MICKAI
Article · 21 May 2026

The seventeen new Mickai patents, what they add to the substrate

Provenance across generative video and imagery, consent class predicates on cloned voice, type safe document undo, air gap attestation for submarine and classified deployment, per token translation lineage across 450 languages, cryptographic proof of erasure under GDPR Article 17, and replay resistant voice gated action composition. Seventeen new filings at the UK Intellectual Property Office, drafted to the same Form 1 paperset as the existing portfolio, addressed to the regulatory and procurement frameworks the substrate already aligns to.

Author
Micky Irons
Published
21 May 2026
patentsuk-ipoprovenanceconsent-classgdpr-article-17

What seventeen new filings change about the substrate

The core six structural properties of the Mickai substrate (signed at commit, append only and hash linked, externally verifiable, vendor neutral schema, trust domain externalised, gated at the moment of action) are unchanged by the new filings. What changes is workload coverage. Each of the seventeen closes a workload the existing corpus could not fully defend, and each aligns to a published policy framework procurement officers in regulated sectors are required to satisfy. The five groupings below organise them accordingly.

Group one. Provenance across generative pipelines (patents 41, 48, 54, 55)

A signature attached to a generated artefact at the moment of generation is invalidated by every subsequent post processing stage. Conventional pipelines lose the chain of custody at the first resolution change, the first interpolation, the first format conversion, or the first re recording. The four filings in this group close each gap individually and compose into a single end to end provenance pipeline.

Patent 41 (Sovereign 8K Video Provenance Chain Across Upscale and Interpolation) computes a per frame Merkle tree at each stage of the generative video pipeline (text to video, spatial super resolution, optical flow interpolation, encoding), signs the root under FIPS 204 ML-DSA, and emits a stage manifest that hash links the present stage root to the preceding stage root while recording the deterministic stage transform. A verifier walks every output frame back to the originating prompt and localises any tampering to the specific stage and frame.

Patent 48 (Cross-Brain Quorum for Generative Hallucination Detection with Divergence-Triggered Refusal) fires immediately upstream of any provenance claim. Signing a hallucination does not make it true. The invention dispatches the same prompt to N independent brains on operator controlled silicon, computes a pairwise semantic distance matrix under a domain appropriate metric (BLEU and BERTScore for text, CLIP for imagery, AudioCLIP for music, AST edit distance for code, structural similarity for video), and compares aggregate divergence against a per consent class threshold. Below threshold, the artefact and its provenance manifest are signed. Above threshold, no signature is emitted.

Patent 54 (Sovereign Per-Pixel Image Authenticity Verification via Merkle-Tree Signing) computes a Merkle tree whose leaves are cryptographic hashes of individual pixels or non overlapping pixel blocks. The root is signed under hardware attested post quantum signature. A verifier can challenge any individual pixel without trusting the manifest source. Localised tampering (object insertion, face swap, content removal, steganographic injection) is detectable to the pixel block.

Patent 55 (Sovereign Real-Time Streaming AudioSeal for Live Voice Synthesis with Rolling-Window Signatures) closes the live broadcast gap. The invention forms a rolling window signature chain over successive audio buffers, each buffer carrying a per buffer signature binding the buffer hash, the prior buffer's signature, an absolute hardware timestamp, and a speaker identity attestation under FIPS 204. Total signing budget remains under fifty milliseconds per buffer. Live deepfake voice calls that exploit this gap become structurally detectable.

Policy alignment: NCSC AI Cyber Security Code of Practice, AISI evaluation methodology, Cabinet Office PPN on AI Tools.

Group two. Voice and consent (patents 42, 47, 57)

EU AI Act Article 52 and the corresponding UK transparency duties require traceable disclosure of synthetic voice content. The PRS, ASCAP, and SACEM rights databases require provenance traceability for licensed music. Defence and intelligence procurement frameworks require replay resistance against captured operator utterances.

Patent 42 (Sovereign Voice-Cloning Consent-Class Framework with Per-Utterance Attestation) binds every cloned utterance to a specific authorised usage class. The voice print owner registers consent classes from a structured taxonomy (advertising, audiobook, accessibility, legal evidence, broadcast news, in app narration). Each class is materialised as a signed predicate inside the operator bound hardware element. At synthesis time the requested class is evaluated against the predicate, a monotonic use counter, and a class scoped time window. Only on positive evaluation does the hardware element produce a post quantum signature over a per utterance attestation envelope. Out of class invocation produces no signature. The framework discharges Article 52 consent traceability at a cryptographic layer rather than a policy layer.

