Active investigations across reproducibility, audit, and provenance.
Evidence + replay layer
Local-first run capsules for capture, replay, diff, validation, and audit workflows. CLI capture, SDK decorator, API/MCP proxy, and OTel GenAI semconv all captured.
NovaSeal trust layer
Tamper-evident DSSE/RFC 3161 sealing in local profile. Cryptographic SoD enforced. Enterprise HSM/X.509 PKI not claimed.
Lineage and provenance
SQLite lineage is experimental (10M-edge KuzuDB benchmark done). KuzuDB backend is prototype. Lineage federation is experimental with legal review pending.
Server + dashboard
Multi-tenant server with OIDC/RBAC, 13-tab dashboard, offline tokens, and topology views. Production-scale operation is not claimed.
Capsule knowledge graph
KuzuDB-backed KG for query, audit, and entity workflows. CLI and dashboard panels shipped v0.29–v0.31. Tier 2/3 features in progress.
Governance + compliance exports
Risk classification, audit profiles (EU AI Act, NIST, GDPR, SOC2, NIS2), cost reporting, and evidence exports. Experimental workflows — not legal guarantees.
The core open problem: given an AI-agent run, can we produce a verifiable certificate that another researcher can independently verify? NovaFabric explores sealed capsules as the atomic unit of evidence, with DSSE signing and RFC 3161 timestamping. We are actively investigating: (1) capsule deduplication at scale, (2) semantic equivalence for replay validation, (3) lineage graph query languages for provenance forensics.