Why not build this ourselves?

You could build a status endpoint. But a Good Proof Stamp is more than an endpoint—it's a portable proof object + operating system: contract-ready clauses, verification workflow, versioned semantics, auditable access, dispute operations, and Guardian infrastructure. Building the endpoint is 10% of the work; operating defensible verification is the rest.

Can prompt injection bypass a Good Proof Stamp?

Prompt tricks cannot bypass an external reliance gate. Stamp verification is a system-level API call, not an LLM instruction. The verification check happens outside the language model context, the gate is a separate system, and the agent cannot issue, alter, suppress, or self-verify its own Stamp. The proof layer sits outside the model by design.

Is Good Proof a certification?

No. Good Proof is not a blanket certification — it is scope-limited verification. Acceptance depends on counterparty, programme, and contractual requirements. Three explicit carve-outs apply: (a) no warranty of fitness for purpose; (b) limited to programme scope and time of issuance; (c) the consumer of the Status Link assumes the reliance decision.

What happens if the Status Link is down?

Fail-closed semantics: if verification cannot be performed (network unreachable, timeout, error), the default response is NOT VERIFIED. Systems should block or escalate—never assume validity. Optional HA/SLA tiers available for high-volume programmes.

Can you rewrite history?

No. Append-only versioning for all status, scope, and expiry changes. Every change is a logged event. No overwrites. Withdrawal changes current validity but does not erase history—the audit trail remains for disputes, regulators, and counterparty review.

What does NOT VERIFIED actually mean?

NOT VERIFIED means: treat as unverified. Either the Stamp was never issued, verification could not be performed (fail-closed), or access was not granted. Systems should block or escalate—NOT VERIFIED is not a soft warning.

How can counterparties trust without seeing evidence?

Default verification returns status/scope/expiry/signer—minimal disclosure by design. When counterparties need more, programme-gated access provides layered disclosure: auditors, regulators, and authorised parties can request extended fields. All access requests are logged. Proof ≠ payloads.

How do you prevent rubber-stamping / Guardian bias?

Anti-rubber-stamp controls: conflict of interest rules, rotation requirements, sampling audits on approvals, multi-review thresholds for high-risk lanes, and separation of duties (approve ≠ access-grant ≠ withdraw). Guardians produce defensible outcomes, not guaranteed outcomes.

What's your uptime SLA?

99.9% monthly for Status Link verification. If verification cannot be performed, the system fails closed to NOT VERIFIED.

What's your SOC 2 status?

SOC 2 Type II is in progress (target Q3 2026). For procurement today we provide: (1) pen test under NDA, (2) control summary/readiness letter, (3) SIG Lite responses, and (4) DPA on request.

How long is data retained?

7 years for stamps and event logs. Evidence windows are configurable from 30-365 days, with 90 days as the default.

What's included in the Stamp Sprint?

One decision class definition, Status Link verification, IDA Evidence Pack specimen, refresh and withdrawal triggers, contract clause language, and 100 stamps. $35,000, delivered in 30 days.

Can Good Proof operate without a runtime accountability engine?

Yes. Good Proof runs standalone for scoped verification and can integrate external runtime accountability engines later through adapters and conformance checks.

Does engine-agnostic mean lower standards?

No. Integration requires schema mapping, signature normalization, and conformance checks before reliance.

What do Mind Chill Guardians see?

Only what the escalation policy allows. By default, Good Proof uses proof-not-payload receipts. Escalation packets are minimal, redacted, time-bound, and audited. Full payload access is optional and can be kept entirely within the customer's environment.

Do you store sensitive customer data?

Not by default. Receipts store signed evidence metadata and hashes. Sensitive payloads can remain in customer-controlled storage with pointer-based references.

Does Good Proof replace pentesting tools or red team platforms?

No. Good Proof does not perform testing. It provides policy-bound verification, status lifecycle controls, and signed evidence so automated security testing and high-impact tool execution can be trusted and reviewed. Good Proof is the external reliance gate that sits beside testing, not the testing itself.

Good Proof verification tribunal backdrop

No Stamp → No Ship

High-impact actions should not change someone's life without a Good Proof Stamp.

