Sencor AI

Intellectual property

The patent portfolio.

The research establishes the argument. The substrate implements it. The patents protect what makes it work. Sencor AI has filed twenty-three patents at the UK Intellectual Property Office — eleven in the first wave, six in the second, six in the third. Together, they describe the mechanisms required to apply the scientific method to AI at global scale.

Why patent

So verification infrastructure stays open and neutral.

Verification infrastructure for AI is going to exist. The only question is whether it will be open and neutral, or whether incumbents will lock the ecosystem into proprietary platforms. Within 48 hours of Sencor AI's first filing, two AI verification startups announced a combined $36 million in funding. The category is forming fast.

The patents protect the structural position of neutral verification infrastructure. They also establish the commercial foundation. SWIFT charges every institution that uses it, and that revenue maintains its independence. Sencor AI operates on the same principle.

Patent the mechanisms; publish the knowledge. The twelve papers are published for open access. The patents ensure no one can capture verification infrastructure. The publications ensure everyone can learn from it. The revenue ensures the honest broker remains independent.

First wave — eleven, filed

The verification machine

P01Structural Gating Claim Layer. AI agent outputs cannot propagate unless a verification condition is satisfied. This is not checking after the fact — it is a structural gate.
P02Cryptographic Receipt Chain. Every output receives a cryptographic receipt bound to its predecessors, forming a tamper-evident chain. Any reader can verify integrity without reference to an external authority.
P03Grounded Self-Improvement Loop. When the system finds an operational issue, it converts the finding into a structured task. Resolution is verified against real-world outcomes, not proxy indicators.
P04Verification Intelligence System. The umbrella patent covering the full coordinated architecture — verification as a structural layer rather than a bolted-on feature.
P05Progressive Architectural Enforcement. Conventions are progressively hardened into architectural constraints that the system enforces automatically, with autonomous regression remediation.
P06Lapse-Period Reliability Flagging. When a component degrades, outputs from that period are flagged with a reliability qualifier that travels with them to every downstream consumer — without revoking them or destroying the audit record.
P07Coordinated Injection Sequence Detection. A series of individually clean writes from the same source can collectively corrupt the substrate. This patent detects coordinated injection by aggregating signals over a sliding window per source.
P08Self-Improving Verification Loop. Self-modification proposals are verified before they take effect — closing the feedback loop that makes the scientific method work.
B03Cross-Source Coordinated Injection Detection. Extends P07 to attacks distributed across multiple apparently independent sources, catching campaigns that no single-source check would flag.
B04Improvement Safety Bounds. Under self-modification, verification rigour can only increase, never decrease. Agent authority can only narrow, never expand. The system is structurally prevented from weakening itself.
P11World Model Verification. For AI systems that predict physical states — robotics, autonomous vehicles, simulation. Predictions are cryptographically committed before ground truth arrives, then checked against physics constraints.

Second wave — six, filed

Scaling, learning, and authority

Scaling verification

D01Multi-Substrate Quorum Verification. A single checker is a single point of failure. D01 replaces it with multiple independent checkers — each maintaining its own records, its own rules, its own cryptographic chain. Output releases only when a configurable number agree. When they disagree, the disagreement is recorded as a permanent, queryable fact.
D02Substrate Selection by Trust Tier. Not all checkers are equally reliable. D02 routes verification work according to trust — high-stakes decisions to higher-trust checkers, routine work through lower-trust ones. Downgrade is automatic when integrity flags a problem.

Learning from adversaries

D14Learning Injection Signatures. The detection system learns from its own history. When the same attack pattern appears repeatedly, the system proposes a named signature. A human authorises it before it becomes a detection rule. The system learns by proposing; the human decides by authorising.

Bias

P13Four-Layer Bias Measurement. Measures AI bias across four layers: demographic, epistemological, scale-appropriateness, and verification-integrity defects. Each test is a matched pair isolating the bias signal from noise.
P12Inference-Time Bias Correction. Corrects measured bias without retraining the model or rewriting the user's input. A proxy adds framing cues that make implicit context explicit. Corrections that fail are automatically demoted. The layer's workload is a live readout of residual bias — it disappears as the model improves.

The authority question

P09Emergent Authority. There is no permissions table. An agent's authority is the shape of what it has successfully gotten verified over time. Read the history and you have read the authority — there is nothing else. Authority cannot be transferred, self-promoted, or administratively overridden. It is an emergent property of the cryptographic record.

Third wave — six, filed

Training, protocol, and resilience

Learning from verified outcomes

P14Verification-Grounded Model Training. The substrate becomes the training signal. Rather than learning from human preference labels, a model is reinforced by what the substrate actually verified — distilling from multiple teachers against cryptographically confirmed outcomes instead of proxy rewards.

An AI-native protocol

P15AI-Native Substrate Communication Protocol. A communication protocol built for AI systems rather than people. Every message carries its own cryptographic verification intrinsically, so agents exchange claims that are checkable at the protocol layer — verification is part of the wire format, not bolted on afterwards.

Cryptographic resilience

P16Crypto-Agile Substrate and Live Chain Migration. When a cryptographic primitive weakens — as quantum computing threatens — the whole chain of past receipts would normally be invalidated. This migrates a live claim chain across a change of primitive without breaking continuity, so the audit record survives a change of algorithm.
P18Rejection-Oracle Adversarial Verification. The substrate's own rejection predicate is used as an adversarial cost oracle: an attacker must pay a verification cost the substrate defines, making manipulation economically bounded rather than merely detected after the fact.

Bias, at the substrate layer

P17Substrate-Native Model-Agnostic Debiasing. Bias is measured and corrected by analysing the stream of verified claims the substrate already produces — model-agnostic, requiring no retraining, and stratified by the world-model context in which each claim was made.

Evidence and procedure

P19Evidence-Type-Conditioned Verification. Different kinds of claim require different kinds of proof. The verification procedure is selected from the type of evidence a claim rests on — matching the method and rigour of checking to what would actually establish it.