Compliance Quickstart | d3cipher Documentation

This guide is for you if your title includes words like Compliance, Risk, Audit, or Governance and someone just told you the company is deploying AI agents. You need to know what LockStock does, how to set it up, and what to tell the regulators.

You do not need to write code. You do need a web browser and about 30 minutes.

What You're Setting Up

LockStock creates an immutable, cryptographic audit trail for every action your AI agents take. Think of it as a tamper-evident flight recorder: every prompt sent, every response received, every tool invoked — all logged in a hash chain that cannot be rewritten after the fact.

When a regulator asks "how do you know what your AI did on Tuesday at 3pm?", the answer is: "We have a mathematically verifiable record. Here's the proof."

Setup

1Create Your Account 5 min You

Go to d3cipher.ai/dashboard
Click Sign Up
Enter your work email and create a password
You'll receive a welcome email with four credentials:
- Admin Key (lsk_admin_*) — full dashboard access, agent provisioning
- Gateway Key (lsk_gateway_*) — goes in the container, stamp-only access
- Registry Username + Registry Token — for pulling Docker images
Save all four in your password manager immediately. They are shown once.

What just happened: You created a tenant account. All agents you register will belong to this account, and all audit logs will be scoped to you. No one else can see your data.

2Register Your Agents 5 min per agent You

For each AI agent your organization runs, you'll create a registration in the dashboard:

In the dashboard, click Provision Agent Card
Give the agent a name that your team will recognize (e.g., customer-support-bot, document-classifier)
Select which task types this agent is authorized to perform
Click Create
Copy the Genesis Token that appears

Important:

The genesis token expires in 24 hours and can only be used once. If it expires before your engineering team uses it, simply delete the agent and create a new one. This is a security feature, not a bug.

Send the genesis token and agent name to whoever manages the AI agent's infrastructure. They will use it in Step 4. You do not need to do Step 4 yourself (but you can if you want to).

3Hand Off to Engineering You → Engineering

Send your engineering team this message (copy and paste is fine):

We need to add LockStock audit logging to [AGENT NAME].

I'll send you these credentials via secure channel:
- Admin Key (lsk_admin_*) — you need this for setup
- Gateway Key (lsk_gateway_*) — goes in the container
- Registry Username + Token — for pulling Docker images

Setup steps:
1. Follow the welcome email or https://d3cipher.ai/docs-gateway-quickstart.html
2. Install Liberty (secrets manager): pipx install liberty-secrets
3. Store the credentials in Liberty, pull the images, extract the CLI
4. Activate the agent I provisioned:
   lockstock-gateway activate --agent "[AGENT_ID]" --token "[GENESIS_TOKEN]"
5. Start the gateway: lockstock-gateway start
6. Point each agent at http://localhost:4000 instead of the AI provider

Full guide: https://d3cipher.ai/docs-gateway-quickstart.html

No code changes to the agents. Should take about 20 minutes.

That's it. The engineering work is a configuration change, not a rewrite. The full guide walks them through every step.

4What Engineers Do (For Your Awareness) 15 min Engineering

You don't have to do this step. This is what happens on the engineering side, so you know what to expect:

Install Liberty (secrets manager) and store the credentials you sent them
Pull the Docker images using the registry credentials
Activate the agent you provisioned using lockstock-gateway activate
Start the gateway with lockstock-gateway start

Change one environment variable on each agent:

# Point agents at the gateway instead of directly at the provider
OPENAI_BASE_URL=http://localhost:4000      # OpenAI agents
ANTHROPIC_BASE_URL=http://localhost:4000   # Anthropic / Claude agents

Every API call the agent makes is now stamped, encrypted, and logged

Zero code changes to the agent itself. The d3cipher Gateway sits between the agent and the AI provider (OpenAI, Anthropic, etc.) as a reverse proxy. The agent doesn't know it's being audited.

5Verify It's Working 5 min You

Once engineering confirms the agent is running with LockStock:

Go back to your dashboard
Click on the agent's card
You should see:
- Sequence number incrementing (each action advances the count)
- Audit log entries appearing with timestamps and task types
- Hash chain intact (green checkmark, no breaks)

If you see entries appearing, congratulations: you have a working audit trail.

6Prepare for Your First Audit 10 min You

Set up your Account Key for encrypted transcript access:

In the dashboard, go to Settings
Generate or enter your Account Key (64-character hex string)
Save this key in your password manager. It never leaves your browser. We do not have it. If you lose it, encrypted transcripts cannot be recovered.
Go to the Auditor tab in the dashboard
Enter your Account Key
You can now read the full content of every prompt and response your agents have processed

Send your Account Key to your engineering team via secure channel. They need to store it in Liberty (liberty add LOCKSTOCK_ACCOUNT_KEY "...") and restart the gateway for transcript encryption to activate. Without it, the audit trail still works — you just can't read the content of prompts and responses.

Why this matters: Transcripts are encrypted end-to-end. The LockStock server stores the ciphertext but cannot read it. Only someone with your Account Key can decrypt agent transcripts. This is how you prove to auditors that even your vendor cannot access your AI conversations.

What to Tell Regulators

When regulators ask about your AI governance framework, here's what you have:

Immutable Audit Trail

Every AI agent action is logged in a cryptographic hash chain. Each entry is linked to the previous one. Tampering with any entry breaks the chain and is immediately detectable. This is not a database log that someone with admin access can edit — it's a mathematical proof of sequence.

