What Is a Trusted Work Unit (TWU)?

01Definition

A Trusted Work Unit (TWU) is a tamper-evident, cryptographically sealed record of a completed task. It captures who or what performed the work, the full evidence chain from initiation to outcome, and a hash that ensures the record cannot be modified after sealing.

TWUs are the foundational data structure of the Veratrace platform. They serve the same purpose for AI governance that transactions serve for financial accounting: a standardized, auditable unit of record that enables measurement, attribution, reconciliation, and compliance.

The complete TWU specification is documented in the Veratrace Whitepaper.

02Anatomy of a TWU

Each Trusted Work Unit contains a structured set of fields:

Task identifier: A unique reference linking the TWU to the originating task in connected systems

Evidence events: The ordered sequence of actions — inputs received, tools invoked, decisions made, outputs produced — with timestamps and actor identification at each step

Actor attribution: The calculated contribution percentages for each participant — human agents, AI models, automated systems — derived from the evidence chain

Outcome classification: Whether the task was completed successfully, required intervention, failed, or was escalated

Quality score: A policy-derived score reflecting the outcome quality based on configurable rules — confidence thresholds, rework detection, SLA compliance

Sealed hash: A cryptographic hash computed from the complete contents of the TWU, ensuring that any modification after sealing is detectable

The hash is the critical element. Without it, the TWU is a record. With it, the TWU is evidence. The distinction determines whether the record can withstand audit, dispute, or regulatory scrutiny.

03How TWUs Are Created

TWU generation follows a deterministic pipeline:

1.Ingest: Evidence events are captured from connected systems — contact center platforms, CRM tools, AI model APIs, enterprise applications — using shadow-mode capture that does not interfere with production workflows

2.Normalize: Events from heterogeneous sources are mapped to a common schema, with field mappings configurable per connector

3.Assemble: When a task reaches a completion state, the evidence chain is assembled in chronological order with actor identification at each step

4.Attribute: The Attribution Engine calculates contribution percentages using configurable policies — time weighting, edit significance, rework detection

5.Score: Quality scoring rules evaluate the outcome against organizational policies

6.Seal: A cryptographic hash is computed from the complete TWU contents, and the record is written to the immutable ledger

The process is automatic and operates at scale. Organizations processing thousands of tasks per day generate thousands of TWUs per day. The governance overhead is computational, not human.

04Why Cryptographic Sealing Matters

Without cryptographic integrity, work records are assertions — claims about what happened that could be modified after the fact. A vendor could alter an interaction record to improve their reported automation rate. An agent could modify a decision log to obscure an error. A system could overwrite an evidence event during a software update.

The sealed hash prevents all of these scenarios. Once a TWU is sealed, any modification to any field — a changed timestamp, a deleted evidence event, an altered attribution percentage — invalidates the hash. The modification is detectable by any party with access to the record.

This property is essential for AI work verification. It transforms records from assertions into evidence. It enables billing reconciliation by providing an independent, immutable ledger that vendors cannot modify. It satisfies regulatory requirements for tamper-evident record-keeping.

05TWUs as the Unit of Governance

Financial accounting standardized on the transaction as its atomic unit of record. Supply chain management standardized on the shipment. Healthcare standardized on the encounter. Each domain needed a bounded, auditable record that captures a complete unit of work.

AI governance needs the same thing. The TWU serves this purpose. It is bounded (one task, one record), complete (full evidence chain), attributable (actor identification at each step), verifiable (cryptographic seal), and queryable (structured schema enabling aggregation and reporting).

Every governance capability — attribution, reconciliation, compliance reporting, ROI measurement, audit readiness — operates against TWUs. The governance infrastructure is the system that produces, stores, and queries them. The TWU is the unit of analysis.

06Extensibility

The TWU schema is designed to be vendor-neutral and extensible. It supports any enterprise system that produces work events — from contact center platforms and CRM tools to AI model APIs and custom enterprise applications. Field mappings are configurable per connector, allowing organizations to ingest evidence from heterogeneous systems into a common governance framework.

New connectors can be added without modifying the TWU schema. New policy rules can be applied without re-sealing existing records. New reporting requirements can be satisfied by querying the existing ledger. The architecture is designed for the reality that governance requirements evolve — and that the infrastructure must evolve with them without breaking backward compatibility.