You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This document maps EU AI Act requirements to PEAC Protocol evidence capabilities.
Framework Overview
The EU AI Act classifies AI systems by risk level and imposes requirements on high-risk systems. PEAC provides the evidence infrastructure for compliance documentation, audit trails, and transparency obligations.
Article Mapping
Article 9: Risk Management System
Requirement
PEAC Mechanism
Package
Risk identification and analysis
Risk signal extension, interaction evidence
ZT Profile Pack
Risk estimation and evaluation
Verification reports with structured results
@peac/protocol
Testing and validation records
Conformance fixtures, dispute bundles
@peac/audit
Continuous monitoring
Receipt chains with trace context correlation
ZT Profile Pack
Article 12: Record-Keeping
Requirement
PEAC Mechanism
Package
Automatic logging
Receipt issuance per interaction
@peac/protocol
Traceability
Workflow correlation, trace context extension
@peac/protocol
Monitoring capability
Structured verification reports
@peac/protocol
Log retention
Dispute bundles with hash-chain integrity
@peac/audit
Article 14: Human Oversight
Requirement
PEAC Mechanism
Package
Understand system capabilities
Purpose declaration and policy surfaces
@peac/protocol
Monitor operation
Real-time receipt verification
@peac/protocol
Intervene or halt
Control action extension (deny, escalate)
@peac/schema
Override decisions
Control chain with manual_review trigger
@peac/control
Article 18: Corrective Actions
Requirement
PEAC Mechanism
Package
Withdraw non-conforming systems
Key revocation in issuer config
@peac/protocol
Inform authorities
Structured dispute bundles
@peac/audit
Document corrective actions
Credential event extension (rotated, revoked)
@peac/schema
Article 19: CE Marking (via Records)
Requirement
PEAC Mechanism
Package
Conformity documentation
Conformance reports (deterministic JSON)
@peac/protocol
Technical documentation
Spec references in receipt extensions
@peac/schema
Article 50: Transparency Obligations
Requirement
PEAC Mechanism
Package
AI-generated content disclosure
Content signals observation model
@peac/mappings-content-signals
Interaction disclosure
Agent identity in receipt sub claim
@peac/kernel
Deep fake marking
Hash-first evidence (SHA-256 digests)
@peac/schema
Evidence Chain
For EU AI Act compliance, a complete evidence chain consists of:
Policy declaration: peac.txt at publisher origin
Identity binding: ActorBinding with proof type in receipt
Action logging: Interaction evidence per tool invocation
Decision audit: Control action with trigger and policy_ref
Risk monitoring: Risk signal observations
Dispute resolution: Reconciled bundles with deterministic output