Open-Source TypeScript Ledger Library for AI Inference Compliance

The new open‑source TypeScript library creates an append‑only, tamper‑evident ledger for every AI inference call, satisfying the EU AI Act Article 12 requirement for automatic event recording and six‑month retention.

Why AI inference logging matters in 2024

As high‑risk AI systems proliferate across finance, healthcare, and public services, regulators are demanding proof that every automated decision can be reconstructed and verified. The EU AI Act, which entered force in August 2023, codifies this demand in Article 12: providers must automatically record inference events and retain them for at least 180 days. Without a reliable, tamper‑evident log, companies risk non‑compliance penalties and loss of stakeholder trust.

Developers have traditionally relied on generic application logs, which are mutable, unstructured, and often lack the cryptographic guarantees required by law. The open‑source TypeScript library announced on Hacker News fills this gap by turning every inference into a ledger entry that can be independently audited.

What the TypeScript library does

Built for Node.js environments that use the OpenAI ChatGPT integration, the library acts as middleware around your model calls. It captures the input prompt, model version, output, timestamp, and a SHA‑256 hash that links the entry to the previous one, forming an immutable chain.

The library is deliberately lightweight:

• Written in TypeScript, with zero‑runtime dependencies beyond the Vercel AI SDK.
• Supports storage on Amazon S3, Azure Blob, or local filesystem.
• Provides a CLI for log reconstruction, integrity verification, and coverage analysis.

Key features that ensure EU AI Act compliance

Append‑only tamper‑evident ledger

Each log entry contains a SHA‑256 hash of the current payload concatenated with the previous entry’s hash. This creates a linear chain where any alteration breaks the hash sequence, instantly flagging tampering. While the ledger is not “tamper‑proof,” it is tamper‑evident, meeting the Act’s requirement for trustworthy records.

Automatic 180‑day retention

The library enforces a minimum retention period of 180 days by default. When configured with S3 Object Lock in compliance mode, the storage layer prevents deletion or overwriting, providing a defense‑in‑depth strategy that aligns with both technical and legal expectations.

Seamless middleware integration

By wrapping the model in a single line of code, developers gain automatic logging without rewriting business logic. The middleware works out‑of‑the‑box with the Vercel AI SDK and can be extended to other frameworks such as ChatGPT and Telegram integration.

Cryptographic hash chaining and integrity verification

The CLI command ubos‑log verify walks the chain, recomputes each hash, and reports any mismatch. This process can be automated in CI pipelines, giving compliance officers a daily “integrity health check” dashboard.

Coverage analysis for audit gaps

A built‑in coverage command scans your codebase for inference calls that bypass the middleware, highlighting potential blind spots before regulators ever ask for them.

Practical use‑cases for AI developers

The library is not just a compliance checkbox; it unlocks new capabilities for any team that builds AI‑driven products.

• Financial risk scoring: Reconstruct every credit‑decision inference to satisfy auditors and provide transparent explanations to customers.
• Medical diagnosis assistants: Preserve a tamper‑evident trail of symptom‑to‑diagnosis inferences, supporting regulatory reviews and patient safety audits.
• Content moderation pipelines: Log each moderation decision, enabling rapid forensics when a false positive or negative is reported.
• Enterprise AI agents: Combine the ledger with Enterprise AI platform by UBOS to create audit‑ready autonomous workflows.
• Startup MVPs: Early‑stage teams can ship AI features while automatically meeting EU compliance, thanks to UBOS for startups.

How to access and download the library

The source code lives on GitHub under an MIT license. Follow these steps to integrate it into your project:

1. Install the package via npm:

   npm install @ubos/ai-inference-logger

2. Wrap your model:

   import { inferenceLogger } from '@ubos/ai-inference-logger';
   import { openai } from '@vercel/ai';
   
   const loggedModel = inferenceLogger(openai);
   

3. Configure storage (example for S3):

   loggedModel.configure({
     bucket: 'my‑ai‑logs',
     region: 'eu‑central‑1',
     lockMode: 'COMPLIANCE' // enables Object Lock
   });

4. Run the CLI to verify integrity:

   npx ubos‑log verify --bucket my‑ai‑logs

Detailed documentation, sample projects, and community support are available on the UBOS homepage. For visual learners, the Web app editor on UBOS includes a pre‑configured template that demonstrates the logger in action.

Benefits that extend past legal requirements

While the EU AI Act sparked the creation of this library, its design delivers broader value:

• Debugging made easy: Replay any inference with the exact input and model version, cutting down mean‑time‑to‑resolution.
• Data provenance: Trace the lineage of generated content, essential for copyright and intellectual property disputes.
• Customer trust: Offer transparent audit reports to partners, turning compliance into a competitive advantage.
• Automation readiness: Pair the ledger with the Workflow automation studio to trigger alerts when anomalies appear in the hash chain.

Start building trustworthy AI today

Whether you are a solo founder, a mid‑size SaaS company, or an enterprise engineering team, integrating the open‑source TypeScript logger is a single step toward full EU AI Act compliance and operational excellence.

Explore the full UBOS platform overview to see how the logger fits into a broader AI ecosystem, from data ingestion to model deployment. Need a quick start? Grab a ready‑made UBOS templates for quick start that include the logger pre‑wired.

For marketing‑focused teams, the AI marketing agents can now reference a verifiable inference trail when generating campaign copy, boosting both compliance and conversion rates.

Small‑business owners can review the UBOS solutions for SMBs page to understand pricing, support, and how the logger integrates with existing SaaS stacks. Pricing details are transparent on the UBOS pricing plans page.

Finally, see real‑world implementations in the UBOS portfolio examples. Each case study highlights how organizations turned a compliance requirement into a strategic asset.

Ready to future‑proof your AI applications? Download the library, enable the ledger, and let your logs do the talking.