Block it before it runs.
Prove it to anyone.

Aira enforces your policies and gates every agent action before it executes. Content scanning for text and files, LLM gateway, and compliance evidence when you need them. Every outcome signed with a cryptographic receipt anyone can verify.

Get started →See it live

BlockEvery agent action authorized before it executes. Denied actions never run.

ScanPII, PHI, secrets, prompt injection in text, images, PDFs, and DICOM. Caught before it leaves.

GatewayProxy every LLM call. Policy-checked, content-scanned, receipted. One URL change.

SignEd25519 receipt on every decision. Verify with OpenSSL. No account needed.

ProveOne-click compliance evidence for EU AI Act, DORA, ISO 42001, SR 11-7.

Blocked before execution
agentpayments-agent
actionwire_transfer

Policy violation detected

Send €250,000 to unverified vendor

policyrules + AI + human_approval
rulewire > €50K → require_approval
AI policyunverified vendor → deny
held forcfo@acme.com
decisionDENIED
receipted25519:9c4f...a831
verifyopenssl · no account needed
EU AI ActDORAISO 42001SR 11-7GDPRSOC 2Self-hosted
The platform

What Aira does. End to end.

From agent registration to compliance evidence. Each step has a concrete example of what Aira does — not what it could do.

01Register agents

Who is acting?

Every agent gets a W3C DID — a verifiable identity that follows it across deployments. Key rotation built in. Receipts are tied to a real identity, not just an API key.

Agent identity

agent_idpayments-agent
diddid:web:airaproof.com:agents:payments-agent
keyEd25519VerificationKey2020
statusactive
02Set policies

What are the rules?

Four policy modes, stackable per action type. Deterministic rules for speed. Plain-English AI policies for nuance. Multi-model consensus for high-stakes. Content scanning for sensitive data.

Four modes

Rules<1μs

action_type == "wire" AND amount > 50K

AI policy~2s

Block actions involving personal data

Consensus~5s

3 models vote — 2 REVIEW, 1 APPROVE

Content scan<5ms

NER + 27 regex: SSN, names, credentials

03Route traffic

How does it flow?

The gateway sits between your agents and any LLM provider — OpenAI, Anthropic, Google, Ollama, or any OpenAI-compatible endpoint. Two lines of config. Every call policy-checked, scanned, and receipted. Zero code change.

Gateway setup

# any OpenAI-compatible provider
client = openai.OpenAI(
    **gateway_openai_kwargs(aira_api_key="aira_live_...")
)
04Scan content

What's sensitive?

NER (Microsoft Presidio) catches person names, addresses, dates of birth, medical data. Regex catches SSNs, credit cards, API keys, IBANs. Runs on inputs before the LLM and on outputs after. In-process, <5ms.

Content scan result

us_ssncritical
ner_personwarning
ner_locationwarning
intl_phonewarning
05Approve actions

Who decides?

High-risk actions are held for human review. Approvers get a secure single-use link. The approval decision is Ed25519-signed and embedded in the receipt chain. No action runs without explicit authorization.

Approval flow

actionwire_transfer · €75,000
policyWire transfers > €10K require approval
statuspending_approval
approvercompliance@acme.com
decisionapproved · Ed25519-signed
06Sign outcomes

What happened?

Every action — authorized, denied, or failed — gets an Ed25519 receipt with an RFC 3161 timestamp. The receipt commits the policy decision, scan results, approval chain, and outcome. Universal receipts mean zero audit gaps.

Ed25519 receipt

action_uuidfa81dff6-0d20-47a9-...
statusnotarized
signatureed25519:IRJK2NDu8mXA...
timestampRFC 3161 · freetsa.org
verifyopenssl — no account needed
07Prove compliance

Show the regulator.

Compliance bundles map article-by-article to EU AI Act, DORA, ISO 42001, SR 11-7. Merkle-rooted, signed, sealed. Anyone can verify any receipt at the public endpoint with OpenSSL — no Aira account needed.

Compliance coverage

EU AI ActArticle 12 record-keeping
DORAArticles 17-19 incidents
SR 11-7Model inventory
ISO 42001Control evidence
GDPRHash-only by default
Live demo

Mint a receipt.
Right now.

An AI agent wants to wire €75,000 to a vendor. Watch Aira authorize the action, sign the outcome, and produce a receipt anyone can verify.

Action under reviewidle
action_typewire_transfer
agent_idpayments-agent
amountEUR 75,000.00
recipientvendor_x · DE89 …4321
requested_byclaude-sonnet-4.5
1Evaluate rules + AI policies
2Mint Ed25519 receipt
3Anchor RFC 3161 timestamp
// receipt — ed25519 + rfc3161 { "action_uuid": "····························", "action_type": "wire_transfer", "agent_id": "payments-agent", "decision": "allow", "outcome": "completed", "outcome_details": "Wire ref: TXN-9482", "timestamp_rfc3161": "2026-04-17T14:22:08Z", "payload_sha256": "································································", "signature_ed25519": "································································································································" }
The full stack

Eight chapters.
Read the ones you need.

Most layers work for any code path.

AImarks features that use the model or agent layer.

Chapter I

Policy engine

The rules, AI policies, consensus voting, and content scans that decide what an action can do — before it runs.

1 / 8
01

Rules

Deterministic. Instant. No LLM. Wire transfers over €50K require approval. Data deletion is blocked.

02

AI policiesAI

Plain English policy, evaluated per action by an LLM. Flexible enough for nuanced business logic.

03

ConsensusAI

Multiple models vote. Disagreement holds the action. No single model has the final word.

