A new open-source project called EPI (Evidence for Portable Intelligence) is tackling one of the nastier problems emerging from the AI agent boom: how do you prove what your autonomous workflows actually did when an auditor shows up months later? The project, spotted on GitHub this week by ClawdBytes readers, packages complete AI execution traces into cryptographically signed .epi artifacts—self-contained forensic containers that can be archived for a decade or inspected on a completely air-gapped machine without any external dependencies.

The Architecture

EPI wraps AI agent runs into a two-layer structure: an EPI1 Envelope containing binary magic bytes, version info, and the payload SHA-256 hash, wrapped around a signed ZIP containing the actual evidence. Inside that sealed package you'll find manifest.json (Ed25519-signed root of trust), steps.jsonl (an immutable execution timeline using prev_hash chaining like blockchain), governance.json (the rulebook governing that specific run), environment.json (host and Python runtime context snapshots), an artifacts directory for preserved raw evidence like AGT bundles, viewer.html (a self-contained offline forensic viewer), and VERIFY.txt with human-readable verification instructions. The whole thing is designed to be emailed to a regulator or archived in cold storage—no API calls, no trusting the producer, no dependency on the original runtime still existing.

Regulatory Compliance Mapping

The timing here isn't accidental. EU AI Act Article 12 explicitly requires providers of high-risk AI systems to maintain logs appropriate to system lifecycle, FDA 21 CFR Part 11 demands tamper-evident audit trails for regulated software, and SOC 2 CC7.2 calls for logging unauthorized activity. EPI maps its evidence artifacts directly to these requirements—steps.jsonl plus environment.json covers EU AI Act Article 12 logging, the sealed .epi format's stability addresses the ten-year technical documentation retention mandate in Article 19, review.json captures human oversight proof for Article 14, and signed steps.jsonl with manifest.json satisfies FDA audit trail requirements. HIPAA non-repudiation of data gets covered by Ed25519 signatures over manifests, while NIST AI RMF risk management docs map to governance.json and analysis.json outputs.

Integrations and Ecosystem

EPI doesn't want to be another siloed tool—it positions itself as a universal evidence layer across the entire AI agent ecosystem. LangChain users can drop in EPICallbackHandler() on ChatOpenAI calls, LiteLLM integrates via callback configuration, Microsoft AGT bundles get imported through an epi import agt adapter specifically designed for regulatory evidence preservation, OpenTelemetry spans convert into signed artifacts with setup_epi_tracing(), and pytest gains automatic forensic evidence generation from failing tests via a pytest --epi flag. The project is also building toward SCITT (IETF) compatibility by producing COSE Sign1 statements suitable for transparency log anchoring, alignment with the emerging AIUC-1 compliance standard for autonomous agent audits under SOC 2 frameworks, CycloneDX SBOM preservation under artifacts/sbom/, and in-toto link file export for execution supply chain verification on the roadmap.

Security Model

The threat model EPI addresses is refreshingly concrete: post-seal tampering gets blocked by SHA-256 file manifest plus Ed25519 signature (both required to verify), evidence replay attacks get mitigated through unique workflow_id generation combined with time-anchored created_at timestamps, and secret leakage during archival gets prevented via automatic forensic redaction of API keys, tokens, and PII. Signature spoofing is blocked by strict enforcement of the ed25519:: format in verification. The verification command epi verify --strict produces a report showing trust level, signature validity, integrity status across all files, prev_hash chain continuity, and known signer identity—giving auditors immediate confidence that what they're seeing hasn't been modified since sealing.

Pilot Program

EPI is actively seeking regulated enterprises to join their founding pilot program. Organizations operating AI agents under EU AI Act, FDA 21 CFR Part 11, or SOC 2 requirements can reach out directly at mohdibrahim@epilabs.org with subject line "EPI Pilot" for hands-on integration support from maintainers, priority roadmap influence based on real compliance needs, and optional founding partner recognition as early adopters. The project emphasizes it's not providing legal advice—whether the enclosed evidence satisfies specific regulatory thresholds remains for auditors and notified bodies to determine—but they're building the packaging standard that bridges between what regulations demand and what current tooling actually produces.

Key Takeaways

  • EPI packages complete AI agent execution traces into tamper-evident .epi forensic containers with Ed25519 signatures
  • The project directly maps its artifacts to EU AI Act Article 12, FDA 21 CFR Part 11, SOC 2 CC7.2, HIPAA, and NIST AI RMF requirements
  • Integrations exist for LangChain, LiteLLM, Microsoft AGT, OpenTelemetry, and pytest with more on the roadmap
  • SCITT (IETF) compatibility positions EPI for emerging transparency log infrastructure requirements

The Bottom Line

This is exactly the kind of unsexy-but-critical infrastructure that has to exist before AI agents can operate responsibly in regulated industries. EPI isn't flashy—it's the boring cryptographic scaffolding that makes autonomous decision-making auditable after the fact. If you're building anything touching compliance, pay attention.