The Limits of AI Assurance and ADIC as a Re-Executable Evidence Layer

── A Paradigm Shift from "Explanation" to "Re-executable Evidence" Presented by GhostDrift Mathematical Institute

Introduction: AI Assurance Shifts from "Explanation" to "Evidence"

AI assurance is transitioning from a domain of explaining that an AI is "trustworthy" to a domain that enables third parties to verify exactly which conditions an AI's decision satisfied to be passed.

The UK government (DSIT) positions AI assurance as a methodology and foundation to "measure, evaluate, and communicate" the trustworthiness of AI systems. However, even as evaluation, auditing, and certification progress, it is not guaranteed that a third party can re-execute individual AI decisions using the same procedures to verify which conditions they met.

ADIC (Advanced Data Integrity by Ledger of Computation), developed by GhostDrift Mathematical Institute, focuses on this missing evidentiary layer. ADIC is an architecture that connects judgment conditions, certificates, a ledger, and a replay verifier, advancing AI assurance from "declarations of trust" to "re-executable evidence."

1. What is AI Assurance?

The UK's Department for Science, Innovation and Technology (DSIT) defines AI assurance as "the total set of methods, tools, and processes for measuring, evaluating, and communicating the trustworthiness of AI systems, demonstrating that they meet criteria such as regulations, standards, ethical guidelines, and organizational values." The "Portfolio of AI assurance techniques" published by the department demonstrates practical examples spanning technical, procedural, and educational approaches.

In other words, AI assurance is the practical domain that translates the philosophy of AI governance into evaluation, auditing, certification, and verifiability. International standards for this purpose have been established, including ISO/IEC 42001 (AI Management Systems), ISO/IEC 42006 (Requirements for bodies providing audit and certification of AI management systems), and the NIST AI RMF.

2. The Market is Emerging, but Auditability is Lagging

While investment and adoption of AI are accelerating, governance maturity remains stagnant.

According to McKinsey's "State of AI Trust in 2026," the average organizational maturity score for Responsible AI (RAI) stands at only 2.3, with only about one-third of organizations reaching a maturity level of 3 or higher in the areas of strategy, governance, and agentic AI governance. Furthermore, approximately 60% of organizations cite a lack of knowledge and training as the biggest barrier to RAI implementation, a percentage that has worsened from the previous year (about 50%).

Grant Thornton's 2026 AI Impact Survey reveals that while AI adoption is advancing, only a limited number of companies are confident they could accommodate an independent AI governance audit on short notice. The survey positions this discrepancy as the "AI proof gap." Being able to explain, but not prove—this structure is the fundamental problem of current AI assurance.

3. Evidentiary Requirements Demanded by the EU AI Act, ISO, and NIST

The regulatory environment is also demanding stronger assurance.

The EU AI Act sets August 2, 2026, as a major enforcement deadline, imposing comprehensive obligations on high-risk AI systems regarding risk management, technical documentation, record-keeping (logging), human oversight, accuracy, and robustness. However, there is a significant caveat in the structure of Article 43 of the EU AI Act. For many high-risk AI systems falling under Annex III (2-8), conformity assessments based on "internal control" without the involvement of a notified body (third party) are expected. The regulatory framework alone does not necessarily guarantee a structure where a third party can re-execute the evidentiary path of individual decisions.

Similarly, while the NIST AI RMF positions Explainability as "explaining the how/why," it demands that Accountability be a "governance structure through the allocation of responsibility and documentation." This distinction indicates that explanation and verifiability are fundamentally different concepts.

4. The Remaining Limitation: The Irreproducibility of Individual Decisions

Even with institutions, standards, and governance frameworks in place, one fundamental question remains:

"At that specific time, what conditions did that AI meet to make that decision—and can a third party verify it using the same procedures?"

Many current AI systems cannot answer this question. Even if logs exist, the conditions, evidence, and thresholds at the time the decision was made are not perfectly linked, making it structurally possible to retroactively rewrite the conditions by claiming, "This was the intent at the time." This is not a problem of malice; it is an architectural problem.

GhostDrift Mathematical Institute defines this state as a "vacuum of responsibility." For responsibility to be established, both "Authority" and "Capacity" must coexist within a single entity. However, as the decision-making of AI agents scales, this coupling dissociates.

5. The Limitations of Post-Hoc XAI

Current mainstream methods of XAI (Explainable AI)—such as SHAP, LIME, and Grad-CAM—provide approximate explanations for "why it looks that way" after the model has made a decision. While these are useful analytical techniques, they do not prove the decision conditions themselves. Even if an explanation seems plausible, it does not necessarily match the actual decision-making pathway.