Patent 47 (Sovereign Music Provenance via Triple Watermark across Waveform, Metadata, and Symbolic Sheet Music) addresses three orthogonal representations of the same musical work. The invention embeds a psychoacoustically shaped spread spectrum watermark in the waveform, a digitally signed metadata watermark in the ID3v2 or BWF iXML frame, and a per note steganographic watermark in the symbolic representation (MusicXML attributes or LSB of MIDI note on velocity). A consistency oracle binds the three under a single signing operation. The filing integrates with PRS, ASCAP, and SACEM rights databases and carries an AI training opt out flag enforceable at dataset ingestion.

Patent 57 (Voice-Gated Multi-Brain Quorum with Replay-Resistant Action Composition) closes the replay window completely. Session scoped voice biometric verification is replayable across actions. The invention composes the action into a canonical payload, computes a SHA3 digest of that payload, captures a fresh voice utterance under a liveness challenge whose challenge phrase is drawn from the said digest, verifies the utterance against a voice print template bound to silicon conformant to the Poseidon root of trust, and dispatches the same composed payload to a configurable quorum of independent brains. The same captured utterance is unusable against any other composed action payload.

Group three. Defence and air gap (patents 52, 56)

Existing TPM and HSM attestation flows assume the device can contact a remote attestation service at first power on. That is impossible in a fully air gapped deployment.

Patent 52 (Sovereign Air-Gap Workstation Bootstrap with Pre-Loaded Audit Anchors) pre loads audit anchors into operator personalised silicon before deployment (a trusted timestamp seed, a public key pin set, a model fingerprint registry, a software bill of materials hash chain) each signed by an issuing authority during a pre deployment signing ceremony. At first power on, the workstation performs mutual attestation with the operator using a voiceprint challenge and commits the bond by burning a one shot fuse in silicon. The workstation operates offline for months, accumulating a locally signed audit chain anchored to the pre loaded seeds. On later reconnection, the chain replays against the issuing authority and becomes regulator verifiable end to end.

Patent 56 (Continuous Air-Gap Attestation Token from Operator-Personalised Silicon) addresses the inverse problem. The claim that a classified, nuclear, or financial Chinese wall workstation was offline during a specified period is currently established by physical audit rather than cryptographic evidence. The invention emits a signed attestation token on a fixed cadence, each token binding the hash of the immediately preceding token, a hardware timestamp, a hardware ingress and egress counter delta read directly from network, PCIe, USB, and wireless interface taps, a hash of the active running process set, and the silicon bound device identity. A regulator can prove with cryptographic certainty that the device emitted, ingested, or transferred no traffic across any defined boundary during any specified subwindow.

Policy alignment: UK defence procurement (Defence Digital, RM6263, MOD Industrial Security Notices), NCSC operational technology guidance, financial regulator Chinese wall requirements, humanitarian frameworks for forward deployed AI.

Group four. Regulatory forgetting (patent 53)

GDPR Article 17 is the inverse of the audit substrate. The substrate proves what the system did. Article 17 requires proof of what the system did not retain. Existing machine unlearning research produces no verifiable proof a verifier can check without re disclosing the erased data.

Patent 53 (Sovereign Multi-Tenant Forgetting with Cryptographic Proof of Erasure under GDPR Article 17) addresses this gap. On receipt of an erasure request, the operator system identifies the dataset fragments belonging to the data subject, computes a Merkle root over those fragments, executes a machine unlearning procedure against a model trained on them, computes a weight delta proof representing the difference between the pre erasure model and the post erasure model, and emits a signed tombstone record under a post quantum key bound to operator personalised silicon. A regulator, the data subject, or a third party auditor can independently verify that the named data has been removed both from the dataset and from the learned model parameters, without ever observing the erased data. The audit chain proves what the system did. The tombstone chain proves what the system forgot.

Group five. Multi modal authenticity (patents 43, 44, 45, 46, 49, 50, 51)

Seven filings extend the substrate into specific multi modal workloads.

Patent 43 (Sovereign Generative Game-World Provenance with Per-Voxel and Per-Object Signing) signs game world content at three nested levels: voxel chunks as Merkle leaves, spawn events carrying object class and generative prompt lineage, and biome level accumulators hash linked into the operator audit record. A regulator, IP clearance counterparty, age rating body, or downstream asset licensee can verify any voxel, any spawned object, and any biome region back to its originating generative prompt.