End-to-End Encryption

Full transcripts (prompts and responses) are encrypted before they leave your infrastructure. The audit service stores ciphertext it cannot decrypt. Decryption requires your Account Key, which only your team possesses. Your vendor cannot read your AI conversations.

Anomaly Detection

LockStock monitors agent behavior for anomalies: unusual request velocity, unexpected task types, sequence gaps. A circuit breaker can automatically halt an agent that exceeds defined thresholds. You can enable or disable ML-based anomaly scoring per tenant from the dashboard Settings.

Agent Identity and Authorization

Each agent has a unique cryptographic identity derived from its hash chain. Agents are authorized for specific task types only. An agent authorized for "customer support" cannot suddenly start executing "financial trades" — the system will reject the action and log the attempt.

What LockStock Does NOT Do

Transparency matters. Here's what falls outside LockStock's scope:

Content filtering or moderation: LockStock records what agents do. It does not decide what they should or shouldn't say. Pair it with your content safety layer.
Model selection or prompt engineering: LockStock is provider-agnostic. It works with OpenAI, Anthropic, Azure, open-source models, or anything with an HTTP API. It does not influence which model you use or how you prompt it.
Bias detection or fairness auditing: LockStock proves what happened. Evaluating whether what happened was fair or unbiased requires domain-specific tools. The transcripts LockStock captures can feed into those tools.
Data loss prevention: LockStock logs the content of AI interactions. Preventing sensitive data from being sent to an AI model in the first place requires a DLP layer before the request.

If Something Goes Wrong at 2 AM

Incident Response Checklist

Agent misbehaving? The circuit breaker may have already stopped it. Check the dashboard for "CIRCUIT_BREAKER_TRIPPED" entries in the audit log.
Need to stop an agent immediately? Click Lock on the agent in the dashboard. The gateway blocks all subsequent requests instantly. No restart needed.
Need to prove what happened? Open the Auditor tab, enter your Account Key, and export the decrypted transcript for the time range in question. The hash chain proves the transcript hasn't been modified.
Regulator requesting records? Export the audit log (JSON) from the dashboard. For encrypted transcripts, use the Auditor tab with your Account Key. Both are self-service.
Suspect the audit trail was tampered with? Run chain verification from the dashboard. Any break in the hash chain will be flagged. A verified chain is mathematical proof of integrity. For formal audits, use the CLI (see below).
Need court-admissible evidence for a time window? Export with: lockstock-audit --from-seq N --to-seq M --format json — each entry carries its chain hash, payload hash, and timestamp. The cryptographic proof is embedded in the data.

Independent Verification

LockStock's audit trail doesn't ask you to trust us. Every chain entry includes a payload hash — a SHA-256 fingerprint of the exact content that was recorded. You can independently verify that the encrypted content matches the hash in the chain, without trusting any of our display code.

CLI Verification (air-gapped audit)

The --raw flag outputs the exact canonical bytes that were hashed into the chain. Pipe them to sha256sum and compare the result to the payload_hash in the audit log. If they match, the content is the same content that was recorded at stamp time.

# Step 1: Get the payload_hash for an entry from the audit log
lockstock-audit --from-seq 500 --to-seq 500 --format json | jq '.[0].payload_hash'
# → "a1b2c3d4e5f6..."

# Step 2: Hash the raw canonical bytes independently
lockstock-audit --from-seq 500 --to-seq 500 --raw | sha256sum
# → a1b2c3d4e5f6...  -

# If they match: the content is intact. No trust required.

Dashboard Verification (quick check)

Open the dashboard → Fleet tab → select an agent → click Verify Chain. The dashboard checks every link in the hash chain and reports any breaks. A passing verification means no entries have been inserted, removed, or reordered since the chain was created.

What this proves to a regulator: The audit trail is not a database that an administrator could quietly edit. Each entry is cryptographically linked to the previous one. Changing any entry breaks the chain — and the break is detectable by anyone with the Account Key, without needing access to d3cipher's infrastructure.

Glossary

Hash chain: A sequence where each entry includes a fingerprint of the previous entry. Changing any entry invalidates everything after it.
Payload hash: The SHA-256 fingerprint of a stamp's canonical content. Stored in the chain alongside the encrypted content. Used for independent verification: if SHA-256(decrypted content) == payload_hash, the content is intact.
Genesis token: A one-time code that creates an agent's identity. It is destroyed after use and cannot be reused.
Account Key: Your master decryption key for reading encrypted transcripts. Store it in a password manager. We do not have a copy.
DEK (Data Encryption Key): A per-agent key that encrypts transcript content. Wrapped (encrypted) by a key derived from your Account Key. The server stores only the wrapped form — it cannot decrypt transcripts.
Stamp: A single audit entry. Contains: agent ID, task type, sequence number, timestamp, hash of the previous stamp, and hash of the content.
Circuit breaker: An automatic safety mechanism that halts an agent if it behaves abnormally (too many requests, unexpected patterns).
Middleware: Software that sits between your agent and the AI provider. It observes and logs traffic without changing it.

Next Steps

Developer Quickstart — share this with your engineering team
API Reference — full technical documentation
Open Dashboard — start setting up your agents
hello@d3cipher.ai — questions, enterprise plans, or audit prep support