The runtime side of the Kinetic Gain Protocol Suite. A drop-in TypeScript SDK that emits hash-chained audit events, enforces buyer-issued Decision Card vault contracts before AI tools touch sensitive data, and signs every event with ed25519 — so the SaaS embedder ships in-product analytics and AI features that the buyer's procurement team can verify without trusting the embedder's word.
kinetic-gain-embedded is the SDK any B2B SaaS embedder drops into their codebase to make their in-product analytics + AI features verifiable. TypeScript-first, dual ESM/CJS, zero runtime dependencies, Node 20+. 42 tests across 4 suites cover the canonical-JSON hashing, the vault contract enforcement, the hash-chain invariants, and an end-to-end integration path.
import { AuditStream, applyVaultContract, parseDecisionCard, NdjsonFileSink } from "kinetic-gain-embedded"; const card = parseDecisionCard(decisionCardJson); const audit = new AuditStream({ source: "my-saas-prod", decisionCardRef: card.canonical_url, sink: new NdjsonFileSink("/var/log/audit.ndjson") }); const { payload, redactionApplied } = applyVaultContract(customerRecord, card); await audit.emit({ kind: "ai.chat.completion", redaction_applied: redactionApplied });
Hash-chained event emission. UUID v7 event_ids (time-ordered). Genesis prev_hash = 64 zeros. Optional ed25519 signing. Pluggable sinks for any pipeline.
Tokenize, mask, hash, or drop fields per the buyer's Decision Card before any AI tool sees them. Injectable tokenizer for Skyflow / Privacera / self-hosted vault.
Load + structurally validate the buyer's signed authorization document. Single source of truth for vault rules, retention envelope, and the canonical decision_card_ref stamped on every audit event.
Replay-ready. An auditor on the other side of the trust boundary recomputes hashes and signatures from canonical JSON — byte-for-byte interop with the Python and Go verifiers across the rest of the Suite.
Drop the SDK in to ship the embedded surface. Subscribe to the hosted tier to get the buyer-readable verification side: a dashboard a buyer's procurement team logs into, sees the live hash chain, replays the vault contract state, and downloads quarterly evidence bundles for their auditor — all without you running the GRC engineering yourself.
| Tier | Monthly | For | Includes |
|---|---|---|---|
| Solo | $1,500 | Series A SaaS | Hosted audit-stream sink · Decision Card hosting · buyer-readable verification dashboard |
| Team | $3,500 | Series A/B | Solo + ed25519 signing service · quarterly evidence bundle exports · SLA |
| Scale | $7,500 | Series B+ · SOC 2 prep | Team + dedicated tenant · vault provider co-integration · SOC 2 audit-evidence kit · concierge integration |
Three independent problems collide when a B2B SaaS adds AI features:
1. Buyers' compliance teams need a hash-chained ledger of which AI tool read what customer data, when, under what consent — and they need to verify it without trusting your word.
2. The AI tool itself should never see raw PII / PHI / SPI. Without a runtime vault contract layer, your engineering team is one prompt-injection away from a CloudWatch log full of regulated data.
3. The audit trail has to be re-playable by an external auditor. Without canonical-JSON hashing + ed25519 signing, a clever insider can rewrite history.
Kinetic Gain Embedded gives you the runtime side. The Decision Card is issued by the buyer. The SDK enforces it on your side. The audit stream is replayable by the auditor. That triangle is the whole product.
Reference scaffolding for audit evidence — not a HIPAA / FERPA / SOC 2 / GDPR / ISO 27001 / NIST AI RMF / EU AI Act / ISO 42001 compliant or certified product. Compliance posture depends on the embedder's full control environment and external attestation specific to each regulatory regime.
When your enterprise customer's security team asks for a "procurement packet" or "security review packet" before they'll go to PoC, the KGE SDK now ships a 17-section fill-in template at docs/sales/PROCUREMENT-PACKET.md — adapt and send.
The packet is KGE-enabled: §8 contains four verifiable claims about your trust boundary that only work because KGE backs them — hash-chained audit (verifyChain()), vault-contract tokenization (applyVaultContract()), ed25519-signable events (verifyEd25519Signature()), and customer-defined Decision Cards. Each claim ends with "Proof: <SDK function call>" pointing at code in the open-source repo. Your customer can verify each independently without trusting your word.
Maps to SIG-Lite, CAIQ, VSA Core, and custom AI security questionnaires (cross-reference table in §15). Honest pre-SOC-2 framing copy/pasted verbatim in the intro. Companion buyer-side templates linked in §17 (Trust Pack — the inverse: what your customer uses to evaluate vendors like you).
Apache-2.0 licensed alongside the SDK. Scaffolding for human use, not a SOC 2 substitute, not legal advice — fill in honestly, have counsel review, send.