KYE GovernedUI™ · the visible control surface

Approve every AI action before it ships.

You see what your agent wants to do. You approve, reject, or edit it. KYE GovernedUI™ is your control surface for AI: dashboard, email, Slack, Teams, or mobile.

Every decision lands in a WORM (Write-Once-Read-Many) audit chain. A regulator can replay your verdict offline from the public key alone.

Apply for a paid pilot See the 7 governance modules

Banking-grade · Replay-proof · Multi-channel · WORM-audited · SR 11-7 (Supervisory Guidance on Model Risk Management) / EU AI Act / DORA-aligned

ActionApproval · kye.governedui.action_proposal.v1 live preview

smart_toy

Customer-Support Agent #A41

kye:agent:acme-bank:support:a41

Action issue_refund

Target system payments.acme-bank.com

Payload £420.00 · cust 8841

Risk level high

Approval mode two_person

Policy decision admit_with_human_approval

Authority chain agent ← ops_lead ← bank

Evidence Timeline · kye.governedui.evidence_timeline.v1 replay-proof

Proposed by agent

2026-05-19T10:42:18Z

sig: ed25519:<signed>

Authority chain walked

delegation_depth=2 · scope_ok

Policy evaluated (PDP)

verdict=admit_with_human_approval · p99=22ms

Human approval — awaiting

required: 2 approvers (two_person mode)

Executed or blocked

target=payments.acme-bank.com

Audit sealed (WORM)

retention=7y · replay-proof

verified_userAction ApprovalPre-action human review. Approve / reject / edit / escalate. badgeEntity PassportAt-a-glance identity for any agent / human / system. tuneAuthority ScopeCan / cannot / needs-approval breakdown. policyCritical Point ReviewTwo-person + two-person-with-legal modes. historyEvidence TimelineReplay-proof chain from proposal to execute. inboxApproval QueueMulti-reviewer queue, SLA-breach routing. radarAuthority DriftTen drift dimensions tracked live.

What KYE GovernedUI™ controls

The product focuses on dangerous moments — not normal UI activity. Twenty critical-action classes, every one a moment where uncontrolled AI execution costs an enterprise meaningful money, regulatory exposure, or customer trust:

send_email · send_message · delete_file · export_data · access_sensitive_data
update_crm · issue_refund · create_invoice · submit_form · deploy_code
switch_traffic · run_sql · modify_policy · approve_workflow · share_document
call_paid_api · trigger_payment · change_customer_record
delegate_authority · modify_own_authority (meta-governance — )

Every class triggers a signed, replay-proof approval flow with full audit lineage. Locked in the seven governance modules.

Three pillars

visibility See agent authority Understand who or what is acting, what it can do, and what policy applies. The Entity Passport + Authority Scope widgets show every entity's declared scope, active delegations, and trust posture at a glance.

verified_user Control critical actions Approve, reject, edit, escalate, or require second approval before execution. ActionApproval and Critical Point Review widgets gate every consequential moment with policy-aware human review — from any channel: dashboard, email, Slack, Teams, mobile.

history Prove what happened Replay-proof evidence timelines for every action, policy decision, approval, and outcome. A regulator with the timeline + the public verification key can re-derive every verdict offline — SCITT-receipt equivalent.

How KYE Protocol™ + GovernedUI fit together

KYE Protocol™	KYE GovernedUI™
Governance brain	Visible control surface
Identity, authority, policy, audit	Approval, evidence, review, accountability
`/v1/*` API + Decision Map™	Widgets + dashboards + multi-channel approvals
Replay-proof envelopes	The human decisions that produce the envelopes
PDP / ePDP / sPDP admission	The UI that surfaces the PDP's policy decision to a human

The strengths KYE Protocol™ brings

Cross-agent handoff with scope attenuation. kye.delegation_chain.v1 + Authority Gate chain-walk guarantee Agent B's authority is always ≤ Agent A's. Visualised in the Authority Scope module.
Authority drift detection. kye-drift-detector Worker emits kye.agency_drift.event.v1 for ten drift dimensions (intent / scope / state / payload / timing / frequency / target / semantic / agency / authority). Surfaced live in the Authority Drift module.
PDP / ePDP / sPDP admission. Production deterministic decision engine, p99 ≤ 30 ms. ActionApproval pre-flights every proposal through it.
WORM audit chain. Constitution retention; nine protected tables with append-only triggers. Every approval lands here, single-use enforced.
Replay-proof envelope. Constitution deterministic signature. Any verdict re-derivable offline from public material alone.
Regulator-ready exports. SR 11-7, EU AI Act Art. 14/15, DORA control mappings. compliance-attestation CI gate enforces 8 of 8 regulated rule packs carry mappings.

How to engage

Apply for a paid pilot → — £95k–150k fixed fee, 8–12 weeks, one real AI-agent workflow governed end-to-end.
Read the seven governance modules →
See the five-tier pricing ladder → — Pilot → Department → Enterprise → Regulated → National / Consortium.
Engage as a partner, consultant, or connector vendor →
Browse the open public surface on GitHub ↗