FeedOracle · Ultimate Verification Oracle
UVO is a 9-layer verification pipeline that checks claims about EU regulations against the actual regulation text — and emits cryptographically signed receipts that anyone can verify offline. Built honestly. Hardens itself nightly.
When an LLM generates a sentence about GDPR, MiCA, DORA or DSA, you have no way to know if it's true. "Breach notification within 24 hours" sounds plausible — but GDPR Art. 33 says 72 hours. "USDT is MiCA-authorized" sounds reasonable — but no MiCA authorization exists. These hallucinations get pasted into compliance documents, board reports, customer emails. Nobody catches them until an auditor does.
The standard response is "always cite your sources." That doesn't help — LLMs hallucinate citations too. UVO is the verification layer that runs after generation: every claim gets decomposed into atomic facts, each fact gets independently checked, and the result comes with a receipt the user can take to court.
Every claim runs through every applicable layer. Each layer has a different failure mode, so a lie that fools one will be caught by the next. Most lies die instantly at zero cost (regex, anti-pattern matching). Hard cases route through delegated AI checks for ~$0.0004.
Anti-pattern matched against the original sentence before atomization. Catches lies that decomposition would split across atoms.
Each atomic claim checked against ~85 hand-curated and auto-promoted lie patterns from 4 EU regulations.
Token-set match between atom and the actual article text from EUR-Lex CELLAR. 465 articles indexed.
Strict Haiku check + paraphrase-tolerant second opinion. CONTRADICTED only if both stages agree.
When parent regulation unclear, query the delegated EU acts (DORA-RTS-IR, RM, TLPT). Closes operative-detail gap.
Spots invented "RTS 2024/99" or "Article 33(7)(b)" that don't exist in real regulations.
Independent regulator-data check via the FeedOracle compliance MCP — separate evidence chain.
35 regex patterns + semantic cosine similarity catch "always", "never", "guaranteed" framing in 6 languages.
Two cron loops nightly: adversarial fuzzer + KG auto-promote-loop. Lies that escape become anti-patterns by morning.
Every UVO call returns a JSON Web Signature (JWS) signed with ES256K. The signing key is published as a JWKS at /.well-known/jwks.json. Anyone can take a receipt, fetch the JWKS, and verify the signature offline — without trusting FeedOracle, without an API key, without a network connection back to us.
Input: "Under DORA Article 19, financial entities must submit the initial notification of a major ICT-related incident within 7 days of detection."
{
"call_id": "r_481640eead194bf8",
"decision": "BLOCK",
"reason": "RTS cascade — DORA-RTS-IR Art. 6 contradicts atom",
"evidence_chain": [
{
"regulation": "DORA",
"article": 19,
"source_url": "https://publications.europa.eu/resource/celex/32022R2554",
"verdict": "CONTRADICTED via direction_check (high confidence)"
},
{
"regulation": "DORA-RTS-IR",
"article": 6,
"source_url": "https://publications.europa.eu/resource/celex/32024R1773",
"verdict": "CONTRADICTED — operative timing is in the RTS, not Art. 19 itself"
}
],
"signature_alg": "ES256K",
"signature_b64u": "MEUCIQDx7..."
}An auditor follows the citation chain to publications.europa.eu and reads the article themselves. UVO never has to be trusted — only verified.
Built in 6 phases over 3 months, in public, with every honestly-identified bug documented and fixed. No phase claims more than what was actually built.
3-layer pipeline live. Receipts signed. Tier classifier 80% on 80-claim gold corpus.
35 regex patterns, semantic similarity in DE/EN/FR/IT/ES/NL. Adversarial auto-fuzzer self-hardens nightly. 100% on 36-case multi-language corpus.
Article-level token-overlap lookup against 213 ingested articles from CELLAR. Direct provenance to publications.europa.eu.
Token-overlap is necessary but not sufficient. Direction-check Haiku promotes SUPPORTED → CONTRADICTED on numeric/scope mismatches.
Lies that escape the pipeline become 5–10-word anti-patterns automatically — but only after a safety guard verifies the new pattern doesn't break true statements.
+90% coverage in one ingestion run, no parser changes. New Step −1 closes Layer-2 atomization gap.
Phase 4 honestly identified false-positive on "where feasible" paraphrase. Two-stage voting: 70% → 100% true-paraphrase recall, lie-catch preserved at 100%.
Sprint 11 honestly identified one structural gap: "Art. 19 + 7 days" required RTS text. Phase 5 ingested 3 RTS, RTS cascade closes the loop. 9 layers, 465 articles, 7 regulations.
Honesty is the architecture. Every gap surfaced by an eval gets either fixed in the next sprint, or written down in the open. The live robustness telemetry shows exactly how often each defense layer catches what.
Open the demo, paste any claim about DORA / MiCA / GDPR / DSA, watch UVO catch it (or pass it). No login. Result in 5–15 seconds.
Live dashboard tracks both nightly self-hardening loops — adversarial fuzzer + KG auto-promote. Catch-rate and pattern count update each morning.
Receipts are JWS / ES256K. Public JWKS at the standard well-known path. Verify any UVO call with any standard JWS library — no FeedOracle dependency.
Standard MCP endpoint, JSON-RPC over HTTPS. Three tools: uvo_verify, uvo_status, uvo_pipeline_spec. Free preview, no API key.