ΘΕΜΙΣ: A Cryptographically Verifiable Governance Ledger for Auditable Decision Systems
ΘΕΜΙΣ interposes a verification gate and an append-only, hash-linked, Ed25519-signed ledger between decision engines and consequential actions. A neurosymbolic firewall checks policies via SMT. A PII gateway enforces egress rules. Four security properties (tamper-evidence, non-repudiation, append-only integrity, audit completeness) are formalised and proven.
Figure 1. The ΘΕΜΙΣ pipeline. Outputs from the decision engine, compliance firewall, PII gateway, and executor are sealed into the append-only ledger. Firewall verdicts of 'obligations unmet' route to human review. An external verifier can audit the ledger independently.
The accountability gap
Agentic AI in regulated sectors faces a structural problem: decisions emerge from stochastic models whose outputs are difficult to justify or verify post-hoc. Auditors, regulators, and customers need cryptographic guarantees, not screenshots.
ΘΕΜΙΣ is the governance layer for Helios decision platforms. It interposes a verification gate and an append-only ledger between every decision engine and every consequential action. The ledger binds inputs, model identity, policy verdicts, uncertainty certificates, and human review status into immutable, hash-linked, signed records.
The hash-linked ledger
Every decision is committed to the ledger as a record d_i, whose fields are committed via a Merkle root c_i. The ledger head r_i extends the previous head by hashing in the new commitment and metadata, then signing the result with an Ed25519 key.
Verification properties
Four properties are formalised and proven against a standard threat model: tamper-evidence (any modification breaks the chain), non-repudiation (signatures bind the issuer), append-only integrity (entries cannot be reordered or deleted), and audit completeness (every consequential action has a corresponding ledger entry).
Verification reduces to three independent checks: a chain integrity check, a signature verification, and a fork detection against the last anchored head.
Compliance firewall and PII gateway
Between engine and ledger sits a neurosymbolic firewall. Policies compile to SMT constraints. The solver returns either a satisfaction certificate or an unsatisfiable core, which names the violated obligations and routes the decision to human review.
A PII gateway enforces data egress rules: which fields can leave the trust boundary, in what form, to which downstream service. Egress decisions are themselves sealed into the ledger.
Verifiable metering
Because every governed decision is sealed into the ledger, the count of governed decisions becomes itself verifiable. ΘΕΜΙΣ doubles as a billing primitive that customers, auditors, and the platform can independently confirm. No invoice can be inflated, no decision can be deleted.
Papadopoulos, L. (2026). ΘΕΜΙΣ: A Cryptographically Verifiable Governance Ledger for Auditable Decision Systems. Helios Brain, HB-TR-2026-02.
