature": {
    "algorithm": "hmac-sha256",
    "signature": "hmac-signature-placeholder",
    "signatureMode": "hmac",
    "keyId": "env:DSG_EVIDENCE_SIGNING_SECRET"
  },
  "events": [
    {
      "tool_name": "custom_http.customer_webhook",
      "action": "post",
      "decision": "allow",
      "request_hash": "sha256-request-placeholder",
      "record_hash": "sha256-record-placeholder"
    }
  ]
}

Boundary

This page shows sample and internal production evidence. DSG ONE returns HMAC signature metadata when DSG_EVIDENCE_SIGNING_SECRET is configured. If the signing secret is not configured, DSG ONE returns hash-only signature metadata.

This page does not claim WORM storage, external attestation, third-party audit, or guaranteed compliance.