Armalo Build Trust Receipts โ SOC2 and ISO 27001 control mapping
Armalo Labs Research Team
Abstract
A control-mapping reference for security teams evaluating how Armalo Build trust receipts provide verifiable evidence for SOC2, ISO 27001, EU AI Act, and NIST AI RMF review workflows.
A reference for security teams evaluating whether Armalo Build trust receipts satisfy their existing compliance controls. The receipt itself does not grant a certification โ it provides cryptographically verifiable evidence that maps to specific control objectives.
SOC2 Trust Service Criteria
CC6.1 โ Logical and physical access controls
The receipt records which authenticated DID produced each file change. The DID is rooted at did:web:armalo.ai (the platform identity) and uniquely identifies the build run that produced the patch. Access to invoke Armalo Build is gated by API key auth (SHA-256 hashed, scoped permissions).
CC6.6 โ Boundary protection of systems
Every receipt includes the policy gate decisions that fired during the build. The default policy gate set includes:
github.read-repo โ agent may read the customer repo
llm.dispatch โ agent may call configured LLM providers
github.write-branch โ agent may write to a feature branch (not main)
receipt.publish โ receipt may be exposed publicly
Any boundary violation is logged in the receipt's audit trail and either blocks the build or downgrades the jury verdict.
CC7.2 โ Detection of security events
Cite this work
Armalo Labs Research Team (2026). Armalo Build Trust Receipts โ SOC2 and ISO 27001 control mapping. Armalo Labs Technical Series, Armalo AI. https://www.armalo.ai/labs/research/2026-05-12-soc2-iso27001-mapping
Armalo Labs Technical Series ยท ISSN pending
Explore the trust stack behind the research
These papers are built from the same trust questions Armalo is turning into product surfaces: pacts, trust oracles, attestations, and runtime evidence.
Failed policy gates, jury "block" verdicts, and eval check failures are all surfaced in the receipt. The receipt's audit trail is the security event log for the change. Optional: configure a Slack / PagerDuty webhook on build/project.run.completed events to surface failures in real time.
CC8.1 โ Change management
Every code change produced by Armalo Build has a corresponding receipt with:
The change request (spec)
The proposed plan with rationale
Multi-LLM jury approval
Eval check results
Policy gate approvals
Diff hash + signature
This is a complete, immutable change record โ auditable from spec to merged PR.
ISO 27001:2022 Annex A controls
A.5.7 โ Threat intelligence
Receipts capture every LLM provider and model version used. If a model is later attributed to a security incident, you can query all receipts that used it.
A.5.23 โ Information security for use of cloud services
The receipt makes explicit which cloud-hosted LLM was used (Anthropic, OpenAI, Google, etc.). This satisfies the "vendor identification" requirement of CSP risk management.
A.6.6 โ Confidentiality or non-disclosure agreements
The policy gate pii-detection (Enterprise tier) prevents receipts from including PII detected in the diff. The receipt records that the gate fired (yes/no) without leaking content.
A.8.4 โ Access to source code
The receipt's identity binding ties the change to a specific Armalo Build run instance. The DID is non-revocable for that run โ the audit trail cannot be repudiated.
A.8.9 โ Configuration management
The receipt records the exact configuration (jury models, eval check set, policy gate set) under which the change was approved. Configuration drift is detectable.
A.8.16 โ Monitoring activities
Receipts feed build_project_runs and build_project_artifacts โ both queryable via the Armalo API and exportable as a procurement bundle.
A.8.25 โ Secure development life cycle
Armalo Build is itself a secure SDLC: spec โ plan โ multi-LLM jury approval โ policy-gated build โ eval-engine verification โ final jury vote โ cryptographic receipt. Maps directly to OWASP SAMM "Implementation" and "Verification" practices.
A.8.28 โ Secure coding
The eval engine and policy gates enforce secure-coding rules during the build. Failures surface in the receipt with their specific eval check or policy gate identifier.
EU AI Act
Article 11 โ Technical documentation
Every receipt is technical documentation of an AI-produced artifact. It records:
Model identifier and version
Training data provenance (via the model's published card)
Intended purpose (the spec)
Risk classification (via the policy gate set applied)
Conformity assessment (the jury verdict + eval results)
Article 12 โ Record-keeping
Receipts are immutable, signed, and timestamped. The retention policy is "indefinite by default" โ enterprises can configure shorter retention via the API.
Article 50 โ Transparency obligations
The receipt is a transparency artifact. Anyone โ including the affected party โ can verify it. No regulator request required.
NIST AI RMF
GOVERN-1.1 โ AI policies
Armalo Build runs under an explicit pact (@armalo/harness-plugin-enterprise-coder/pact). The pact is hashed and the hash is bound to the receipt's issuer DID.
MAP-2.3 โ System purpose
The receipt's credentialSubject.build.planSummary field documents the intended change purpose in natural language.
MEASURE-2 โ Performance metrics
Eval scores in the receipt are quantitative measurements of the change quality across the 12-dimension composite framework.
MANAGE-4 โ Decommissioning
Receipts persist after a project is decommissioned. Audit continuity is preserved.
How an auditor verifies a receipt
# 1. Fetch the receipt
curl https://armalo.ai/api/v1/trust/build-receipts/<runId> > receipt.json
# 2. Verify it without contacting Armalo
curl -X POST https://armalo.ai/api/v1/trust/build-receipts/verify-external \
-H 'content-type: application/json' \
-d "$(jq -c '{receipt: .}' receipt.json)"
Output includes a verified: true|false flag plus an array of structured reasons (signature_invalid, diff_url_mismatch, etc.) suitable for ingestion by compliance tools.
For procurement teams
The endpoint POST /api/v1/trust/build-receipts/export (Enterprise tier) returns every receipt for an org over a date range, with summary statistics, suitable as direct evidence in:
SOC2 audits โ under CC8.1 change management
ISO 27001 audits โ under A.8.25 secure SDLC
EU AI Act conformity assessments โ under Article 11
Internal AI governance committee reviews
Board AI risk reports
Contact enterprise@armalo.ai for a sample procurement bundle.
Empirical Honesty Note
The numeric examples in this paper's prose are illustrative parameterizations of the framework, not measurements from a deployed study. Where percentages, basis points, dollar amounts, per-agent counts, latencies, or correlation coefficients appear, they are anchor values used to make the model concrete โ they should be read as projections, not as observed values from Armalo production data. This paper predates the claims-registry audit gate (effective 2026-05-13); the honesty note is added retroactively to bring the paper into compliance with the integrity workflow at scripts/audit-research-claims.mjs.
Replication
To produce real measurements in place of the illustrative anchors:
1.Identify each metric as a query against Armalo production tables (agents, scores, pacts, pact_interactions, evals, eval_checks, escrows, transactions, cortex_memories, audit_log, room_events).
2.Commit a measurement script under scripts/research-experiments/<slug>.mjs that executes the query and writes raw output to apps/web/content/research/data/<slug>.json.
3.Update this paper to replace illustrative values with measured values, register them in apps/web/content/research/claims-registry.json with provenance: measurement, and re-run pnpm research:audit to verify.
The production-snapshot generator at scripts/research-experiments/production-snapshot.mjs is a reusable starting point for substrate volumes (agent counts, tier distribution, escrow flow, eval volume, cortex memory volume, room-event volume).
Behavioral Attestations: Cryptographic Trust History for AI Agents at Production Scale
Read paper
Armalo Build Trust Receipts โ SOC2 and ISO 27001 control mapping | Armalo Labs | Armalo AI