Why it matters How it works Use cases Pricing Docs Research Resources Verify Dashboard Generate a certificate →

Measure · Optimize · Prove

Proves the
physical truth
behind AI.

Every AI workload becomes a signed, anchored,
hardware-attested record.

Verifiable by auditors, regulators and infrastructure teams —
without trusting Serial Alice.

NVML + RAPL · Dual-source validation · Ed25519 + ML-DSA · Polygon anchored · Offline verifiable

Verify a certificate → Generate your own →

847,291 certificates anchored on-chain

CSRD · EU AI Act · GHG Protocol · ISO 14064 · ISO 50001 · SBTi · BREEAM · CBAM · Ed25519 + ML-DSA · Polygon mainnet · Offline-verifiable forever

The trust chain

From AI workload to public proof — in seven layers.

Each layer is independent. Each is cryptographically bound to the next. Any tampering at any step breaks the chain and invalidates the proof.

Each evidence flag is part of the signed canonical payload.
Flip one bit → signature invalid → Merkle leaf invalid → anchor invalid.

Verify a real certificate → View standalone diagrams & download for slides ↗

Trust posture

Three levels.
Earned, not claimed.

Every certificate declares a posture computed from the evidence actually present, not from what the operator says is present. The score decides the tier.

Verification ladder 0.00 - 1.00

hardware_attested Score ≥ 0.80. Three or more independent sources, cross-validation passed.

cross_checked Score ≥ 0.40 or dual-source agreement. Measurement has peer validation.

self_reported Default posture for uncorroborated measurements. Useful baseline, not proof.

Tier 03 ≥ 0.80

Hardware attested

Independent evidence sources are signed into the canonical payload. Cross-validation passed, so the posture is earned instead of asserted.

Tier 02 ≥ 0.40

Cross checked

At least two sources agree on the measurement. A single sensor with no peer validation cannot land in this tier.

Tier 01 0.00+

Self reported

The operator declared the value. It remains auditable as a starting baseline, but it is not treated as physical proof.

Failed evidence is recorded but never increases the score. Posture is upgrade-only: a certificate never silently downgrades.

Independent evidence sources

NVML · RAPL · Signed exporter · Machine fingerprint · TEE quote

Ed25519
+ ML-DSA

Hybrid PQC signature

FIPS 204-ready ML-DSA · Ed25519 classical signature

Polygon

Mainnet anchored

Merkle batch · public calldata · permanent

100%

Offline-verifiable

~30-line Python script · no API call required

Why it matters

AI has a physical cost.
Today, nobody can prove how much.

Energy and emissions are reported in spreadsheets, exported from vendor dashboards, and reconciled by hand. Auditors trust the operator; regulators trust the auditor; everyone trusts the chain of paperwork.

Serial Alice replaces that chain with cryptographic evidence — measured at the hardware, signed at capture, anchored on-chain.

Status quo

Reporting today

Trust the paperwork.

01 Self-reported consumption in spreadsheets and PDFs
02 Audit trail depends on vendor honesty and human signatures
03 Numbers editable retroactively, no cryptographic baseline
04 Data locked inside vendor portals — no portable proof
05 CSRD and EU AI Act compliance requires manual reconciliation

Active · live

With Serial Alice

Verify the math.

01 Energy signed at capture — NVML, RAPL or smart meter
02 Anchored on Polygon mainnet — immutable, public, dated
03 Any byte changed invalidates the signature instantly
04 Portable proof — verifies offline, even years later
05 CSRD, EU AI Act, GHG and ISO bundles — one API call

This is not monitoring.
This is verifiable efficiency infrastructure.

Every watt measured. Every workload optimized. Every proof verifiable.

One system. Any energy source.

Built on a universal energy measurement and verification engine — spanning GPUs, servers, and physical infrastructure.

Measure anything that consumes energy

GPU / CPU

NVML, RAPL

Power meters

PDU, Modbus, SNMP

Buildings

BMS, SCADA

Cloud

AWS, GCP, Azure billing

Industrial

OPC-UA, production lines

Any API

Custom adapters

How it works

Measure → Attribute → Optimize → Sign → Anchor → Verify.

Six stages — fully automated. Each one is part of the signed canonical payload, so any tampering breaks every downstream proof.

Measure

Hardware-level capture at sub-second resolution. NVML for GPU, RAPL for CPU and DRAM, signed exporter sidecars for tamper-evidence at the source.

agent · /v2/attestations

Attribute

Workload-level attribution by cgroup, PID, scheduler binding, or CPU-time share. Per-tenant, per-model, per-session — no shared aggregates.

cgroup · sched · machine_id

Optimize

Energy Savings Agent computes safe GPU power-limit reductions, applies them, measures real impact, reverts if it breaks throughput.

/v1/optimization/sessions

Sign

SHA-256 canonical hash, then hybrid Ed25519 + ML-DSA signature. Post-quantum-ready from day one. Key id attached.

Ed25519 + ML-DSA · FIPS 204

Anchor

Merkle roots committed to Polygon mainnet in batched transactions. Calldata SERIAL-ALICE-BATCH:<id>:<root>.

