Every AI decision.
Logged. Reviewable.
Forever.
TraceLayer gates every AI call inside CurioPilot. Consent verified. Names redacted. Model + cost recorded. Teacher review queued. Audit hash signed. The DPA isn’t a PDF — it’s enforced on every call.
stream from ai_decision_logs · tenant school_oakdale
Why we built it first
The audit log is the contract.
In every conversation with a school admin or DPO, the same question came up: “If a parent asks what your AI said to their child, what can I show them?” Most AI EdTech has no answer.
We made the answer impossible to give. Every AI call in CurioPilot passes through TraceLayer’s five gates before a single token reaches a model provider. Consent. Redaction. Model selection. Output review. Decision recording.
It’s logged before it can run.
The architecture
Five gates. One decision.
Every AI call walks the same five gates, in order. A failure on any gate stops the call and writes the failure as its own immutable log entry.
Consent
Current, valid consent for this child + this AI feature. If missing, the call is rejected.
Redaction
Names, emails, IDs, birthdates, addresses are stripped. The prompt that reaches the model is pseudonymous.
Model selection
Which provider, which model, which fallback chain. Recorded with the request.
Output review
High-stakes outputs queue a teacher review. Students never see un-reviewed AI output where review is required.
Decision record
Immutable entry on the per-tenant audit-log shard with everything above plus a signed hash.
Consent
Current, valid consent for this child + this AI feature. If missing, the call is rejected.
Redaction
Names, emails, IDs, birthdates, addresses are stripped. The prompt that reaches the model is pseudonymous.
Model selection
Which provider, which model, which fallback chain. Recorded with the request.
Output review
High-stakes outputs queue a teacher review. Students never see un-reviewed AI output where review is required.
Decision record
Immutable entry on the per-tenant audit-log shard with everything above plus a signed hash.
What gets logged
Show, don’t tell.
Two real-shaped JSON samples from ai_decision_logs. Hover any callout to highlight the line it explains.
{ "decision_id": "4f8e21a", "tenant_id": "school_oakdale", "student_id": "stu_a3f1c", "feature": "activity_generation", "consent": { "state": "verified", "source": "school", "verified_ts": "2026-03-15T09:00:00Z" }, "redaction": { "fields_stripped": ["name", "email", "school_id"], "count": 3 }, "model": { "provider": "google", "model": "gemini-2.5", "tier": "edu", "fallback_chain": ["openai/gpt-5", "anthropic/claude-5"] }, "output": { "review_required": false, "kind": "activity", "topic": "equivalent_fractions" }, "audit_hash": "sha256:a8f4...b71c"}
{ "decision_id": "9c2f33b", "tenant_id": "school_riverside", "student_id": "stu_b8e4d", "feature": "activity_generation", "consent": { "state": "missing", "source": null }, "outcome": "BLOCKED", "block_reason": "no_active_consent", "notification": { "queued_to": "parent_b8e4d", "subject": "Action needed: enable AI features for [Child]" }, "audit_hash": "sha256:1e7c...44ab"}
We don’t log the full model output verbatim by default — storage cost, and frankly, privacy. We log the decision, the inputs that shaped it, and a content fingerprint. Verbatim retention is a Campus-tier opt-in.
Who can see it
Same audit log. Three legitimate views.
Role-based slicing on the per-tenant shard. No cross-tenant reads except support, and support reads are themselves logged.
MoizLabs ops
Cross-tenant view, support-only. Every super-admin action is itself audit-logged. Customers can request a per-action report.
Per-tenant view
Filter by student, by date, by AI feature. Export as CSV or JSON. The view a procurement office or regulator would want.
Per-child, plain English
Click any AI recommendation in the parent dashboard, see the underlying TraceLayer entry as a “Why this?” card with redaction summary.
Maya’s been asked to revisit equivalent fractions.
5 of 8 recent answers showed she sees the top and bottom of a fraction as separate numbers.
Compliance evidence
Map TraceLayer fields to the regulations they prove.
Procurement-ready. Take this table to your DPO; we’ll back every row with a sample export.
| Regulation | Article / clause | What TraceLayer proves |
|---|---|---|
| GDPR | Article 30 — records of processing | Per-decision provider, purpose, lawful basis, retention. |
| GDPR | Article 17 — right to erasure | Per-tenant erasure with audit-hash receipts. |
| GDPR | Article 22 — automated decisions | Per-decision logic + reviewability. |
| COPPA | Verifiable parental consent | Consent state + source + verified-ts on every under-13 decision. |
| FERPA | School-official-with-legitimate-educational-interest | Per-tenant + per-school role attribution. |
Build-time attestation
A new AI route that skips the gates fails the build.
The script scans every AI route at build time. It checks for the redaction call, the consent guard, and the decision-log write. If any are missing, CI fails. We can’t ship an AI route without TraceLayer — even by accident.
Run as a CI gate. npm run tracelayer:attest:check
$ npm run tracelayer:attest:check ✓ Scanning AI route: src/app/api/ai/activity/route.ts ✓ Calls redactForAi() before model invocation ✓ Wraps in enforceAiConsent() guard ✓ Writes ai_decision_logs entry ✓ Scanning AI route: src/app/api/ai/spark/route.ts ✓ Calls redactForAi() before model invocation ✓ Wraps in enforceAiConsent() guard ✓ Writes ai_decision_logs entry ✓ Generated docs/compliance/pii-flow-attestation.md 12 routes scanned · 12 routes attested · 0 violations CI gate passed.
artifact: docs/compliance/pii-flow-attestation.md · committed on every release
FAQ
Procurement asks. Answered.
How long is TraceLayer data retained?
Can a school export their full audit history?
Is the audit-hash itself signed?
What happens if a model provider has an outage mid-call?
correlation_id. No audit gap.Can TraceLayer be turned off for performance reasons?
How does the parent “Why this?” card relate to TraceLayer?
reason, redaction summary, and consent state from the underlying log row. Parents see the plain-English version; the JSON is one click away.Is TraceLayer SOC 2 in scope?
Want to walk through a live audit log?
We’ll set up a demo with you, your IT, and your DPO. We bring the audit log; you bring the questions.