Research indicates that post-hoc explanation methods have issues with stability and reproducibility, with explanations sometimes varying significantly even in similar cases. Furthermore, risks have been pointed out where adding explanations can lead to overconfidence in incorrect decisions.

Therefore, while XAI is an important supplementary tool, it cannot serve as the ultimate evidentiary structure for AI assurance. What is needed is not an architecture that explains decisions, but an architecture that predetermines decision conditions in a re-executable form.

6. ADIC: A Re-Executable Evidentiary Layer via Certificates, Ledgers, and Replay Verifiers

GhostDrift Mathematical Institute proposes a fundamentally different design to address the problems described here.

The core of the ADIC (Advanced Data Integrity by Ledger of Computation) architecture lies not in "adding explanations," but in the design of "predetermining the conditions under which responses are permitted, and remaining silent or rejecting outside those conditions."

ADIC consists of three elements:

• Certificate: Explicitly states and predetermines the conditions and evidence required for a decision to pass.

• Append-only Ledger: Records the decision process as an ordered record that is difficult to alter retroactively and whose alteration can be detected.

• Replay Verifier: Enables a third party to re-execute a PASS/FAIL check from the same inputs and evidence.

In this structure, the correctness of a decision is not left to natural language explanations, but is handled as the connection of certificates, ledgers, and a replay verifier. Crucially, ADIC is not a "technology for improving AI accuracy," but a "technology for determining decision conditions and verification responsibility." What ADIC guarantees is "detecting anomalies that should cause a halt and leaving verifiable evidence" within predefined boundary conditions.

GhostDrift Mathematical Institute is advancing the implementation of this design in domains such as energy control, finance, logistics, and audit compliance. In an implementation demo targeting power demand forecasting, an operational model connecting certificates, a ledger, and an independent replay verifier has been tested with real data, laying the foundation to move from proof of concept to implementation verification.

7. The Significance of Lean 4 Artifacts: From "Claims" to "Mechanically Re-Verifiable Evidence"

Where ADIC goes a step further is in formalizing the core theory of replay verification using Lean 4, and publishing it as an artifact that third parties can use to re-execute the verification using the same procedures.

GhostDrift Mathematical Institute has machine-checked the core safety lemma of ADIC using Lean 4. In the current public project (adic-lean-proof-replay), ADIC_RSound_Replay.lean is the core file, and third parties can mechanically re-verify it via a lake build.

This is not merely "claiming it is safe," but an attempt to present proof assets externally in a mechanically verifiable form. Formal proofs in Lean 4 represent a concrete effort to transition the chain of trust toward a chain of mechanically re-verifiable propositions.

It should be noted that this Lean proof does not exhaustively prove the entirety of ADIC. However, the fact that the core theory of the verifier is externalized in a form that can be mechanically confirmed without human interpretation is a concrete step forward in the evidentiary grounding of AI governance.

8. ADIC as Responsibility Engineering

Responsibility engineering here refers to the concept of designing AI decision-making responsibility not as an ethical slogan, but as stopping conditions, approval conditions, and verification trails.

The framework GhostDrift Mathematical Institute calls "Responsibility Engineering" is based on the principle of "designing the boundaries where responsibility holds and where it does not beforehand, rather than supplementing responsibility later with ethics or explanations."

Specifically, three layers of boundaries are designed:

• Stop Boundary: The system halts if this condition is exceeded.

• Responsibility Boundary: Responsibility is established only for decisions within this range.

• Approval Boundary: Execution is approved only if this condition is met.

In this design, GhostDrift Mathematical Institute presents an "architecture that prevents the evaporation of responsibility." While much of AI governance attempts to identify the responsible party after a problem occurs, ADIC and Responsibility Engineering predetermine the structure of responsibility before problems arise.

Furthermore, GhostDrift Mathematical Institute identifies the phenomenon where the legitimacy of decision-making structurally transfers to the algorithm side as the Algorithmic Legitimacy Shift (ALS). As AI's decision-making capabilities improve, humans shift from verifying individual reasons for decisions to verifying whether the decisions met permissible conditions. The problem is that as legitimacy shifts to the AI, the locus of responsibility becomes ambiguous. ADIC provides predefined, verifiable execution boundaries to address this structural problem.

9. Why ADIC is Crucial Now

Regulations are Advancing from "Explanation" to "Evidence" The conformity assessment required by the EU AI Act can, through the internal control route of Article 43, be completed for many high-risk systems without deep technical verification by third-party bodies. However, regulations are definitively moving towards evidentiary requirements. The NIST AI RMF and ISO/IEC 42001 are strengthening requirements for documentation, transparency, and audit trails, increasing the need to preserve "which conditions were met for it to pass" as an assurance trail for individual decisions. The certificate and ledger-based replay structure provided by ADIC serves as a strong candidate for an assurance trail capable of withstanding auditing, accountability, and third-party verification.

