I built a cryptographic audit receipt for Claude Mythos (and any AI model) — here's how it works
# python# rust# security# ai
Pulkit SrivastavaAnthropic's Mythos model can autonomously find zero-day vulnerabilities. Their CVD disclosure...
Anthropic's Mythos model can autonomously find zero-day
vulnerabilities. Their CVD disclosure process uses manual
SHA-3-512 hash commitments to prove findings existed.
I built something that automates that in one line of Python.
What AetherProof does
One function call generates a 128-byte Ed25519-signed receipt
that proves:
- What model ran — FNV-1a hash of provider/model ID
- What it produced — hash of the output
- When — cryptographic nanosecond timestamp
- Tamper-evident — flip any byte anywhere → INVALID
python
import aetherproof
receipt = aetherproof.for_anthropic(
"Find vulnerabilities in this binary.",
finding_text,
model="claude-mythos-preview"
)
receipt.save("CVE-2026-001.receipt")
print(receipt.verify()) # True
Try it in 30 seconds
pip install aetherproof
python -c "
import aetherproof
r = aetherproof.for_anthropic('question', 'answer')
print(r.verify()) # True
print(r.pretty())
"
The unusual part — invisible Unicode watermarking
Receipts embed invisibly into any text using Unicode
Private Use Area codepoints (U+E000–U+E0FF).
AI output carries its own audit trail. Works in any language —
Arabic, Chinese, Devanagari, Hebrew, Thai, Japanese all tested.
signed_output = aetherproof.embed(ai_response, receipt.to_bytes())
# Text looks identical. Receipt is inside.
aetherproof.verify_embedded(signed_output) # True
Numbers
187 tests, 0 failures
128/128 byte flips all detected
1000/1000 tamper probes pass
Cross-language: Python generates, Rust CLI verifies
15,446 receipts/sec (Python) · 5,472/sec (Rust)
Why AGPL-3.0
Free for open source. Commercial use needs a license.
This is the compliance layer under your AI stack —
it should be open, auditable, and not vendor-locked.
GitHub
https://github.com/pulkit6732/aetherproof
Built by Pulkit. Feedback welcome.