Q: Does Good Proof prove the AI was right?

No. Good Proof does not claim an AI action is perfectly true, permanently safe, or impossible to manipulate. We prove whether a high-impact action was authorised, scoped, evidenced, current, revocable, and safe enough to rely on at the point of consequence. Truth-of-output is a different problem and a different product.

Cryptography proves the receipt.Good Proof proves the reliance state.

Good Proof does not ask you to trust the AI. It gives your systems a live, external reliance check before the AI is allowed to act.

Status Link (live validity) · IDA Evidence Pack (snapshot) · Scope-bound · Expiry-aware · Revocable

VALID

→ proceed

NEEDS REFRESH

→ block until re-verified

WITHDRAWN

→ stop relying

NOT VERIFIED

→ fail-closed

MCP tool use • agentic commerce • money movement • robotics physical autonomyMCP • commerce • money • robotics

Mind Chill Guardians when a lane requires human finality.

Book a Stamp Sprint See How It Works

Scope-limited verification. Not a certification. Acceptance depends on counterparty or programme requirements.

Breaking

EUEU AI Act enforcement begins — high-risk AI systems now require conformity assessments (Feb 2025)│

UKUK publishes AI Safety Institute guidance on frontier model evaluations│

USANIST AI 600-1 released — GenAI risk profiles now standardised│

APACSingapore MAS issues advisory on AI-driven financial decision accountability│

AFRICASouth Africa POPIA enforcement targets automated decision-making systems│

MIDDLE EASTUAE ADGM publishes responsible AI framework for financial services│

EUEU AI Act enforcement begins — high-risk AI systems now require conformity assessments (Feb 2025)│

UKUK publishes AI Safety Institute guidance on frontier model evaluations│

USANIST AI 600-1 released — GenAI risk profiles now standardised│

APACSingapore MAS issues advisory on AI-driven financial decision accountability│

AFRICASouth Africa POPIA enforcement targets automated decision-making systems│

MIDDLE EASTUAE ADGM publishes responsible AI framework for financial services│

Choose your high-impact lane

Start with the decision type you need to defend. Open sector examples or pre-fill a Sprint request.

Claims & Disputes

Insurance claims, hardship, eligibility

Deactivations

Platform bans, account closures

Duty of Care

Prior auth, healthcare, travel safety

Money Movement

Transfers, payouts, refunds

Hiring & Screening

Background checks, adverse actions

Agentic Actions

Tool use, approvals, irreversible actions

RegTech Decision Integrity

Policy-bound verification for regulated workflows

Security Automation

Fail-closed controls for automated security testing

Top lanes shown here. Full sector coverage below.

Engine-agnostic trust rail·Standalone from day one
·Integrate external accountability engines

Not listed? Book a Sprint call

Proof you can forward internally

Stamped IDA Specimens

Kill Switch Flow

Contract Clause Pack

Stamp Spec

Founder's Note

Why we built Good Proof

High impact decisions do not stay internal.

They get challenged later by auditors, regulators, counterparties, and the public.

When liability lands on a person or institution, "the system decided" will not survive.

Good Proof turns "trust us" into "check it."

Authoritative now

A Status Link that updates when conditions change.

Fileable then

An IDA Evidence Pack for procurement and disputes.

Human when required

Mind Chill Guardians for edge cases.

"We built products used by millions, then watched 'trust us' fail when decisions were challenged."

— Jamie (Mind Chill) + the Mind Chill Guardians

LinkedIn•17,225+ followers

Book a Stamp Sprint →

Good Proof Robot showing FAIL - why automations fail without proper verification

The Problem

Why automations fail in the real world

AI fails when workflows are vague and oversized. Good Proof breaks high-impact autonomy into defined decision classes.

Context

Scope boundaries. Evidence windows.

Logic

Refresh rules. Withdraw triggers.

Duty-of-care

Human finality when required.

Honest by design

What Good Proof does not claim

Good Proof does not claim an AI action is perfectly true, permanently safe, or impossible to manipulate. AI models change. Prompts drift. Tools fail. Context can be incomplete. Prompt injection can manipulate agents. Evidence can become stale. Good Proof exists because of that.