Patent 44 (Sovereign Code-Synthesis Audit Trail with Line-Level Lineage from Spoken Intent) produces a per line audit trail of source code. For every line, a lineage tuple is constructed (intent hash from the captured operator utterance, plan step hash from the reasoning trace, model identifier, prompt hash, signing key identifier, non falsifiable timestamp) signed under FIPS 204 ML-DSA. An export pipeline emits a regulator grade Software Bill of Materials in SPDX-AI format suitable for IEC 62304, DO-178C, ISO 26262, and IEC 60880.

Patent 45 (Sovereign Multi-Modal Avatar with Per-Modality Watermarking and Cross-Modality Consistency Verification) addresses modality splicing across face, head, voice, and lip sync. Independent cryptographic watermarks are embedded in each modality, derived from a common generative session identifier and an operator bound module lattice key. A consistency oracle verifies all four watermarks identify the same operator and session before the avatar leaves the originating system. Splicing across any pair of modalities is detectable.

Patent 46 (Sovereign Document Composability with Type-Safe Inversion for Retroactive Section-Level Undo) treats every document edit as a typed action carrying a declared inverse, validated against a type system that guarantees the inverse will restore the pre edit state exactly, appended to a hash linked CBOR ledger signed under post quantum signature. Inverting any past action triggers a compensating inverse propagator that emits the minimal sequence of compensating actions necessary to restore the document. The filing integrates with Microsoft Word, Google Docs, and Notion, and provides an eIDAS bridge for qualified signature legal authoring.

Patent 49 (Sovereign Edit-Distance Tracking with Per-Iteration Signed Lineage for Iteratively Refined Generative Assets) produces a regulator walkable lineage of an iteratively refined asset. The system computes an edit distance from the immediately preceding iteration, records the parent child relationship as an edge of an iteration tree, and signs the tree node under post quantum signature. Abandoned branches are retained and signed. A verifier walks from the final artefact back through every accepted and abandoned iteration to the first generation, supporting derivative work copyright clearance and AI output authorship determination.

Patent 50 (Sovereign Generative Design System Provenance with Signed Design Tokens and Accessibility-Tree Lineage) binds every generatively produced user interface to a lineage of design system rules and accessibility attestation. The pipeline emits a design token graph, a component genealogy DAG under atomic design, and an accessibility tree (WAI-ARIA role, accessible name, contrast ratio, focus order, keyboard semantics). A verifier can confirm conformance to a declared design system version and WCAG 2.2 AA without re rendering.

Patent 51 (Sovereign Translation Provenance with Per-Token Bilingual Lineage and Confidence Attestation across Languages) produces cryptographically verifiable machine translation at per token granularity across at least four hundred and fifty living languages. For every output token, a signed lineage record identifies the source tokens via cross attention extraction, carries a softmax derived confidence scalar, and carries an alignment score against a bilingual dictionary. A challenger can challenge any individual phrase offline without re translating the document.

The combined position

Read collectively, the seventeen new filings extend the same six structural properties into the workloads procurement officers in regulated sectors actually need to deploy. The substrate is the same. The workload coverage is wider. The policy alignment is sharper. The combined British AI substrate now covers generative media, voice consent, defence air gap, regulatory forgetting, multi modal authenticity, design system provenance, code synthesis lineage, translation lineage, iterative refinement lineage, and game world provenance, each at sub frame, sub buffer, sub line, or sub token granularity, signed under FIPS 204 ML-DSA in operator controlled silicon, verifiable in any browser tab by a WebAssembly verifier the operator can audit, in a vendor neutral schema under the Open Inter-Vendor Audit Record format.

The next move is institutional. AISI can adopt patent 48 into its evaluation methodology. ARIA can compose patents 52 and 56 with the Safeguarded AI mathematical guarantees. Crown Commercial Service can require OAR equivalent provenance under RM6263 and successors. The Information Commissioner's Office can adopt the tombstone framework of patent 53 as a verifiable expression of Article 17 compliance. The Ministry of Defence can specify continuous air gap attestation under patent 56 for classified workstations. None of these moves requires new legislation. The substrate is filed.

