L4 Per-Boundary governanceⓘ
Jurisdiction-specific rule set enforced at the Adapter Gateway.
Run a scenario to see Boundary enforcement.
L12 Signed evidence bundle
Two-party Ed25519 · FuzeBox + rPotential · verifiable against published keys.
Run a scenario to produce an attestation.
Policy packs
Loaded at the Governance Service; applied per Boundary.
EU AI Act · Annex III high-risk
eu_ai_act_high_risk
GDPR · personal-data processing
gdpr
SOC 2 · Trust Services Criteria
soc2
Germany · §87 BetrVG works-council
germany_works_council
France · Code du travail / CSE
france_labor_code
APAC · PDPA data localisation
apac_data_localization
FuzeBox AEOS · Governance baseline
aeos_governance_edition
UNECE · WP.29 automotive cybersecurity
wp29
Two-party attestation
Why two signatures: FuzeBox attests the decision trace; rPotential attests the workforce signal that drove it. Both keys must verify for an audit to accept.
Ed25519
SHA-256 integrity hash
per-tenant key rotation
EU AI Act Article 14 format
GDPR export
SOC 2 control log
WP.29 CSMS