Verifiable

Cryptographically anchored. Independently checkable.

Scope-stated

Bound to a defined action class and programme scope.

Time-bound

Expiry-aware, refresh-aware, revocable on change.

Good Proof proves whether a high-impact action was authorised, scoped, evidenced, current, revocable, and safe enough to rely on at the point of consequence.

A Status Link you can actually rely on.

Most governance fails when proof needs to travel. A Good Proof Stamp gives you a single Status Link that survives:

Disputes

A defensible audit trail.

Procurement

Proof that travels outside your perimeter.

Agentic Security

Structural constraints beat prompts.

Stamp ID

A reference your contracts, tickets, and UIs can cite.

Status Link

The authoritative, auditable source of current validity within scope.

Refresh / Withdrawal

Append-only versioning. When conditions change, status changes—history remains.

verify.goodproof.mindchill.ai response

Default verify response fields

statusVALID / NEEDS REFRESH / WITHDRAWN / NOT VERIFIED

scopeAction class and boundaries

expires_atValidity window

verified_atTimestamp of verification

signerSigning authority reference

No portal. No system login. Verification happens at verify.goodproof.mindchill.ai and fails closed by default.

Don't trust links. Type mindchill.ai/official to verify.

Excluded by default: prompts, logs, PII, internal identifiers. Programme-gated access available for authorised verifiers.

What the Stamp binds to

13 fields, cryptographically bound.

Every Good Proof Stamp commits to 13 fields. Change any one of them and the Stamp must be re-verified or withdrawn. Below are 4 of the 13 — see the full list on /how-it-works.

action class

What kind of high-impact action this Stamp permits

model version

The exact model snapshot bound at issuance

expiry

Validity window — outside it, the Stamp must be re-verified

revocation status

Whether the Stamp is live, revoked, or pending withdrawal

See all 13 fields

How it works

Stamp → Status Link → Verify.That's the whole standard.

Define high-impact action classes

Hardship, eligibility, irreversible actions, overrides, high-value transfers. Material-change triggers + evidence windows.

Require a Stamp

No Stamp (or NOT VERIFIED / NEEDS REFRESH) → block or escalate. Fail-closed by design.

Counterparties verify by link

They check status + scope + expiry without needing your internal systems. Signed responses available.

Guardians step in when required

Edge cases, exceptions, disputes—scoped human finality with anti-rubber-stamp controls.

You don't buy another dashboard. You buy a contract-ready gate that makes high-impact autonomy shippable.

Live Status States

Fail-closed verification states for high-impact decisions

VALID

→ proceed

NEEDS REFRESH

→ block until re-verified

WITHDRAWN

→ stop relying

NOT VERIFIED

→ fail-closed

VALID = valid within scope under lane rules. Not a guarantee of outcome correctness.

Full status semantics

Trust Model

Structural constraints, not trust assumptions.

Fail-closed

Unreachable = NOT VERIFIED.

Minimal disclosure

Prompts, logs, PII excluded by default.

Signed responses

Programme-scoped cryptographic verification.

Security model Privacy model Agentic Security Kill Switch

Agentic AI safety

When AI executes tools, the gate must be verifiable — and revocable in seconds.

No Stamp → No Ship · Fail-closed · Machine-checkable

Enforceable gate path

Action attempts

Agent triggers gated action

Gate checks

Status Link verified

VALID → proceed

Within scope, execute

WITHDRAWN → block

Revoked at source

Gate response

status:"VALID"

scope:"tool_execution:high_impact"

expires_at:"2026-06-15T00:00:00Z"

verified_at:"2026-01-08T14:32:00Z"

Fail-closed: unreachable = NOT VERIFIED → block or escalate

Book a Stamp Sprint Open Kill Switch Flow

Interoperability

Works with runtime accountability engines.
Works without them too.

Good Proof can run as your primary verification layer or ingest evidence from external runtime engines. We normalize evidence into procurement-ready reliance.

Common Evidence Schema

Normalized fields for status, scope, signer, evidence window, and trace references.

Adapter Interface

Integrate external engines through a stable adapter contract.

Conformance Tests

Verify consistency before relying on integrated evidence.