Sources and references

  • Mickai patent portfolio, mickai.co.uk/patents
  • Patent 41, mickai.co.uk/patents/sovereign-8k-video-provenance-chain
  • Patent 42, mickai.co.uk/patents/sovereign-voice-cloning-consent-class-framework
  • Patent 43, mickai.co.uk/patents/sovereign-generative-game-world-provenance
  • Patent 44, mickai.co.uk/patents/sovereign-code-synthesis-audit-trail
  • Patent 45, mickai.co.uk/patents/sovereign-multi-modal-avatar-watermarking
  • Patent 46, mickai.co.uk/patents/sovereign-document-composability-type-safe-inversion
  • Patent 47, mickai.co.uk/patents/sovereign-music-provenance-triple-watermark
  • Patent 48, mickai.co.uk/patents/cross-brain-quorum-hallucination-detection
  • Patent 49, mickai.co.uk/patents/sovereign-edit-distance-tracking
  • Patent 50, mickai.co.uk/patents/sovereign-generative-design-system-provenance
  • Patent 51, mickai.co.uk/patents/sovereign-translation-provenance-per-token-lineage
  • Patent 52, mickai.co.uk/patents/sovereign-air-gap-workstation-bootstrap
  • Patent 53, mickai.co.uk/patents/sovereign-multi-tenant-forgetting-gdpr-article-17
  • Patent 54, mickai.co.uk/patents/sovereign-per-pixel-image-authenticity-merkle
  • Patent 55, mickai.co.uk/patents/sovereign-real-time-streaming-audioseal
  • Patent 56, mickai.co.uk/patents/continuous-air-gap-attestation-token
  • Patent 57, mickai.co.uk/patents/voice-gated-multi-brain-quorum-replay-resistant
  • NCSC AI Cyber Security Code of Practice
  • UK AI Safety Institute, evaluation methodology
  • ARIA, Safeguarded AI programme
  • GDPR Article 17, EU AI Act Article 52
  • FIPS 204 (ML-DSA), NIST post quantum digital signature standard
  • Crown Commercial Service framework RM6263 and successors
  • IEC 62304, DO-178C, ISO 26262, IEC 60880 (regulated software frameworks)
  • WCAG 2.2 AA, WAI-ARIA accessibility standards
  • PRS, ASCAP, SACEM music rights databases
ShareLinkedInXHacker NewsRedditMastodonBlueskyEmail
Originally published at https://mickai.co.uk/articles/seventeen-new-mickai-patents. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles
21 May 2026
Kronos, the cognitive layer that moves work between Mickai brains
Kronos is the operating system layer of the Mickai cooperative. It is not a domain brain. It is the orchestration kernel that moves work between the twenty five domain brains, gates every tool call against operator clearance, signs every decision at commit under FIPS 204 ML-DSA-65, and exports the resulting chain in the Open Inter-Vendor Audit Record format. This article walks through what Kronos is, why it is structurally distinct from the brains it routes between, how it composes with the Poseidon silicon layer underneath, and where the new patents at slots 41 to 57 sit inside it.
21 May 2026
Sovereign provenance across generative pipelines, Mickai patents p41, p48, p54, p55
Four Mickai patents at IPO slots 41, 48, 54, and 55 close the chain of custody across the modern generative pipeline. The audience is technical and security cleared (NCSC analyst, AISI evaluator, MOD acquisition officer). The article walks each filing's specific technical claims in the order the pipeline fires, then shows the integration where the four compose into a single end to end provenance chain that survives the post quantum transition under FIPS 204.
19 May 2026
Poseidon: the silicon substrate brain that runs the rest of the Mickai cooperative on operator-personalised hardware, filed at the UK IPO as patents 53 to 57.
Mickai files patents 53 to 57 at the UK IPO, the Sovereign AI SoC quartet, and introduces Poseidon, the 26th brain in the cooperative. Poseidon is the silicon substrate. The operator personalises the chip at first power-on. The chip attests the host. The SIOS state and audit chain live on the silicon. The distribution endpoint is operator-controlled. Five structural inversions against every prior secure-enclave design. Retail price band GBP 1,500 to 3,000 per unit at general availability.
7 May 2026
Confidence IT named four IT challenges facing UK SMEs in 2025. Underneath all four sits an engineering substrate that does not depend on which Managed Service Provider you choose.
Confidence IT have named four IT challenges facing UK SMEs in 2025: cyber security, compliance, AI adoption, hybrid work. Each is real, each has an MSP-driven operational answer, and each has an engineering layer underneath it where the substrate-level answer is the same primitive: a vendor-neutral signed audit record that survives any one supplier and verifies offline. This piece sits the OAR primitive next to the four challenges and shows where it fits.
See all articles →