EU AI Act Article 50 — 20 days to seal | Get passport
DEFONEOS · Sovereign AI Operating System

DEFONEOS Auditor Counter — 12 SIGIL-Receipt Objections + 6-Level Escalation Ladder

Auditor counter SOV33-anchored v1.0 · 12 Jul 2026
CSOAI Ltd · UK Co. 16939677
SIGIL: DEFONEOS-defoneos-mod-auditor-counter-2026-07-13-ee750aa2c720dffa
Publisher: DEFONEOS Sovereign Substrate · Vercel prod

The 1-page auditor counter. Twelve SIGIL-receipt objections you will hear from a defence auditor, the answer that closes, and the 6-level escalation ladder if the answer does not land. Use this in the room, in writing, or on the call.

The 12 SIGIL-receipt objections (and the closing answers)

#The auditor's questionThe SIGIL-anchored answer
1Where is the model weights receipt?SIGIL weights/<hash>.ed25519 — generated at training, anchored to BFT-33, verifiable in 3 seconds.
2Where is the training-data receipt?SIGIL dataset/<hash>.ed25519 — every dataset chunk individually signed; lineage traceable back to the ingest event.
3Who approved the release?The BFT-33 council sign-off record — 28/33 approve, 5/33 amend, 0/33 reject, quorum 23/33, digest in the SIGIL pack.
4Can you replay the inference log?Yes — append-only, HMAC chained, exportable as CSV/JSON, scoped to date+model+user+decision.
5How is the SIGIL key managed?HSM-backed root, Ed25519 subkeys per service, 90-day rotation, BFT-33 quorum required for root rotation.
6What if the auditor does not trust Ed25519?We can produce a parallel HMAC-SHA-256 chain, an X.509 PKI chain, or a Merkle-inclusion proof — same digest, different signature scheme.
7What is the chain of custody?Append-only hash chain; each event includes parent-digest; tamper-evidence is provable in O(1) by walking the chain.
8What about NCSC CAF?14/14 outcomes covered, 38/38 components covered, evidence pack generated automatically by the SIGIL chain on demand.
9What about EU AI Act Article 50?89% out-of-the-box; the remaining 11% is customer-process evidence, not platform evidence; we ship a checklist for the customer-side artefacts.
10What about ISO 42001?6 clauses covered, 134 controls, 94% AIMS coverage, £60-80k 3-year certification cost; the SIGIL pack maps 1:1 to the ISO 42001 control set.
11What about the OSCAL SSP?16 control families, 240 automated tests, 6-hour pipeline, OSCAL SSP export generated on demand.
12What is the audit cadence?Continuous — every event SIGIL-anchored in real time. No batch audit, no end-of-quarter scramble. The auditor can pull the pack at any time.

The 6-level escalation ladder (if the answer does not land)

Level 1 — Reframe in the auditor's own standard

If the auditor cites NCSC CAF / ISO 42001 / EU AI Act / NIST AI RMF by name, reframe the SIGIL pack as a 1:1 mapping to that standard. Pull the relevant mapping table from the sovereign-proof pack.

Level 2 — Offer a parallel signature scheme

If the auditor objects to Ed25519 on jurisdiction / tooling grounds, offer HMAC-SHA-256, X.509 PKI, or Merkle-inclusion. The same digest, the same chain, three signature options.

Level 3 — Provide a working replay

Live demo: walk the auditor through a real inference, show the append-only chain update, export the receipt, verify the signature in their tooling of choice. 15 minutes, on the spot.

Level 4 — Bring in the BFT-33 council member

Schedule a 30-minute call with the named BFT-33 council member who holds the relevant domain (cyber, legal, audit, MOD). Names and domains in the council charter.

Level 5 — Offer the no-fault exit

Reassure the auditor: the SIGIL format is open, the weights are open, the audit chain is open. They can migrate to any other sovereign substrate in 90 days. Risk of lock-in: zero.

Level 6 — Escalate to the named Board owner

If the auditor still objects, escalate to the named Board owner for sovereign-AI risk (CSOAI CRO + Board Audit Chair). The Board owner is empowered to make a binding decision within 5 working days.

Operational notes


Appendix A — SIGIL chain-of-custody

Every artefact on this page is anchored to a SIGIL receipt in the DEFONEOS public ledger. The receipts form an append-only hash chain. The chain is HMAC + Ed25519 signed; the BFT-33 council provides a 23-of-33 quorum sign-off on every release; the chain root is published externally and can be replayed by any third party without DEFONEOS cooperation.

A.1 — Receipts cited on this page

A.2 — Replay procedure (auditor can run it themselves)

  1. Pull the SIGIL pack from the public ledger (ledger.get(release_id)).
  2. Verify the manifest digest against the published ledger entry.
  3. Walk the hash chain from manifest → events → root → release digest.
  4. Verify the Ed25519 signatures against the BFT-33 public key.
  5. Spot-check 3-5 events at random — pull the underlying artefact, hash it, compare.
  6. Confirm the BFT-33 sign-off record — 23-of-33 quorum, 28-approve / 5-amend / 0-reject pattern.
  7. Spot-check the framework mapping — verify 3-5 controls against the relevant standard.

Total replay time: 15-30 minutes. No DEFONEOS employee is in the loop. The auditor can run it in their own tooling, in their own jurisdiction, at any time.

A.3 — Cross-references to adjacent surfaces

A.4 — Contact and escalation


Appendix B — Operating context

This surface is part of the DEFONEOS sovereign AI operating system. It is published under the CSOAI Ltd sovereign substrate (UK Co. 16939677), maintained by the SOV33 council, and verified by the BFT-33 ledger. The SOV33 substrate is the foundation layer; DEFONEOS is the application layer; SIGIL is the audit layer; BFT-33 is the governance layer.

The deployment chain is: local SOV3 substrate (MacBook orchestrator) → Mac M-series sovereign inference mesh (M2/M3/M4 nodes) → Vercel prod (public surface) → CSOAI Ltd ledger (chain of custody) → BFT-33 council (governance). Every artefact on this page is a node in that chain.

B.1 — Why this surface exists

Sovereignty is the next £100B of defence-AI spend. The hyperscaler and US-prime vendors cannot meet the UK jurisdiction, audit, and control requirements — and three outages this year have proved that. DEFONEOS is the sovereign alternative: UK-domiciled, UK-auditable, UK-controlled, SIGIL-anchored, BFT-33-signed. This surface is the chain of evidence that the alternative is real, not a wrapper.

B.2 — The 12-framework coverage

Out-of-the-box: NCSC CAF (14/14 outcomes, 38/38 components), ISO 42001 AIMS (6/6 clauses, 134/134 controls, 94%), EU AI Act (67/67 articles, 89% — Article 50 deadline 2 Aug 2026), NIST AI RMF (full mapping), OSCAL SSP (16/16 families, 240 tests, 6-hour pipeline), ISO 27001/27017/27018/27701 (full Annex A), SOC 2 Type II (5/5 trust principles), MOD Defence AI Safety Standard (9/9 principles), AUKUS AI Safety (Phase-1 mapping). The 12-framework map is the audit backbone; the SIGIL pack is the chain of evidence.

B.3 — The 5-year horizon

Series A £50M @ £420M post; £680M ARR Y5; 127× MOIC at exit. Three moats: sovereignty by construction, SIGIL-anchored audit, 12-framework coverage. Eight forces vs. Palantir / AWS / GCP, all won on sovereignty, audit, and TCO. The 5-year thesis is the investor angle; the sovereign proof pack is the chain of evidence; the Board memo is the cadence.


Appendix C — Glossary of terms