MICKAI
Article · 13 June 2026

What a Verifiable Record Actually Costs

Two ledgers, one invoice nobody sends, and the honest price of being able to prove what your AI did

What a Verifiable Record Actually Costs
Author
Micky Irons
Published
13 June 2026
Follow Micky Irons
LinkedInX
verifiable AIaudit recordAI governance economicspost-quantum cryptographyEU AI Act

Start with the invoice nobody sends

There is a line item that never appears on any budget. Call it the cost of not being able to prove what your artificial intelligence (AI) systems did. It does not show up in a procurement spreadsheet. No vendor quotes it. No board paper has a row for it. And yet it is the most expensive thing most organisations now carry, because it sits as a contingent liability against every automated decision they make, growing quietly until the day someone asks a question you cannot answer.

I run Mickai, a Sovereign Intelligence Operating System (SIOS) that is built and in production. I spend my days thinking about exactly this gap, so I want to do something unfashionable in this market and price it honestly. Not the marketing price. The real one. What does a verifiable record of AI activity actually cost to build and run, and what does the alternative cost when it goes wrong? Both numbers are real. Most people only ever pay one of them, and they pay it at the worst possible moment, with no warning and no chance to prepare.

The two ledgers

Every organisation running AI keeps two ledgers, whether or not it admits to the second one. The first is the visible ledger: compute, licences, engineers, the model bill at the end of the month. This is the number everyone optimises, because it arrives on time, in a familiar format, with a clear owner. The second is the invisible ledger: the accumulated cost of every action your systems took that you cannot reconstruct, attribute, or defend. This second ledger has no monthly statement. It is settled in lump sums, triggered by an incident, a regulator, a lawsuit, or a customer who simply will not take your word for it.

The trap is that the visible ledger is denominated in small, frequent, predictable payments, and the invisible one in rare, enormous, unpredictable ones. Human beings are very bad at this shape. We will spend a year shaving a few percent off the compute bill while sitting on an unprovable-incident liability that could end the company. A verifiable record is, at its heart, a way of moving cost from the second ledger to the first. You pay a small, known, recurring amount so you never have to pay the large, unknown, catastrophic one. That is the entire economic argument, and the rest of this piece is just doing the arithmetic carefully, because the arithmetic is where the intuition usually fails.

What the verifiable side actually costs

Let me not hide behind abstraction. A real, signed, tamper-evident record of AI activity has a genuine cost structure, and I would rather you hear it from a builder than from a brochure. There are four components, and only one of them is large. Naming all four matters, because the usual sales pitch quietly omits the expensive one and then acts surprised when the cheap version does not hold up under pressure.

The first is the cryptographic work itself. In our design, every action gets signed before it executes, and the signatures are hash-chained into an append-only log. We call this the Open Audit Record (OAR). The signatures are post-quantum, built on the United States National Institute of Standards and Technology (NIST) standard Federal Information Processing Standard 204 (FIPS 204), the Module-Lattice Digital Signature Algorithm at security level 65 (ML-DSA-65). Post-quantum signatures are larger and a little slower than the elliptic-curve signatures most systems use today. That is a real cost. It is also a small one, measured in microseconds and kilobytes per action, and it is shrinking every year as the implementations mature. Anyone who tells you post-quantum signing is prohibitively expensive is quoting figures from several years ago.

The second is storage. An append-only log only grows. If you record every action with its inputs, its outputs, and its signature, you are committing to keep that data, and storage of an immutable chain is more expensive than a database you are free to compact and overwrite. But storage is the cheapest resource in the entire stack, and a well-designed record stores hashes and references rather than duplicating every payload. The marginal cost of one more signed entry is close to nothing. Over a year it adds up to a number you will struggle to find on the bill, even if you go looking for it on purpose.

The third is the engineering discipline. This is the real recurring cost, and it is not a line item, it is a habit. To produce a verifiable record you have to decide, up front, what counts as an action, what gets captured, and what the signing happens over. You cannot bolt this on afterwards. It changes how you design systems, because every component now has to emit its evidence as it works rather than hoping a log somewhere caught it. That discipline has a price in design time and in the constant temptation to cut corners under deadline. I will not pretend otherwise. It is, however, the same discipline that makes systems debuggable, observable, and safe to change, and most teams find they were paying for the absence of it all along, just quietly, on the other ledger.

The fourth cost is the one worth paying

The fourth component is verifiability without trust, and it is the one that separates a real record from theatre. It is easy to write a log. It is easy to sign a log. It is hard to build a record that a third party can check offline, in an ordinary browser, with no connection to you, no special tooling, and no need to trust the vendor who produced it. That last clause is everything. A record you have to trust the vendor to vouch for is not a record, it is a reputation, and reputations do not survive cross-examination. The first time someone proves a vendor edited its own logs, every claim that vendor ever made is worth nothing.