04

Content scan

PII, leaked credentials, prompt injection — caught on inputs and outputs. Flag, deny, or redact.

Integrations

Any model.
Any agent.

Aira intercepts at the action layer — which LLM your agent runs on, which framework you wrap it in, is up to you.

Models

Anthropic
OpenAIOpenAI
GoogleGoogle
Meta
MistralMistral
DeepSeek
xAIxAI
QwenQwen
MoonshotMoonshot
AWS BedrockAWS Bedrock

Agent frameworks

LangChainLangChain
Vercel AIVercel AI
OpenAI AgentsOpenAI Agents
Google ADKGoogle ADK
AWS BedrockAWS Bedrock
CrewAICrewAI
MCPMCP
Cloud

Managed by Aira

Sign up and start governing in minutes. We handle infrastructure, updates, and signing keys. EU data residency (Frankfurt).

Get started →
Self-hosted

One command. 2 minutes 20 seconds. Your infrastructure.

Single command installs the full stack with auto-TLS, admin account, and health checks. Your signing keys, your database, your network. Same SDK, same features. Nothing leaves your perimeter.

curl -sSL https://get.airaproof.com/install.sh | bashSelf-host guide →
Measured, not marketed

Real numbers from a real machine.

Measured on Apple Silicon, single core, in-process. Excludes network, database, and LLM round-trip. Reproducible.

Receipt mint
0μs
p50 · single core

Policy eval + Ed25519 sign + SHA-256 hash. 10,500 receipts/sec per core.

Gateway overhead
~0ms
on top of LLM call

A typical LLM call takes 1–5s. Aira adds 15ms. Less than 1% overhead.

Self-hosted setup
0s
one command · tested

Empty server to HTTPS dashboard with admin account. Zero config.

Policy eval
0ns
3 rules · p50

Deterministic rule matching. 2M evaluations/sec. No LLM needed.

Content scan
~0μs
6 PII patterns · p50

Regex-based credential and PII detection. 171K scans/sec.

Drift detection
~0μs
KL divergence · p50

Behavioral drift scoring. 889K checks/sec per core.

$ python benchmark.py

Full benchmarks →
Side effect

Compliance comes automatically.

The same audit trail that proves an action was authorized is what regulators ask for. Govern the agent, get the paperwork.

EU AI Act

Article 12 record-keeping is the default, not a bolt-on.

Up to €35M or 7%
DORA

Article 17–19 incident lifecycle + signed major-incident PDFs for ESA submission.

Up to €10M or 2%
SR 11-7

Model inventory, validation, and monitoring come with every receipt.

US banks
GDPR

Hash-only by default. Raw details never stored unless opted in.

Up to €20M or 4%
ISO 42001

Compliance bundles map one-to-one to the required control evidence.

Global
Common questions

Answers,
before you ask.

If something here isn't right for your shape — DM us. We answer.

Yes. authorize() and notarize() are action-level primitives — they don't care if the caller is an AI agent, a webhook handler, an RPA bot, or a deterministic micro-service. The cryptographic receipt is the same. AI agents are our wedge because of EU AI Act and DORA urgency, but the API is general-purpose.

Yes. The entire stack runs on your own Kubernetes cluster — API, policy engine, signing keys, Postgres, everything. Nothing leaves your network. You get the same SDK, the same dashboard, and the same public verify URL scheme. Regulated industries and data-sovereignty use cases run self-hosted by default.

No. Rules and content scans run in-process via the SDK — your sensitive data never leaves your network for the deterministic checks. Only AI policies and consensus voting round-trip to Aira (the LLM has to live somewhere). Self-hosted deployments keep everything on your infrastructure, including the LLM calls.

The SDK supports offline mode — receipts queue locally and sync when the API is back. Your action doesn't block on Aira availability. The cryptographic signature is still valid offline because the keys are in your local SDK process.

Every action produces an Ed25519 receipt with an RFC 3161 timestamp. Give your customer the action UUID — they hit the public verify endpoint, get the signed payload, and verify the signature with OpenSSL or any Ed25519 library. No Aira account needed on their side. That's the difference between 'we have logs' and 'here's mathematical proof.'

Pricing

Simple pricing.
Every feature on every plan.

You pay for volume, not features. One op is an authorize, a case run, a sanitize, a chat message, a compliance bundle, a settlement, or a drift check. Notarizing is free.

Free
€0/mo

Evaluate the platform.

Start free
  • +20 governed ops / month
  • +3 seats
  • +Standard models
  • +BYOK / BYOM
  • +All features
Most popular
Pro
€999/mo

AI agents in production.

Start free
  • +5,000 governed ops / month
  • +Unlimited seats
  • +All standard models
  • +BYOK / BYOM
  • +Email support
Business
€2,499/mo

Compliance at scale.

Start free
  • +25,000 governed ops / month
  • +Unlimited seats
  • +All standard models
  • +BYOK / BYOM
  • +Priority support
  • +99.5% SLA
Enterprise
Custom

Regulated industries, self-hosted.

Contact sales
  • +Unlimited ops
  • +BYOK / BYOM
  • +Dedicated support
  • +99.9% SLA
  • +Self-hosted
  • +SSO / SAML

Pay-as-you-go overage · Pro €0.15 / op (€0.20 per case) · Business €0.08 / op (€0.10 per case) · Free hard-walls at 20 ops · All features on all plans · BYOK / BYOM on all plans

Deploy agents in regulated
production. Prove it.

Two API calls. authorize() before it acts. notarize() after. Everything else is automatic.

Get started free →See it live

No credit card · Self-hostable · Python · TypeScript · REST · MCP