Open-Source Article 12 Logging Library for EU AI Act Compliance
What This Is
An open-source TypeScript library that provides Article 12-compliant logging infrastructure for AI systems affected by the EU AI Act. It's specifically designed for Node.js applications using the Vercel AI SDK.
Key Details
The library addresses the EU AI Act's Article 12 requirements, which take effect in August 2024 and mandate automatic event recording with six-month retention for high-risk AI systems. Legal commentators have interpreted this as requiring append-only ledger functionality rather than standard application logging.
The implementation includes:
- Middleware that wraps AI models to capture every inference call
- Structured JSONL logging to your own S3 bucket or local filesystem
- SHA-256 hash chaining between entries for tamper detection
- Automatic enforcement of 180-day retention minimum
- CLI tool to reconstruct specific decisions and verify log integrity
- Coverage command that identifies potential logging gaps (omissions are noted as a bigger practical risk than edits)
The library is deliberately simple in design: TypeScript-based, targeting Vercel AI SDK middleware, supporting S3 or local filesystem storage, and using linear hash chaining. It also works with the Mastra agentic framework, and the maintainer welcomes PRs to expand integrations.
As noted in the HN discussion, the library provides tamper-evident logging rather than tamper-proof protection. It detects modification but doesn't prevent wholesale chain reconstruction by someone with storage access. The design assumes defense-in-depth with S3 Object Lock (Compliance mode) at the infrastructure layer and hash chain verification at the application layer. External timestamping (like OpenTimestamps or RFC 3161) could be added as an optional feature for independent temporal anchoring.
According to the developer's regulatory interpretation, Article 12 requires "automatic recording" that enables monitoring and reconstruction, with current guidance not mandating tamper-proof storage—only trustworthy, auditable records.
📖 Read the full source: HN LLM Tools
👀 See Also
Best-Backup: A Free Tool for OpenClaw Server and Docker Container Backups
The free tool best-backup provides robust backup capabilities for OpenClaw servers, including full server backups, specific folder backups, and Docker container backups, with features like compression, encryption using existing SSH keys, and integration with Google Drive.
memv MCP Server: Persistent Structured Memory for AI Agents
memv, an open-source Python memory layer for agents, now ships with an MCP server. It provides five tools for persistent, structured memory with per-user isolation and LLM-optional extraction.
HomeClaw Plugin Connects Apple HomeKit to OpenClaw
HomeClaw is an OpenClaw plugin that connects Apple Home/HomeKit devices to OpenClaw. It requires an Apple Developer Account to build and run due to Apple HomeKit restrictions for notarized distributions.
MCP Search Server with Feedback-Driven Ranking for Claude Desktop
A community-built MCP search server for Claude Desktop runs Exa and Tavily search engines in parallel without requiring API keys. After using a result, users report whether it worked via an outcome tool, which feeds back into ranking to prioritize URLs that help agents succeed.