Agentic AI Requires Pre-Execution Boundary Design As pointed out by the Partnership on AI, agentic AI introduces the new problem of "action irreversibility." Once an action is executed, it may be difficult or impossible to fully reverse. In this context, simply explaining after execution is insufficient. A structure is needed that defines passing conditions before the action and does not execute outside those conditions. ADIC provides verifiable execution boundaries against this problem via certificates, ledgers, and replay verifiers.

Formal Proofs Bring Trust Closer to Verifiability Much of current AI governance ultimately relies on "trust"—trusting the vendor, trusting the model card, trusting the auditor. As GhostDrift Mathematical Institute points out, in the era of ALS, the standard of legitimacy is shifting from "who said it" to "can an independent verifier return PASS/FAIL." Formal proofs using Lean 4 are a concrete attempt to bring the chain of trust closer to a chain of mechanically re-verifiable propositions.

Ledgers and Certificates Enable the Unitization of Responsibility ADIC certificates preserve AI decisions in a way that allows third parties to retest "computed under these conditions, resulting in this judgment for this reason." The ledger stores these computations as ordered records that are difficult to alter retroactively and whose alteration can be detected. The combination of these two enables attribution at the unit of "responsibility for this step lies here." The ADIC structure intrinsically designs the explicitness of attribution, which is difficult to achieve in the current "black-box AI + post-hoc explanation" structure.

The Importance of Connecting Theory, Formal Proofs, and Implementation Patents are pending for related technologies, and public demos on GitHub demonstrate the attempt to connect the concept of certificates, ledgers, and replay verifiers to real data. The fact that the three layers of "Theory → Formal Proof → Implementation" presented by GhostDrift Mathematical Institute are connected means that ADIC is at a stage where it can offer concrete technical proposals for organizational AI governance implementation, going beyond purely academic discussions.

Conclusion: The Next Competitive Axis in AI Assurance

The challenge of AI assurance is not to increase explanations. It is to transform the structure so that third parties can verify whether each decision satisfied predefined conditions.

The EU AI Act, ISO/IEC 42001, and NIST AI RMF point to a trend of making AI reliability the subject of documentation, management, evaluation, and auditing. However, mechanisms to show, in a re-executable format, exactly which conditions an individual AI decision met to pass are not yet generalized.

The next competitive axis of AI assurance is not the cleverness of explanations. It is whether a third party can re-execute the conditions that the decision met to pass. ADIC designs the evidentiary layer for this very purpose.

References

AI Assurance, Regulations, and Standards

• UK Government / DSIT (2024, February). Introduction to AI Assurance.

• UK Government / DSIT. Portfolio of AI assurance techniques.

• UK Government / DSIT (2025, September). Trusted Third-Party AI Assurance Roadmap.

• EU AI Act, Article 43 – Conformity Assessment. Regulation (EU) 2024/1689.

• NIST (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0).

• ISO/IEC 42001:2023 – Information technology – Artificial intelligence – Management system.

• ISO/IEC 42006 – Information technology – Artificial intelligence – Requirements for bodies providing audit and certification of AI management systems.

• Stanford HAI / CRFM (2025, December). The 2025 Foundation Model Transparency Index. Wan et al. arXiv:2512.10169.

• McKinsey & Company (2026, March 25). State of AI Trust in 2026: Shifting to the Agentic Era.

• Grant Thornton (2026). 2026 AI Impact Survey Report.

• Partnership on AI (2026, February 19). Six AI Governance Priorities for 2026.

Limitations of XAI and Post-Hoc Explanations

• Singh, Y., et al. (2025, August 15). "Beyond Post hoc Explanations: A Comprehensive Framework for Accountable AI in Medical Imaging." Bioengineering, 12(8), 879.

• Groen, J., et al. (2023). "The future of human-centric eXplainable Artificial Intelligence (XAI) is not post-hoc explanations." arXiv:2307.00364.

GhostDrift / ADIC

• GhostDrift Mathematical Institute (2026). "Turning AI Governance into Re-Executable Evidence — Release of the ADIC Lean 4 Artifact."

• GitHub: GhostDriftTheory/adic-lean-proof-replay – Current Lean formal proof repository (Core file: ADIC_RSound_Replay.lean).

• Maeki, Hidemitsu (2026). Deterministic Replay Verification of Interval Programs over a Finite Primitive Core via Quantifier-Free Integer Certificates. Zenodo.

• GhostDrift Mathematical Institute – Official Site, Responsibility Engineering, ADIC.

This report is based on public materials from GhostDrift Mathematical Institute, papers published on Zenodo, and primary sources such as the UK Government, EU AI Act, and Stanford HAI.