/v2/anchor/batches · Polygonscan

Verify

Anyone, with or without an API key. The offline bundle replays every layer in a 30-line Python script. No service dependency.

/v2/verify · /v2/certificates/{id}/bundle

The output

One signed, anchored,
verifiable record.

Six stages collapse into a single canonical object: hardware-measured, signed at capture, anchored on Polygon. That object is what a court, a regulator or a counterparty inspects — without trusting us.

Trust score

0.80 / 1.0

Posture

hardware_attested

Anchor

Polygon mainnet

Verifies offline

30 lines of Python

See a real certificate → Browse trust-chain diagrams ↗

Live verification

Don't trust us.
Verify.

This certificate can be verified without trusting Serial Alice.

Cryptographic signatures · independent hardware sensors · on-chain anchor.

Paste any certificate ID below — or open the full public verifier:

Open /v2/verify →

serial-alice verify

Live

Certificate infrastructure

Mainnet

Polygon blockchain — real, permanent

<200ms

Certificate issuance time

Offline

Verifiable — even without us

Proof of value · RTX 5090 · Anchored on Polygon

Same hardware.
3.29× the useful work per watt.

FP32 → FP16 on an RTX 5090. Same silicon, same workload type, real NVML telemetry sampled at sub-second resolution.

+229% efficiency gain — cryptographically signed, Merkle-batched, anchored on Polygon mainnet. Not estimated. Not self-reported. Verifiable by anyone, forever.

Anchored · Polygon block #60,842,193

3.29× TFLOPS per Wh

From 0.92 TFLOPS/Wh on FP32 → 3.03 TFLOPS/Wh on FP16

cert sa-3d14cdfa2e3b4d5796d94c30cd898b43 ✓

3.29× TFLOPS per Wh

+229% Efficiency gain

RTX 5090 FP32 → FP16 · on-chain

5/5 Evidence sources signed

Verify this result → Inspect the raw certificate ↗

block #60,842,193 · root 0x9c2a…ac02

The proof exists on the blockchain.
Independent of us, forever.

Every certificate is verifiable without contacting Serial Alice.

No API call. No account. No dependency on us — ever.

Download the bundle. Verify offline. The math doesn't lie.

Measured. Verified. Provable. Not estimated. Not self-reported.

View live verification →

Use cases

Built for infrastructure that audits itself.

From a single GPU rack to a 50 MW data centre, the same canonical certificate carries through. One signature standard, one Merkle batch, one verification path — regardless of scale.

AI & GPU clusters

Certify every inference call, training run, and fine-tuning job. Per-request energy attribution for LLM APIs — scoped to tenant, model, and session. EU AI Act Article 51 compliant from day one.

LLM inferenceGPU meteringEU AI Act

Buildings & facilities

Floor-level energy certification via BMS and smart meters. Prove consumption by zone, tenant, or equipment type. BREEAM and ISO 50001 ready.

BMSISO 50001BREEAM

Industrial facilities

FORTEX reads directly from Modbus and SCADA systems. Certify energy per production line, per shift, per product. GHG Protocol Scope 1 ready.

FORTEXModbusGHG Scope 1

ESG & compliance

Auditors get machine-readable, cryptographically signed bundles. No spreadsheets that can be altered. Every number traceable to a raw meter reading.

CSRDGHG ProtocolISO 14064

Energy & trading

Attach verifiable production certificates to renewable energy contracts. Buyers get cryptographic proof of origin — not a promise on letterhead.

RECsGoOPPA

Supply chain

Scope 3 emissions require energy data from suppliers. Give your partners one API call to certify their consumption and pass it upstream — verified, signed, anchored.

Scope 3CBAMsupplier API

Compliance

Built for compliance
from day one.

Designed to survive audits, not just generate reports.

CSRD-ready. GHG-aligned. ISO-compatible. Every certificate is structured for audit, export, and regulatory validation — automatically.

CSRD GHG Protocol ISO 14064 ISO 50001 EU AI Act SBTi BREEAM CBAM

CSRD — large EU companies & listed SMEs

Structured exports ready for corporate sustainability reporting. One API call, full regulatory package.

EU AI Act — Article 51

Energy traceability for high-risk AI models. Per-model, per-inference certification.

GHG Protocol — Scope 1/2/3

Cryptographic evidence for all three scopes. Scope 3 certifiable via FORTEX across your supply chain.

Due diligence & legal

FORTEX co-signature creates audit-grade proof for M&A, contracts, insurance, and litigation.

Independent counter-signer

FORTEX

Serial Alice signs the measurement.
FORTEX signs the validation.

Two keys. Two organisations. One bundle. Either signature can be verified without the other — a structural separation that holds up in court, audit and cross-border due diligence.

Use it when a single-issuer certificate is not enough — M&A, insurance, regulator submissions, contractual proof.

Get started with FORTEX →

Hardware-native integration

FORTEX reads directly from meters, Modbus, and SCADA — no manual export, no intermediary CSV. Data is signed at the point of capture.

Independent co-signature

FORTEX signs with a separate key from Serial Alice. The bundle contains both signatures — verifiable independently by any third party.

