HashHouse

HashHouse seals AI models in a tamper-proof vault and proves which model a company used, when it was used, and that its safety controls weren't secretly removed, without ever seeing inside it.

Comment

Inspiration

One day soon, an AI is going to make a decision that changes someone's life. A loan denied, a treatment deprioritized, a claim rejected. We kept asking a simple question: when that happens and someone challenges it, can the company actually prove what their AI did? Today the answer is almost always no. Companies update their models constantly, their records live on their own servers where they could be edited, and free tools can now strip a model's safety controls in minutes. So in the exact moment proof matters most, all anyone has is "trust us." We built HashHouse because trust is not a security model. Proof is.

What it does

HashHouse is an independent, tamper-proof vault for AI models. A company deposits their model, and we seal it without ever looking inside, so their secrets stay protected. We give the model a cryptographic fingerprint that reveals nothing about it but changes completely if even one bit is altered. If anyone swaps the model or strips its safety controls, the fingerprint breaks and we catch it instantly. Every version is recorded in a permanent history that can't be edited. So at any point, a company can prove exactly which model they used, on what date, and that no one tampered with it, with an independent record that holds up in court.

How we built it

We built a web app with a React front end and a Python backend. The core is SHA-256 hashing, which we use to fingerprint each model and detect any change. We store models in a sealed vault with login-gated, multifactor-protected access, and we keep an append-only history so past records can never be edited or deleted. When a model is registered, we capture its fingerprint, timestamp, and version. To detect tampering, we re-fingerprint the model and compare it to the sealed original, any mismatch is flagged immediately. We also built a dashboard so companies can see all their models, their versions, and their integrity status at a glance.

Challenges we ran into

The hardest part was being honest about what cryptography can and can't do, and designing around it. Hashing proves a model didn't change, but it doesn't prove the model is good, so we had to be precise about what we actually promised. We also had to design the vault so we never exposed the company's intellectual property, proving things about a model without ever reading it. On the technical side, we wrestled with setting up our environment and version control cleanly, including painful file-syncing issues that nearly cost us our codebase, which taught us a lot about backing up early. And we spent real time studying competitors to make sure we weren't building a copy of something that already exists.

Accomplishments that we're proud of

We're proud that our demo is real, not a mockup. You can register a model, see its fingerprint, tamper with it, and watch the system catch the change in real time. We're proud that we found a genuinely defensible position in a crowded market, the only approach that combines independent custody, cryptographic integrity, and court-ready proof in one place. And we're proud that we stayed honest about our limits, which made the whole idea stronger rather than weaker. Most of all, we turned a real, growing problem into something a non-technical person can understand in one sentence: we prove what an AI did, instead of asking you to trust it.

What we learned

We learned the difference between storing, checking, and proving something, and that the last is the hardest and most valuable. We learned that the cryptography we relied on, hashing, is actually the boring, settled part, and that the real work is in the trust model around it: who holds the record, who can edit it, and whether an outsider can verify it. We learned how crowded the AI security space already is, and that real innovation can mean assembling existing pieces into a combination no one else offers. And we learned to be precise and honest about what we promise, because that honesty is exactly what makes people trust the product.

What's next for HashHouse

Next, we want to register models at the time of deployment, hooking directly into a company's pipeline so that the model that ships is the one we logged, closing the gap between what a company registers and what they actually run. Longer term, we want to become the compliance layer for AI, the default proof standard that every regulated AI deployment runs through, with built-in support for frameworks like the EU AI Act and ISO 42001 and court-ready reports. As AI makes more of the decisions that shape people's lives, our goal is simple: to ensure that anyone, anywhere, can prove what an AI did.

Built With

Share this project:

Updates