Classical marble hands cradling a single sealed engraved disc, lit by a thin gold rim light against pure black.
The fourth cost is the one worth paying: a sealed record a stranger can verify without trusting the hand that made it.

Building for offline, vendor-independent verification costs more than building a log that only your own system can read. You have to publish the verification method. You have to make the format open and self-describing. You have to assume a hostile, sceptical checker who wants to catch you lying, and then hand them every tool to try. In our case the audit root is anchored externally, to Bitcoin through our Pantheon chain, so that even the question of whether a record existed at a given time does not rest on our say-so. Pantheon is a sovereign Layer 1 chain with a fixed-supply token, PAN, capped at five billion, and it is the one part of the stack still being built. The signing, the chaining, and the offline verification are live today. The point is that the expensive design choice, the one that says assume we are not trusted, is precisely the choice that gives the record its value. You are not paying for storage. You are paying to remove yourself from the trust equation entirely, which is the only place a record becomes evidence rather than a claim.

Now the other side of the ledger

Set against all of that, what does an unprovable incident cost? Here the numbers stop being microseconds and kilobytes and start being careers, settlements, and franchises. I will not invent precise statistics, because the honest answer is that the cost is distributed with a very long tail, and the tail is where the company-ending events live. But I can describe the shape with confidence, because the shape is consistent across every domain where automated decisions touch real people, from credit to hiring to clinical triage to content moderation.

An unprovable incident has at least five cost layers. There is the direct remediation: finding out what happened, which is slow and expensive precisely because you have no record. There is the regulatory exposure: under the European Union (EU) Artificial Intelligence Act, high-risk system obligations including logging and traceability begin to bite from August 2026, and an organisation that cannot produce records is not in a weak position, it is in an indefensible one. There is the liability layer: as AI liability regimes mature, the burden is shifting toward the operator to show the system behaved reasonably, and the answer we cannot show anything reads, to a court, as negligence. There is the commercial layer: customers and partners who lose confidence do not file a complaint, they simply leave, and they tell others why. And there is the layer nobody prices at all, the cost of every future decision made under a cloud of doubt, because once you have been caught unable to explain yourself, every subsequent claim you make is discounted before you finish making it.

The asymmetry is the whole point

Put the two ledgers side by side and the structure becomes obvious. The verifiable record costs a small amount, continuously, with near-certainty. The unprovable incident costs an enormous amount, rarely, with deep uncertainty about when it lands and how large it will be. This is the textbook profile of an insurable risk, and the verifiable record is, functionally, self-insurance you build into the product rather than buy from a third party. You do not file a claim. You hold the proof, and the proof is the payout.

But it is better than insurance in one decisive way. Insurance pays out after the loss. A verifiable record prevents most of the loss from materialising, because the incidents that destroy organisations are rarely the incident itself. They are the cover-up, the contradiction, the discovery that the logs were edited, the dawning realisation in the room that nobody can say what actually happened. A signed, hash-chained, externally anchored record means the worst case is bounded. Something went wrong, here is exactly what, here is the proof we did not touch it after the fact, here is the corrective action. That is survivable. The version where you stand in front of a regulator and shrug is not, and no premium you could have paid afterwards will buy back that moment.

Three honest caveats

I would not trust this argument if it came with no caveats, so here are mine. First, a verifiable record proves what happened, not that what happened was good. It is evidence, not absolution. A perfectly signed record of a biased decision is still a biased decision, now beautifully documented. The record buys you defensibility and the ability to find and fix problems, not innocence. Anyone selling it as a compliance magic wand is selling the wrong thing, and you should be suspicious of the pitch.

Second, the cost discipline is real and it is not free. Teams under pressure will be tempted to sign less, capture less, verify less, and call it pragmatism. The moment you start making exceptions about what gets recorded, you are quietly refilling the invisible ledger. The system has to make the cheap path and the recorded path the same path, or the discipline erodes under the first hard deadline. We designed ours so that signing happens before execution precisely so there is no unrecorded mode to fall back into. If recording is optional, it will eventually be skipped, and it will be skipped on exactly the action you most wish you had captured.

A blank classical marble plinth and fluted column corner edged in gold light, surrounded by deep black negative space.
Two ledgers: the visible one denominated in small recurring payments, the invisible one settled in rare catastrophic lump sums.