CSRD reporting out of the box

Combined FORTEX + Serial Alice bundles are structured for CSRD, SBTi, and GHG Protocol. One API call, full regulatory export.

FAQ

Questions auditors,
engineers and CFOs ask.

Short, specific answers. Each one cross-links to the technical page that goes deeper.

What is AI energy attestation, in one sentence?

Energy attestation is the act of signing a hardware-measured energy reading at the moment of capture and anchoring its hash on a public blockchain — so the number cannot be altered, forged or denied later. Read the full explainer →

How is this different from a carbon offset?

Carbon offsets buy down emissions after they happen — usually with credits whose provenance is opaque. Serial Alice is upstream of carbon accounting: it provides the verifiable energy reading that any carbon calculation will then derive from. A verifiable efficiency gain on a real workload is structurally stronger than an equivalent volume of offset credits.

How is this different from an energy-monitoring dashboard?

A dashboard is a UI on top of telemetry — it answers "what was the value yesterday?" An attestation is a signed record that answers "can you prove what the value was, and that nobody changed it since?" Monitoring is observation; attestation is evidence.

Do I need to trust Serial Alice to verify a certificate?

No. Every certificate's signature is verifiable against the issuer's public key (published at /v2/issuers, mirrorable). The Merkle inclusion proof and Polygon anchor are independent of our database. Download the offline bundle and verify it in ~30 lines of Python with no API call. Try the public verifier →

What hardware does the agent need?

For GPU measurements: any NVIDIA GPU with NVML available (essentially every datacenter and workstation GPU since Kepler). For CPU + DRAM: Intel/AMD CPUs with the /sys/class/powercap RAPL interface (most x86_64 servers and workstations since Sandy Bridge). The agent runs on Linux and Windows; no special permissions on the kernel beyond what NVML/RAPL already expose.

Does it work for cloud workloads on AWS, Azure or GCP?

Yes. The agent reads NVML and RAPL inside the guest VM, which is the same place your training code already runs. Hyperscaler virtualisation passes NVML through to GPU instances. For environments without RAPL access (some shared-tenant VMs), the dual-source fallback uses cloud billing exports as the secondary source.

What does "hardware_attested" actually mean?

A trust score ≥ 0.80 — earned by combining at least three of the five evidence sources (dual-source NVML × RAPL, signed exporter, machine fingerprint binding, TEE quote). Posture is upgrade-only: a certificate never silently downgrades, and self-asserted upgrades are impossible. Read the trust posture page →

How long does issuance take? How long does verification take?

Issuance is typically under 200ms from API call to signed certificate available. On-chain anchoring is batched, usually within minutes (the certificate is fully verifiable cryptographically before the anchor lands). Offline verification of a bundle is a few milliseconds — a 30-line Python script with no network I/O.

Can a certificate be revoked or changed?

Certificates are append-only. To correct an error, you supersede the old certificate with a new one — both records remain visible and the supersession is itself a signed, anchored event. Revocation works the same way: the revocation is a public, dated event the verifier can see. No silent deletes.

What happens to my certificates if Serial Alice goes out of business?

They keep working. The cryptographic primitives that anchor a certificate — Ed25519 + ML-DSA signatures, SHA-256 Merkle proofs, the Polygon anchor — do not depend on us being online. The offline bundle contains everything needed to verify, in any tool, in any jurisdiction, for as long as the chain exists.

What goes on the blockchain? Is sensitive data public?

Only the Merkle root of a batch goes on-chain — a 32-byte hash that reveals nothing about the underlying certificates. The signed certificate itself never touches the chain. The transaction's calldata reads SERIAL-ALICE-BATCH:<id>:<merkle_root> and proves the root was committed at the block's timestamp.

How does this satisfy CSRD reporting?

Each certificate provides the primary evidence ESRS E1 expects, signed at capture and anchored on a public timestamp. The structured export returns CSRD-ready XBRL plus the per-certificate verification bundles auditors sample from. Audit hours collapse because the auditor's job becomes verifying a sample, not reconciling a spreadsheet. Read the CSRD page →

How does this satisfy EU AI Act Article 51?

Article 51 requires GPAI providers to disclose training compute and energy. Serial Alice produces per-training-run AND per-inference signed certificates that the AI Office (or any third party) can verify without contacting the provider. This is structurally what the regulation will accept under enforcement; spreadsheet disclosure will not. Read the EU AI Act page →

Can I use this for GHG Scope 3 supplier data?

Yes — that is one of the highest-value use cases. Suppliers issue signed certificates from their own infrastructure (with their own signing key), and you re-derive your Scope 3 number from primary evidence rather than spreadsheets and PDFs. The same primitive answers CBAM at the customs border. Read the Scope 3 page →

What does verification cost?

Nothing — verification is free and always will be. Issuing certificates is metered by plan (see Pricing below). No per-verification charges, no auditor fees, no API key required to verify someone else's certificate.

Pricing

Priced like infrastructure.
Audited like a primitive.

Every plan includes hybrid Ed25519 + ML-DSA signing, Merkle batching, Polygon anchoring, transparency log inclusion, and unlimited offline verification. Verification itself is — and will always be — free and public.

Developer

€99

per month