NYC LL144 · § 20-870 / 871 / 872

Per-tool-call attestation
for bias audits.

Auto-maps to NYC Local Law 144 § 20-870 / 871 / 872. Cuts the 50% of audit cost that's data plumbing — not statistics. Your AEDT vendors emit signed selection-rate and impact-ratio inputs your firm needs.

Run the audit demo →View on GitHub

the math

40-60% of the audit fee is engineer time, not analysis.

Per-engagement plumbing

Each AEDT vendor exports impact-ratio inputs in a different schema. Your auditors normalise. Repeat per engagement.

Margin erosion

The work you charge $50-100k for is statistical analysis. The work you actually do is half data engineering. CFOs notice.

Vendor liability

When the vendor's input data is mis-shaped, your impact-ratio calculation inherits the defect. Your reputation, their bug.

what changes

Vendor signs at decision time. Your audit ingests the signed bundle.

# vendor side — every screening decision $ attestproto sign \ --agent resume-screener-v3 \ --tool aedt.score \ --input '{"applicant":"a-2731","group":"protected"}' \ --out attestation-2026-05-05-a-2731.json # auditor side — bulk verify + extract impact-ratio inputs $ attestproto verify --bundle vendor-q1.tar.gz # OK: 2,847 signed attestations · 0 invalid · LL144 §20-870 fields complete $ attestproto map --rule nyc-ll144 --bundle vendor-q1.tar.gz # selection-rate ready · impact-ratio ready · 4-fifths threshold flag: amber

NYC Admin Code § 20-870"Bias audit" means an impartial evaluation by an independent auditor… includes calculation of the selection rate and impact ratio for each category.

NYC Admin Code § 20-871(a)An employer or employment agency shall not use an AEDT to screen a candidate… unless a bias audit has been conducted within one year prior.

try it

Sign one bias-audit attestation in your browser.

No install, no account. The keypair is generated client-side and never leaves this page. Same code path as the production CLI.

Generates an Ed25519 keypair in your browser. Nothing leaves this page.

deployment

Self-hosted by default. HR data never leaves your client's stack.

MIT-licensed

Patch it, fork it, run it air-gapped. No callhome telemetry.

Auditor-friendly bundle format

Append-only ledger with hash-chain integrity. Tamper detection is built in.

Reference impl in Python + Node

147 + 15 tests. Vendor integration in <2 hours.

co-design

4 audit-firm seats. 1-hour input on the auditor-side bundle format.

Open-source contribution credit. Free production licence for life. Two slots open.

Email Lex →Other use cases

Per-tool-call attestationfor bias audits.