Question 1

What is Daylite?

Accepted Answer

Daylite is a self-hosted Rust appliance that generates cryptographic evidence of every AI agent action. It produces tamper-evident, regulator-admissible audit trails aligned with NERC CIP-015-1 (US utilities), DORA Article 12 and FINMA 08/2024 (EU and Swiss financial services), and EU AI Act Annex VIII. Deploys in your VPC, bare-metal server, or air-gapped OT network.

Question 2

How is Daylite different from a service mesh like Solo.io or Tetrate?

Accepted Answer

Service meshes route agent traffic and perform rate limiting. Daylite generates cryptographic evidence of what those agents did. Daylite sits beneath service meshes and agent frameworks as an audit substrate, not as a routing replacement. Solo.io and Tetrate write logs to standard observability stores which are mutable; Daylite creates tamper-evident hash-chain evidence that survives regulator and court scrutiny under Federal Rule of Evidence 901.

Question 3

We already use Vanta or Drata. Why add Daylite?

Accepted Answer

Vanta, Drata, and similar platforms manage compliance workflows and policy documentation. They do not generate runtime cryptographic evidence of agent actions. When a regulator asks you to reconstruct exactly what an autonomous agent did on a specific date, those platforms cannot answer. Daylite produces that evidence pack with signed, append-only cryptographic integrity. The tools complement rather than overlap.

Question 4

What does 'built on FIPS-validated cryptography' mean?

Accepted Answer

Daylite uses AWS-LC, which holds NIST CMVP Certificate #4816 for FIPS 140-3. Daylite itself is not product-certified under CMVP. This distinction matters. Commercial enterprise procurement under SOC 2, HIPAA, FINMA, DORA, or EU AI Act fully accepts library-level validation. FedRAMP High and certain DoD contracts require product-level CMVP validation, which Daylite will pursue post-Series A.

Question 5

How does Daylite work during a NERC or FINMA audit?

Accepted Answer

Your team runs one command to export a cryptographically signed evidence pack aligned with the specific framework (NERC CIP-015-1, DORA Article 12, FINMA 08/2024). The auditor verifies the hash chain offline with the Daylite verify tool, confirms no tampering, and signs off. The evidence format is open, not proprietary, so there is no vendor lock-in for the evidence itself.

Question 6

How does Daylite scale with thousands of agents?

Accepted Answer

Daylite runs as a central control plane with one to three high-availability instances, not as a per-agent sidecar. Agents emit events to the control plane via SDK, proxy mode, or WASM filter. Production target is 100,000 events per second of hash-chain append with sub-millisecond latency. A 5,000-agent deployment uses three control plane instances, not 5,000 sidecars.

Blog