P2 · Verifiable AI

Let AI Use Internal Documents Without Touching the Raw Data

Hide the document original and sensitive data
Prove the AI holds only the facts it needs to decide

Keep confidential documents encrypted while passing AI only the needed facts/attributes — with proof. The AI never touches raw PII or originals, and what it used remains provable after the fact.

AI-adopting enterprises (cross-industry) · Manufacturing · Finance · Public sector 5 min read
live in production since 2025 · Public-infrastructure PoC in production · ETHGlobal AI Agents 2026 Finalist
01 · THE PROBLEM

Three voices from the front line.

  • IT / InfoSec

    “We want AI in our workflows, but handing internal documents to a model or outside is too risky — so it's stalled”

  • Digital transformation / business unit

    “The PoC succeeded — but production sign-off is stuck with governance”

  • CISO / internal audit

    “We have no way to reconstruct or explain what the AI referenced at audit time”

02 · THE SHIFT

Hand over the source, or just the facts?

Change what reaches the AI, and the leakage risk goes with it.

Without Lemma
Hand over the original
name:
Taro Tanaka
address:
Shinagawa, Tokyo…
contract:
Plan A
date:
2024-08-15
id:
09xxx-xxxx-xxxx
↓ all of it goes to the AI / outside
With Lemma
Hand over just the facts
agent:
did:lemma:agent-contract-classifier
modelId:
claude-3.7-sonnet
policyHash:
0x71c5…
inputCommitment:
0xb4e2…
outputCommitment:
contract tier = A
satisfiesPolicy:
true
ZK verified:
✓ VALID
↓ only the necessary facts to the AI

The document stays encrypted, and the AI receives only the necessary facts and attributes — with proof. The model never touches raw PII or the original. Because the AI can prove it used only that fact, you can later explain what it referenced without disclosing the source.

See the technical details ↗
03 · HOW TO CHOOSE

Choose on three criteria.

Only work that needs all three at once — pass without exposing, independent verification, tamper-proof — is Lemma's domain.

Method Pass without exposing Independent verification Tamper-proof
Access control only
Masking / anonymization
Encryption only
Lemma (ZK proof)the only one with all 3
04 · HOW IT WORKS

What's next

We enter through AI-adoption and data-governance support and a PoC, and stay alongside you through to operations.

  1. A 30-minute review — identify document sets / workflows stalled by leakage fear.
  2. Narrow to 1–2 decisions (results) to prove — e.g. "contract tier A," "credit tier at or above" — the facts passed to the AI. Not the originals.
  3. Design connection and versioning — connection to your document platform / AI-RAG pipeline, and source-version fixing.
  4. Prove one path via a (quote-based) PoC.
  5. Hands-on support from rollout through operations — existing plan tiers (Civic / Critical / Compliance) serve only as a cost reference; the setup and pricing are designed together.

Tell us one workflow where "want AI but scared of leakage" applies, in the first 30 minutes. No disclosure of sensitive data required.

05 · RELATED

Related use cases

Still have questions? See the FAQ →

The bigger picture

The bigger picture this use case belongs to.

We map use scenarios across industries and workflows by the four axes.

See use scenarios for Verifiable AI in Solutions →

TRY LEMMA

Run it yourself.

No sales call needed — start hands-on with Lemma's products.

Try Seal → Trust402 reference implementation →