Third, sovereignty has a price too. Verifying offline, owning your own substrate, anchoring to an external chain, training your own models rather than renting someone else's, all of this costs more than handing the whole problem to a platform and trusting them. We run fifty brains, twenty-five domain and twenty-five operational, on our own Poseidon substrate. We are actively training our own models now, fine-tuning and specialising open foundations such as Llama 3.2 and Qwen 2.5 while building a sealed corpus, with funding scaling that work toward fully native weights. The portfolio behind all of this runs to 101 filed United Kingdom patent applications, roughly 2,234 claims, owned by Mickai LTD with me as the named inventor. That is a deliberate, expensive set of choices. The reason we make them is that the cheap version, total dependence on a vendor you cannot audit, simply moves your entire invisible ledger onto someone else's balance sheet, where you can neither see it nor settle it.

How to price it for yourself

If you want to do this calculation in your own organisation, do not start with our numbers, start with a question. For each class of automated decision you run, ask: if a credible party demanded proof of exactly what happened, when, and on what basis, and refused to take our word for it, could we produce it today? If the answer is no, you are already carrying the liability. You are simply choosing not to look at it. The cost of the verifiable record is whatever it takes to turn that no into a yes, and you can bound it, because it is engineering. The cost of leaving it at no is unbounded, because it is determined by an adversary you have not met yet, on a day you do not get to choose.

My contention, after building this, is that the verifiable record is not the expensive option. It only looks expensive because its cost is visible and the alternative's cost is hidden. We have a deep cultural bias toward the cost we can see, and that bias is exactly what the second ledger preys on. A few microseconds of post-quantum signing, a chain of hashes, and a verification anyone can run offline in a browser is a small, known premium. An unprovable incident, on the day it arrives, is whatever number ends you. Those are not the same kind of number, and pretending they are is how organisations talk themselves out of the cheap option right up to the moment they need it.

What you are actually buying

So price it as what it is. Not a feature, not a compliance tick, not a log. You are buying the right to be believed. In a market filling up with systems that act faster than any human can supervise, the scarce and valuable thing is not another model. It is a record that holds up when you are not in the room, that a stranger can verify without trusting you, and that you cannot quietly edit after the fact even if you wanted to. Every action signed before it runs, hash-chained, post-quantum, anchored beyond your own reach, and checkable by anyone, offline. That is a different category of asset from anything on the visible ledger, and it is the one that decides whether you survive a bad day.

That record has a cost. I have tried to give it to you straight, the genuine engineering price and the genuine discipline it demands, with no pretence that it is free. But measured against the bill that arrives the day you cannot prove what your AI did, it is the cheapest insurance you will ever decline to need. Pay the small ledger. The large one does not negotiate, and it does not wait for a convenient quarter.

ShareLinkedInXHacker NewsRedditMastodonBlueskyEmail
Subscribe
Get every new Mickai article by email.

Long-form essays on sovereign AI from Micky Irons. One email per article. No tracking, no marketing, no third parties. Every email includes a one-click unsubscribe link.

Prefer RSS? Subscribe at /articles/feed.xml.

Originally published at https://mickai.co.uk/articles/two-ledgers-price-of-proof. If you operate in a regulated sector or want sovereign AI on your own hardware, the audit form on mickai.co.uk is the entry point.
More articles
15 Jun 2026
The Provenance of a Generated Molecule
A regulator and a court will both ask how an AI-generated drug candidate was derived. The molecule is the hypothesis. The signed, offline-verifiable record of its generation is the asset you can actually defend.
14 Jun 2026
The Logbook That Cannot Be Rewritten: Autonomous Vessels and the Discipline of the Signed Record
A ship's logbook was admissible in court because it was written in real time, in sequence, and could not be quietly rewritten after the fact. Autonomous vessels keep the data and throw away the discipline. Here is what the sea taught us about records, and why the only honest answer is a signed, hash-chained, offline-verifiable account of every decision a machine makes at sea.
13 Jun 2026
The Black Box AI Never Built: Why Every Machine Decision Needs a Flight Recorder
Aviation became the safest way to travel not because crashes stopped, but because every crash became investigable. The flight recorder turned disaster into evidence. Artificial intelligence makes millions of consequential decisions a day and keeps almost no equivalent record. I want to explain why that gap is the central safety problem of the next decade, and what a real fix looks like.
15 Jun 2026
When the Network Runs Itself: The Account Telecoms Regulators Will Demand
In modern telecoms, artificial intelligence makes thousands of operational decisions a minute, and almost none of them are written down in a form anyone can later check. That gap is about to become a regulatory problem. The fix is not a better dashboard. It is a signed, hash-chained, offline-verifiable account of what the network decided and why.
See all articles →