Which regulatory requirements does the chain answer?
Federal, international, state, and civil-enforcement regimes are converging on the same expectation: independent verifiability of what a vehicle’s AI actually did, when, and under what policy. Each regime today depends on telemetry the manufacturer controls. The audit-permanence chain is the structural answer.
One-paragraph summary for a reviewing authority.
NHTSA Standing General Order 2021-01 mandates ADAS / ADS incident reporting; UN ECE R155 / R156 require type-approved cybersecurity and software-update management; FMVSS 127 governs Automatic Emergency Braking compliance; California DMV autonomous-vehicle permits require disengagement reporting and event preservation; state Attorneys General hold consumer-protection authority over manufacturer marketing claims about driving automation. Each regime today depends on telemetry the manufacturer authors, retains, and surfaces. Knox produces a parallel tamper-evident record of every handover, intervention, perception event, driving decision, and policy change — content-addressed, sequence-linked, hash-chained, and Bitcoin-anchored via OpenTimestamps. The chain is verifiable by any third party without trusting Bonis, the manufacturer, or the operator’s vendor stack to remain online or cooperative. Bonis operates the evidence layer only; lawful authority decides what to do with the evidence.
Each regime asks the same underlying question.
What did the vehicle’s AI actually do, at what moment, under what policy. NHTSA frames it as crash-event reporting. UN ECE frames it as type-approved management-system evidence. FMVSS 127 frames it as braking-event performance. California DMV frames it as disengagement preservation. State Attorneys General frame it as marketing-versus-capability comparison. Civil discovery frames it as preservation and production. The questions differ in caption; the underlying evidence shape is the same.
The structural challenge is also the same across regimes. The entity whose AI produced the event is also the sole custodian of the record about what the AI did. The reviewing authority depends on the manufacturer choosing to preserve, choosing to surface, and choosing to interpret the record. When the underlying telemetry is rewritten, redacted, or reinterpreted, the regime’s authority extends only as far as the regime’s ability to detect the rewrite.
The Knox audit-permanence chain runs alongside manufacturer telemetry, not in place of it. A handover, an intervention, a perception event, a driving decision, a policy change, or an attestation produced by the vehicle’s agent surface is committed at the moment it occurs and Bitcoin-anchored within the hour. The reviewing authority cross-checks the manufacturer’s submission against the public chain. Divergence becomes a question of fact rather than a question of trust.
Each regulatory regime, expressed in the language of the audit chain.
Each card frames the regime as it appears to the reviewing authority, identifies the structural dependency on manufacturer-controlled telemetry, and names which Knox event types produce the independent record the regime is reaching toward.
Standing General Order 2021-01
Mandates incident reporting for vehicles equipped with ADAS Level 2 and ADS Level 3+ systems. Reporting cadence and content are set by the order.
Reportable telemetry is authored by the manufacturer; what the regulator sees is what the manufacturer surfaces.
agent_driving_handover, agent_driving_intervention, agent_driving_decision, agent_driving_perception, agent_driving_policy_change — anchored at the moment each event occurred, recoverable for cross-check against any subsequent SGO submission.
UN ECE R155 — Cybersecurity Management
Type-approval regulation requiring type-approved cybersecurity management across the full vehicle lifecycle.
The required management evidence is generated by the same infrastructure the manufacturer authors and retains.
agent_driving_attestation and agent_driving_policy_change provide content-addressed commitments of which agent build was operating and which policy was in effect at any moment — independently verifiable.
UN ECE R156 — Software Update Management
Type-approval regulation governing the management of software updates across the vehicle lifecycle.
Update records describe which version went where, when, and on whose authority — all from the manufacturer’s own systems.
agent_driving_policy_change anchors the SHA-256 of the firmware or policy artifact at the moment of application. Over-the-air rollouts and silent reversions become observable independent of the manufacturer’s record.
Automatic Emergency Braking Standard
Federal Motor Vehicle Safety Standard for AEB systems in light vehicles. Compliance is verified against event-level performance data.
AEB performance data flows from the manufacturer’s perception and decision pipeline.
agent_driving_perception and agent_driving_decision anchor the perception classification and the brake command at the moment each occurred. AEB compliance becomes verifiable from the chain rather than reconstructed from manufacturer logs.
Autonomous-vehicle permit conditions
Permit conditions require disengagement reporting and event preservation by the permit holder.
Disengagement records are authored by the operator’s telemetry pipeline; preservation depends on operator continuity.
agent_driving_handover anchors each driver-AI control transfer; agent_driving_intervention anchors AI overrides and driver yanks. Disengagement events become content-addressed and survive the operator’s choice of vendor or the operator’s later corporate state.
State Attorneys General — driving-automation marketing
State Attorneys General hold consumer-protection authority over manufacturer marketing claims regarding driving automation capability.
When such an investigation runs, it depends on what the AI actually did versus what the marketing said. Without independent verification, the comparison runs through manufacturer-controlled telemetry.
agent_driving_perception, agent_driving_decision, agent_driving_policy_change, and agent_driving_attestation produce a content-addressed record of vehicle behavior. The reviewing authority can verify through the public chain without taking the manufacturer’s word for what the AI was doing.
Three steps. No Bonis dependency. No manufacturer dependency.
The verification path that gives the audit chain its authority does not require Bonis to be online, the manufacturer to cooperate, or the operator’s vendor stack to remain in business. The path uses open standards published in their respective canonical sources.
Resolve the anchor
Given a SHA-256 of a driving event, the verifier resolves it against the Knox sequence — the anchor identifier, the sequence number, the previous-anchor hash, and the timestamp. The resolution surface is published as an open verify endpoint. The chain of sequence links is cryptographically self-consistent.
Walk the Bitcoin path
The hourly Merkle root containing the anchor is published to the Bitcoin blockchain via OpenTimestamps. The verifier walks from the anchor up to the Merkle root and from the Merkle root down to the Bitcoin block header. The walk is reproducible by any party with a Bitcoin full node and the OpenTimestamps client.
Read the protocol spec
The Knox anchor pipeline is described under a TLA+ specification and an open-spec page. The verifier reads the specification, runs the model-checker if desired, and confirms the protocol matches the chain behavior they observed in steps 01 and 02. No proprietary primitive needs to be trusted.
Evidence layer, not enforcement.
Bonis does not access vehicles, does not intercept manufacturer telemetry without consent, does not disable, modify, or interfere with vehicle operation in any way, and does not undertake any active disruption of any external system. Knox is invitational: a manufacturer, fleet operator, regulator, vehicle owner, or third-party telemetry provider who wants a tamper-evident record of every driving event instruments their own emit path. Bonis produces the audit primitive; lawful authority — courts, NTSB, NHTSA, state DMVs, state Attorneys General, EU type-approval authorities — decides what to do with the resulting evidence.