29 articles

Help

How Provenance works and how to use it — the thesis, the pipeline and trust model, the data & provenance rules, every surface in the app, and the methodology behind the build.

Start here

What's new The latest updates to apt — newest first. The version tag in the sidebar foot points here. 2 min read What Provenance is The problem, the thesis, the five modules, and the two channels — what Provenance actually is. 5 min read Take the tour A guided first pass through Provenance — from the home page to the Composer, Optimizer, Assurance, and Observatory. 4 min read The five trust properties P1 through P5 plus E1 — the headline properties that must be provably true, each tied to the test file that proves it. 3 min read Glossary Precise, code-grounded definitions of the key terms used throughout Provenance. 6 min read

Core workflow

Home / Workspace The home pipeline view — stat cards plus a filterable, sortable record table where every row carries the source that justifies its stage and score. 2 min read Records The full record table with tabbed views, server-side sort, a create form that stamps source: manual, and a one-click Undo for the record you just made. 2 min read Composer Write outreach copy; the Gate scans every line before it can ship and blocks any message that recites a held fact, naming the fact and its source. 3 min read The Optimizer A per-segment Thompson-sampling bandit that can only ever pull Gate-cleared arms, so a planted lie is structurally unreachable — proven against an unconstrained twin that converges to it. 4 min read Optimizer dashboard A per-segment truth-bounded bandit — every proposed A/B variant, ranked by realistic KPI lift, where an arm that relies on a held fact stays out of the pool and is selected zero times. 2 min read The Agent A deterministic navigator in place of a dashboard — it routes your question over the optimizer, KPIs, drift, assurance, and records, and distills the state into a sourced answer. 2 min read

Trust & provenance

The Gate How one claim is verified — decompose, retrieve, NLI, a calibrated diverse ensemble, compliance rules — into a green/amber/red claim ledger. 4 min read Say / allude / hold — the surface policy Every fact carries a provenance class and a surface policy; a HOLD fact may steer selection but may never be recited in copy — the privacy core of the system. 4 min read Policies Define what the AI may and may not say about your company — grounded in a corpus, cited, with an approved/forbidden claim list. The Gate enforces it. 4 min read Agent graph & decision trees How a visitor is routed — classify the network, score confidence, pick a personalization tier, then the agent graph. The router is deterministic; the LLM only drafts; the Gate disposes. 4 min read The Claims Library The versioned claim-evidence graph: four approved sources, ten atomic claims each bound to a source span, with dependency edges and human-owned compliance rules. 4 min read The Assurance Lab An adversarial wind tunnel that mutates approved claims into labeled traps and runs them through the real Gate versus a single number-blind judge, reporting decomposed reliability. 5 min read The Drift Monitor A legal-hold flip or source change triggers a surgical re-verify of exactly the affected claims, then mutates the action pool to pause the variants that assert a newly-red claim. 4 min read Sources & cost basis The honest catalog of paid and free enrichment sources — what each gives, what it costs, its lawful basis — and where the synthesized data lives. 4 min read Integrations — the data base, and what you can add The enrichment apt runs on out of the box, and the stack you can connect — with the exact data and value each one adds. Every fact still carries its source. 4 min read Enrichment & touchpoints How connectors fan out into the Enrichment Gate, become usable / disclaimer / blocked facts, synthesize a profile DB, and personalize copy — with the rule that an un-receipted fact can never be inlined. 5 min read

Live demo

Live demo & KPI monitor Live-clone a website and render three personalized variants per scenario — each with its own DATA USED receipt — then watch a simulated RL loop climb toward target KPIs on the monitor. 3 min read

Lab

Observatory The live, watchable view of a pipeline run — a clickable node graph, a per-node input to decision to output inspector, a phase ribbon, and an append-only event timeline you can scrub. 3 min read More surfaces A roundup of the remaining Lab and trust surfaces — each one a focused view that links out to its own route. 2 min read

Methodology

How this was built Provenance is built to the same bar it holds outbound copy: a Constitution, a locked PRD, deterministic offline replay, and an immutable pytest harness that is the authoritative gate. 5 min read How the Assurance dashboard was built The research and rationale behind /assurance — a decomposed-reliability dashboard where every number comes from a real run. 6 min read The Quiet Workspace design system quiet.css is a single light, near-monochrome token set where colour appears only in product data; pages compose its components and never restyle them, and charts are dependency-free inline SVG. 5 min read Copy that drives action — and the Gate that enforces it What a research swarm taught us about outreach that converts, and how every lesson became a deterministic Gate check — because relevance you can't verify reads as spam. 6 min read Does personalization actually move the metrics? The agent-swarm research on personalization → reply and booking, graded by an adversarial fact-check. These are external benchmarks (sourced, by confidence) — not Provenance's own measured numbers. 5 min read