IIIThe Methodology
Read the actual threat model.
A public methodology document describes exactly what NuWyre claims, what it does not, and how every claim is enforced. Written for forensic experts, regulators, and defense counsel — not marketers. v1.1 ships with §§1-9 substantively drafted (threat model, integrity model, evidence format incl. v2.0.0 dual-signing amendment, verification procedure incl. dual-sig dispatch, policy evaluation, detection and response, retention and legal hold, audio handling, limitations); §10 (quarterly review log) ships as honest stub awaiting first production-quarter entries; §11 (worked example) deferred to v1.2 awaiting real customer scenario data.
The methodology covers the threat model (what tampering is prevented and what isn't), the integrity model (how the cryptographic guarantees compose), the evidence format specification (a public, versioned, open standard), the verification procedure (independently performable), the policy evaluation methodology (deterministic, reproducible, version-pinned), audio binding, retention and legal hold, and the limitations we openly disclose.
It is the document a federal court will read if your evidence is challenged. It is the document a reinsurer will read before pricing AI liability coverage. It is the document we will be held to.
- § 1Threat Model
- § 2Integrity Model
- § 3Evidence Format Specification
- § 4Verification Procedure
- § 5Policy Evaluation Methodology
- § 6Detection and Response
- § 7Retention and Legal Hold
- § 8Audio Handling
- § 9Limitations and Honest Disclosures
- § 10Quarterly Review Log(forthcoming)
- § 11Worked Example(deferred to v1.2)
A Forensic Specification for AI Agent Interaction Records
Threat model, integrity model, and evidence format · v1.1
Reviewer program
Help us pressure-test the methodology.
We're recruiting reviewers across five areas: academic cryptographers and security researchers (transparency logs, append-only systems, Merkle proofs); law-school clinics and academic legal scholars (TCPA, FDCPA, healthcare privacy); independent security researchers (we want you to break this); practitioners with domain pain (compliance officers, call-center operators, debt-collection lawyers who have lived TCPA litigation); and standards-track participants (IETF, W3C, NIST timestamping and transparency working groups).
We seek critical assessment, including disagreement and pushback. We don't want endorsement; we want stress-testing. Named credit is opt-in — reviewers choose whether their assessment is publicly attributed. Time commitment is bounded: 2–4 hours for a spot-check, ongoing for retainer relationships once that tier opens.
We currently operate on a volunteer basis. As the program matures, we expect to offer honoraria for scoped reviews and retainer relationships for ongoing reviewers.
Private Beta
Records you can defend.
NuWyre is in private beta with methodology reviewers from healthcare and financial services. If your AI agents are talking to your customers, we'd like to talk to you.