I’m Paul, founder of Traceprompt. We’re building an open-source SDK that wraps your LLM calls and generates tamper-proof audit trails, so you can prove who did what, when and with which model.
You can check out the Node SDK (more languages coming soon): https://github.com/traceprompt/traceprompt-node
We built Traceprompt because LLMs are being used everywhere without a clear plan for audit and compliance. From research and discussions with other devs, I often see fintech and healthcare teams manually stitching together API Gateway, CloudWatch Logs and S3 buckets to track prompts/responses and retention. This is both complex and costly as there's little to no proof of immutability. Most current tools (Langfuse, Heliclone etc.) focus on LLM observability; few help generate verifiable evidence for compliance. That’s where we come in.
To add, regulations are also moving in this direction (e.g. the EU AI Act requires logging for certain high-risk systems, HIPAA calls for audit controls and FINRA/SEC rules push WORM-style retention). The goal is to make “prove nothing changed” boring.
Our SDK is simple:
1. BYOK architecture with AWS KMS. We never see plaintext prompts/responses; only you can decrypt. Other KMS providers are on the roadmap.
2. Append-only, hash-chained logs with a public Merkle anchor for independent verification. Repo: https://github.com/traceprompt/open-anchors
3. Audit packs: export CSV rows + proofs (and receipts) when someone asks “what exactly happened on this day and time.” You can also verify the audit packs — if a single byte was altered or a row removed by a bad actor, verification fails.
If "AI audit trails" are on your mind or on your roadmap, I'd love to talk. There are a few ways to start:
1. Checkout the repos: review code, install the SDK and experiment; open issues if anything breaks — https://github.com/traceprompt/traceprompt-node + https://github.com/traceprompt/open-anchors
2. Landing page: https://traceprompt.com — details on integrations and pricing; 7-day free trial (or 2M-token cap).
3. Join our Discord: https://discord.gg/2yUSXDECQk
4. Book a free 30-minute demo call: https://cal.com/traceprompt/traceprompt-intro
We'd love to hear your feedback, so we'll be in the comments! If you're a dev, I am happy to dive into more technical details or answer any questions. If you're in the AI audit and compliance space, please do get in touch as we have lots to learn and uncover :)
Thank you!