AGPL-3.0 reference impl of insurance-decision-record-audit-stream. Coastguard Insurance × VendorI ClaimsTriage v3.x. 2 invariants: scoped human-adjudicator + NAIC Model Bulletin on AI 90-day bias-monitoring window. Completes 10/10 vertical reference impl coverage in the Kinetic Gain Suite.

DefenseTech audit-stream Operator: per-defense-AI-decision events hash-chained for DFARS 252.204-7012 + CMMC 2.0 + NIST 800-171/172 + ITAR + EAR + DoDI 5230.24 + NISPOM + False Claims Act. First Suite vertical with 3-axis taxonomy (CUI tier + export control + foreign-person restriction).

Runtime permission broker for MCP tool invocations. Composes AI Procurement Decision Cards into PolicyBundles, applies deny-trumps-allow rules at request time, emits tamper-evident audit-stream events. The runtime enforcement point of the Kinetic Gain Protocol Suite.

Node.js reference implementation of the matter-decision-record-audit-stream spec (LegalTech 6-pack #1). Proves the spec's three orthogonal invariants are MUTUALLY achievable end-to-end (privilege-tier consistency + engagement-letter binding + citation-validation-before-production-ready). Second ref impl in the Suite. AGPL-3.0.

AGPL-3.0 reference impl of GovTech audit-stream. THE FIRST Suite audit-stream with 3 orthogonal invariants: human-agency-officer + Federal AI Use Case Inventory entry + classification-clearance per E.O. 13526. Runs PRFSA × VendorG GovDecide v3.x trajectory end-to-end against mock federal vault + inventory.

AGPL-3.0 reference impl of HR Tech audit-stream. Only Suite audit-stream with TWO truly orthogonal candidate-protection invariants: human-hiring-decision (EEOC + Title VII) + NYC LL 144 candidate-notice with 14-day backward window. Runs MomentumHR × HireAssess v2.x end-to-end.

AGPL-3.0 reference impl of mortgage-decision-record-audit-stream. Pacific Coast Mortgage × VendorR LoanDecision v5.2 trajectory. 2 invariants: UNIVERSAL human-underwriter on adverse-action-capable kinds + ECOA Reg B 30-day adverse-action notice per 12 CFR §1002.9. Kinetic Gain Suite.

Tamper-evident, MySQL-backed governance audit log for WordPress. SHA-256 hash chain (audit-stream-py compatible), one-click verify, optional forwarding to the Kinetic Gain audit-stream spine. GPL-2.0.

Single-binary JWT validator + AI Procurement Decision Card v0.3 reveal-role enforcement gate. Verifies JWTs against JWKS, asks the buyer's signed Decision Card whether the principal's role may reveal the requested field, and emits hash-chained audit-stream events. First Go binary in the Kinetic Gain Protocol Suite.

Auto-detect + route + verify any Kinetic Gain Protocol Suite artifact (Decision Card / Incident Card / Evidence Bundle / audit-stream event / state-tracker event) to the right vertical-specific logic across all 6 vertical 6-packs. Makes the parallel-structure thesis provably code-true. CLI + npm + GitHub Action.

Node.js reference implementation of the fhir-resource-access-audit spec: HAPI FHIR R4 → HIPAA Safe-Harbor vault contract → hash-chained Suite audit-stream → self-verifies against the spec's own JSON Schema. Proves the spec is implementable end-to-end. AGPL-3.0.

AGPL-3.0 reference impl of EnergyTech audit-stream + 2-axis BES/OT-IT vault. Runs Continental Grid Operator × VendorE GridSense 6.x trajectory end-to-end. Anchors the FIRST Suite numeric regulatory wall-clock invariant (CIP-008 1-hour) in working code.

Drop-in audit-stream + Decision Card vault contract SDK for B2B SaaS. Emit hash-chained Suite-compliant audit events, enforce vault contracts before AI tools touch sensitive data, validate Decision Cards. TypeScript-first, dual ESM/CJS, zero runtime deps. Apache-2.0.

InsurTech audit-stream Operator: per-application / claim / pricing AI tool access events hash-chained for NAIC AI Model Bulletin + state DOI examination + NY DFS Circular Letter 7 + CO SB 21-169 + FCRA evidence. ACORD-bridged. human_adjudicator_required invariant. JSON Schema + Node verifier.

Hash-chained event schema + reference verifier for AI tool reads of student records. Bridges CEDS + Ed-Fi semantics to the Kinetic Gain audit-stream. Enforces tokenization, FERPA §99.32 logging consistency, COPPA school-as-agent invariants, Decision Card refs. EdTech-readiness scaffolding, not certification.

EnergyTech audit-stream Operator: per-grid-operations AI-decision events hash-chained for NERC CIP + FERC + TSA Security Directives + state PUC + DOE EO 14028 evidence. Every event carries bes_cyber_system_categorization + ot_it_boundary. First Suite verifier with regulatory wall-clock invariant (CIP-008 1-hour reporting window).

Live procurement-reviewer-grade dashboard for the Kinetic Gain audit-stream spine. Tails SSE governance events, renders per-producer rolling counters, walks the hash chain, cites NIST AI RMF per event kind. Deploys to governance.kineticgain.com.

HR Tech audit-stream Operator: per-hiring / promotion / performance / termination AI tool access events hash-chained for EEOC + ADA + Title VII + ADEA + GINA + OFCCP + NYC LL 144 + IL AI Video Interview Act + MD HB 1202 evidence. Workday/UKG/Greenhouse-bridged. Two invariants: human-hiring-decision + NYC LL 144 candidate-notice.

Postgres extension that emits audit-stream-py-compatible governance events on watched table CRUD via pg_notify, plus a Python LISTEN bridge daemon. The database-tier governance producer for the Kinetic Gain Protocol Suite.

FinTech audit-stream Operator: per-consumer-credit / deposit / payment / fraud / AML / robo-advisor / Section-1071-small-business AI tool events hash-chained for CFPB + OCC + FRB + FDIC + ECOA + FCRA + GLBA + BSA-AML evidence. Two invariants: human-credit-officer + FCRA permissible-purpose. Excludes mortgage + insurance.