Portability and Customer Control

Exportable records and verifier portability reduce lock-in risk.

View Verify API Partner with us

Federated Trust

Independent witnesses and quorum by risk lane

High-risk reliance should not depend on a single party. Good Proof supports independent witness models and quorum policies.

Independent Witnesses

Multiple verifiers can attest to the same evidence, removing single-party dependency.

Quorum by Risk Class

Higher-risk lanes can require multiple confirmations before reliance proceeds.

Conflict Handling

When witnesses disagree, escalation rules determine resolution path.

Tamper-Evident Event Trail

Every attestation, withdrawal, and status change is logged immutably.

Book a Stamp Sprint Learn about Guardians

Good Proof is scope-limited verification, not blanket certification.

Verify API

Verify Stamps at scale: status lookups, webhooks, access requests, signed responses (programme-scoped).

See Verify API Request Verify Access

Forwardable to Legal & Procurement

Procurement Kit

Everything your legal and procurement teams need.

PDFs for filing · Status Links stay current · One email to forward

IDA Specimens

Stamped & redacted evidence packs

Contract Clauses

Pre-negotiated clause language

Kill Switch

Instant revocation flows

Verify API

Machine-readable status

Email me the pack

Browse Specimens

SOC 2 required? Ask for the Bridge Pack.

IDA Evidence Pack

Stamped & Verified

stamp_id:████████

issued_at:████████

decision_class:████████

evidence_window:████████

VALID

Forwardable

Mind Chill Guardians - A global network of diverse human reviewers

Mind Chill Guardians(only when required)

Programme-authorised human finality for the edge cases.

Conflict-checked · Rotation-based · Audit-traceable

Conflict rules

Rotation

Multi-review

How Guardians work

Why Mind Chill exists

AI is learning from clicks. Good Proof forces decisions to prove what they're based on, without dumping sensitive data.

AGI won't save us.

It knows what we click on, not what we care about.

Jamie, Mind Chill

Large models absorbed the open internet: genius and grief, but also scams, outrage, and performance. When the inputs get synthetic, the outputs don't just get wrong — they get confidently wrong.

What we do about it: scope-bound verification + fail-closed gates for high-impact actions.

Good Proof is the gate. Mind Chill is the human layer behind it: lived experience that makes the standard real.

Book a Stamp Sprint View Stamped IDA Specimens

One standard gate. Every sector.

High-impact action classes defined by lane. Material-change triggers + evidence windows.

Hardship / Duty of Care

Life-impact decisions with evidence windows

Irreversible Actions

Closures, bans, disconnects, denials—appealable by link

Insurance / Disputes

Evidence that survives hostile review

Incident Closure

Board / insurer / regulator scrutiny with audit trail

Procurement Claims

Vendor assurance without oversharing. Minimal disclosure.

Agent Permissions

Scope-bound authority. Short-lived. Revocable.

Example high-impact action classes (lanes)

Hardship determinationsEligibility decisionsHigh-value transfers (>threshold)Account closures / bansOverride approvalsClaims adjudicationBatch release exception / disposition

Same gate. Same Status Link. Different lane.

Who Buys a Good Proof Stamp?

Different roles, same need: verifiable gates for high-impact AI actions.

CISO / Security

Gate agent actions at the security boundary

Gate agent tools

Procurement / Legal

Contract-ready clauses for AI verification

Get contract clause pack

Risk / Insurance

Reduce disputes with verifiable decisions

Reduce dispute cost

Product / AI

Ship autonomous features with safety gates

Ship autonomy safely

Compliance / Audit

Exportable proof for regulators and auditors

Export audit proof

Trust & Safety

Verifiable enforcement for platform safety actions

Gate enforcement actions

Policy Ops

Auditable AI governance and policy enforcement

Enforce policy gates

Legal / GC

Contract-grade evidence and clause packs

Get contract evidence

PR & Comms

Defensible trust claims for public narratives

Build trust narrative

Start where decisions get challenged.

High-impact AI decisions exist in every industry. Live status makes them verifiable.

Featured

Claims & Disputes

Insurance

If a claim decision can't survive a dispute, it isn't shippable.

