Trust · Billing · Certification

Every approved action
leaves a verified trail

SafeClash is the bookkeeper and certifier of the Governed AI OS. It does not make decisions. It records them — with cryptographic precision, Merkle-anchored audit trails, and usage receipts that cannot be disputed.

receipt_id sc_7f3a91b4c2d8e...

proposal_id prop_4a2c1f8b...

action restart_node

outcome executed

approval A = 1

decided_by professor_vasen

usage_atoms 14 atoms · 0.00042 sat

merkle_root a9f3c2b1d4e8...

sealed_at 2026-03-13T09:14:22Z

✓

SafeClash Certified This receipt is immutable. The human approved. The action executed. The record is sealed.

What SafeClash does

Three functions. One purpose.

⬡

Trust layer

SafeClash certifies that every action in the system was approved by a human. Not claimed — cryptographically verified. The certificate is the proof.

◈

Billing layer

Usage is measured in atoms — the smallest meaningful unit of computation. Every approved action generates a receipt with an atom count. Payment is the continuity guarantee: π in the formula.

◉

Certification mark

Systems that implement the Governed AI OS protocol can apply for SafeClash certification. The mark means one thing: no action in this system executes without human approval.

Position in the system

SafeClash sits at the end of the canonical loop

OpenClashd owns consent. CLASHD27 owns discovery. Jeeves owns the approval surface. SafeClash owns what comes after: the record, the bill, the proof.

Signal

OpenClashGrid

→

Govern

OpenClashd

→

Approve

Jeeves

→

Certify

SafeClash

Billing model

Usage atoms — not tokens, not requests

A usage atom is the smallest billable unit of governed computation. One atom = one meaningful action that passed through the policy gate. Atoms are counted per proposal, not per API call.

Event	Atoms	Billed when	Includes
Signal observed	0	Never	Observation is always free
Proposal created	1	On creation	Policy gate, residue calculation
Correlated proposal	3	On creation	Multi-node correlation, entropy calculation
Action executed (A=1)	5–20	On execution	Bounded execution, receipt generation, Merkle append
Action blocked (A=0)	1	On rejection	Rejection receipt, audit entry
Certification issued	100	On issuance	Full audit trail verification, certificate signing

MERKLE AUDIT TRAIL — safeclash.com/audit root: a9f3c2b1d4e8f7a2... ├── receipt_batch_2026-03-13 │ ├── sc_7f3a91b4c2d8e... action: restart_node A=1 ✓ │ ├── sc_3b8c2d1a9f4e... action: grid.correlated A=1 ✓ │ └── sc_1a2b3c4d5e6f... action: db.delete A=0 blocked └── receipt_batch_2026-03-12 ├── sc_9e8d7c6b5a4f... action: deploy_config A=1 ✓ └── ... Every entry is immutable. Every root is verifiable.

Certification

The SafeClash mark means one thing

Any system — a hospital's medication platform, a bank's transaction engine, a city's infrastructure controller — can apply for SafeClash certification. The process verifies that the system implements the full Governed AI OS protocol.

01 — Audit

Submit your system's governance implementation. We verify that the canonical loop is intact and that A=0 is mathematically enforced — not just claimed.

02 — Test

CLASHD27 runs the certification test suite — 1201 tests across 27 evaluation cells. Zero failures required. No exceptions.

03 — Certify

A SafeClash certificate is issued, anchored to the Merkle audit trail, valid for 12 months. Renewal requires re-audit.

Pricing

Pay for what you govern

Open

Self-hosted

Free — always

Full bootstrap included
Local receipt generation
Local Merkle audit trail
No certification mark
Community support

Governed

SafeClash Cloud

Per atom — usage based

Cloud receipt storage
Merkle root anchoring
Jeeves approval surface
SafeClash certification mark
Bitcoin-anchored audit trail

Enterprise

Certified

Contact — custom

Full certification audit
CLASHD27 test suite
Legal-grade receipts
SLA guarantee
Custom atom pricing