DvP & Custody

Finance

No Stamp → No Ship for money movement + tokenised settlement.

Irreversible Actions

Platforms

Bans/closures require an appealable Status Link.

Duty of Care

Healthcare

Ops decisions need scoped human finality.

Eligibility & Appeals

Government

Appealable decisions by link.

Quality + Patient Safety

Pharma

Validated change, batch release, and safety triage you can defend.

Hiring & Screening

HR

High-impact screening decisions you can defend.

Also used for protocols & rails

MCP tool use • Agentic commerce (UCP) • AI ad integrity • Voice & wearables integrity • Tokenised settlement • Quantum readiness

See Protocols & Rails

View All Sectors

Start with one lane

30-day Stamp Sprint → prove it works → expand when counterparties rely on the Status Link.

Book a Stamp Sprint View Pricing

Frequently Asked Questions

Questions a sceptical buyer, competitor, or regulator would ask.

Stamped IDA Evidence Packs (Redacted)

See what a Stamp looks like in production—without the sensitive data.

Some programmes show a "Ledger-anchored" badge with a reference link for change events.

View all IDA specimens

OUR MOAT

We Care Defensibly

A Global Human Layer

Our Mind Chill Guardian Story

A global human layer that software can't fake.

When liability lands on a person, the sign-off should too.

Conflict-checked · Rotation-based · Audit-traceable · Programme-scoped

From calming minds to defending outcomes

Mind Chill began in 2017 as immersive art built to reduce anxiety and create calm at scale. Then the same feeds that buried calm and rewarded outrage started training the systems that now make real decisions. We didn't want more rhetoric. We wanted receipts.

The moment it clicked

A message arrived: someone's child felt safer because of what they experienced. Around the same time, lived experience inside our own community made one thing obvious: the nuance that matters in high-impact decisions can't be reliably reduced to a prompt. So we designed a human layer for the edge cases—structured, scope-bound, and auditable.

Guardians are not a "panel." They're a network.

Mind Chill Guardians come from different countries, backgrounds, and lived realities. That diversity is not branding—it's risk reduction. It makes decisions harder to game, easier to challenge, and more credible under scrutiny. Guardians do not "run the system." They review only what the lane requires humans to own.

Receipts over rhetoric

Operational Guardians plug into Good Proof lanes as a controlled finality mechanism: conflict checks, rotation, multi-review where required, and an audit trace tied to a Status Link. Minimal disclosure by default. If a decision is appealed months later, you can show what happened, within scope, without dumping sensitive payloads.

Why buyers choose Guardians

Lived experience at the edge cases (not a generic helpdesk)

Conflict-checked + rotation-based (anti-rubber-stamp by design)

Multi-review on high-risk lanes (when the programme requires it)

Audit-traceable outcomes (defensible in disputes, audits, procurement)

Minimal disclosure by default (proof, not payloads)

Add Guardian Desk to a Stamp Sprint See how escalation works

Not a certification. Scope-limited verification. Acceptance depends on counterparty/programme requirements.

Latest Updates

Today's Featured News

The latest on AI verification, regulatory developments, and how organisations are building trust into high-impact systems.

Agentic AI16 Apr 2026

Better AI Will Create Better Mistakes. That Is Good News for Good Proof.

Claude Opus 4.7 is not bad news for Good Proof. It is the market admitting the real problem has moved. Once models get good enough to act with confidence, the expensive part is no longer generating the answer. It is defending the outcome, handling the dispute, containing the blast radius, and avoiding weeks of rework when the machine was confidently wrong. That is where Good Proof starts.

Regulatory23 Mar 2026

The Boardroom Trap in AI Governance | Good Proof™

The EU AI Act is not a distant compliance story. Its staged rollout is already changing what boards need to know, prove, and control. By August 2026, the winners will not be the companies with the best AI principles slide. They will be the ones that can show evidence of control.

Regulatory27 Feb 2026

Your Ban Queue Is Now a Transparency Database

The EU DSA turned bans and restrictions into regulator-readable artifacts through Statements of Reasons and the DSA Transparency Database. That makes enforcement a proof problem: who authorised it, what was in scope, what was true then, and whether reliance should still stand today

View all news

Make high-impact AI shippable.

Define your high-impact action classes. Require the Stamp. Let the Status Link do the rest.

Book a Stamp Sprint

View Stamped IDA Specimens

High-impact actions should not change someone's life without a Good Proof Stamp.

Cryptography proves the receipt.Good Proof proves the reliance state.

Good Proof does not ask you to trust the AI. It gives your systems a live, external reliance check before the AI is allowed to act.

Status Link (live validity) · IDA Evidence Pack (snapshot) · Scope-bound · Expiry-aware · Revocable

VALID

→ proceed

NEEDS REFRESH

→ block until re-verified

WITHDRAWN

→ stop relying

NOT VERIFIED

→ fail-closed

MCP tool use • agentic commerce • money movement • robotics physical autonomyMCP • commerce • money • robotics

Mind Chill Guardians when a lane requires human finality.

Scope-limited verification. Not a certification. Acceptance depends on counterparty or programme requirements.

What Good Proof does not claim

Verifiable

Cryptographically anchored. Independently checkable.

Scope-stated

Bound to a defined action class and programme scope.

Time-bound

Expiry-aware, refresh-aware, revocable on change.

Good Proof proves whether a high-impact action was authorised, scoped, evidenced, current, revocable, and safe enough to rely on at the point of consequence.

A global human layer that software can't fake.

When liability lands on a person, the sign-off should too.

Conflict-checked · Rotation-based · Audit-traceable · Programme-scoped

From calming minds to defending outcomes

The moment it clicked

Guardians are not a "panel." They're a network.

Receipts over rhetoric

Why buyers choose Guardians

Lived experience at the edge cases (not a generic helpdesk)

Conflict-checked + rotation-based (anti-rubber-stamp by design)

Multi-review on high-risk lanes (when the programme requires it)

Audit-traceable outcomes (defensible in disputes, audits, procurement)

Minimal disclosure by default (proof, not payloads)

Not a certification. Scope-limited verification. Acceptance depends on counterparty/programme requirements.

High-impact actions should not change someone's life without a Good Proof Stamp.

Choose your high-impact lane

Why we built Good Proof

Why automations fail in the real world

What Good Proof does not claim

A Status Link you can actually rely on.

Stamp ID

Status Link

Refresh / Withdrawal

Default verify response fields

13 fields, cryptographically bound.

Stamp → Status Link → Verify.That's the whole standard.

Define high-impact action classes

Require a Stamp

Counterparties verify by link

Guardians step in when required

Live Status States

Trust Model

Fail-closed

Minimal disclosure

Signed responses

Action attempts

Gate checks

VALID → proceed

WITHDRAWN → block

Works with runtime accountability engines.Works without them too.

Common Evidence Schema

Adapter Interface

Conformance Tests

Portability and Customer Control

Independent witnesses and quorum by risk lane

Independent Witnesses

Quorum by Risk Class

Conflict Handling

Tamper-Evident Event Trail

Verify API

Procurement Kit

Why Mind Chill exists

Trained on noise, scales noise

Impersonation is now a product

You can't patch a broken incentive system

One standard gate. Every sector.

Hardship / Duty of Care

Irreversible Actions

Insurance / Disputes

Incident Closure

Procurement Claims

Agent Permissions

Example high-impact action classes (lanes)

Who Buys a Good Proof Stamp?

CISO / Security

Procurement / Legal

Risk / Insurance

Product / AI

Compliance / Audit

Trust & Safety

Policy Ops

Legal / GC

PR & Comms

Start where decisions get challenged.

Insurance

Finance

Platforms

Healthcare

Government

Pharma

HR

Start with one lane

Frequently Asked Questions

Why not build this ourselves?

Does Good Proof prove the AI was right?

Can prompt injection bypass a Good Proof Stamp?

Is Good Proof a certification?

What happens if the Status Link is down?

Can you rewrite history?

What does NOT VERIFIED actually mean?

How can counterparties trust without seeing evidence?

How do you prevent rubber-stamping / Guardian bias?

What's your uptime SLA?

What's your SOC 2 status?

Works with runtime accountability engines.
Works without them too.

Works with runtime accountability engines.
Works without them too.