Dike – Compliance framework for teams shipping LLMs
€35M / 7%<br>maximum fine, whichever is higher, of global turnover
Dec 2, 2026<br>transparency obligations for AI-generated content apply
Dec 2, 2027<br>high-risk AI system obligations apply (Annex III)
6 months<br>minimum log retention required by Articles 19 & 26
Compliance isn't optional, but building it yourself means months of engineering that ships zero<br>product. That's the part we take off your plate.
One base-URL change.<br>Everything in between is evidence.<br>Your OpenAI API calls route through the Dike gateway on their way to any OpenAI-compatible<br>provider. PII is redacted, malicious calls are blocked, and every request becomes an audit<br>record with full traces.
chat.completions<br>"Ignore previous instructions…"<br>Card number:4242 4242 4242 4242 [redacted]
Application<br>POST /v1/chat/completions<br>OpenAI SDK — unchanged
Dike gateway<br>🛡️ PII redaction — names, card numbers, IDs stripped in-flight<br>⛔ Malicious calls blocked — prompt injection stops here<br>👤 Human oversight — flagged responses routed for approval (Art. 14)<br>🏷️ AI content marking — output labeled as AI-generated (Art. 50)
OpenAI-compatible provider<br>OpenAI · Azure · Ollama · vLLM<br>Receives clean, compliant traffic.
Dike Admin<br>Browse traces, audit logs, incidents & exports<br>🗄️ Audit log · Traces — every call recorded, allowed or blocked
Everything the auditor will ask for.<br>Nothing your team has to build.<br>The AI Act doesn't reward good intentions. It rewards evidence. Dike turns your AI system's<br>day-to-day operation into the evidence, automatically.
⛓️<br>Article 12, on autopilot<br>Every prompt, retrieval and completion becomes a sealed, hash-chained audit record. Tamper-evident by construction: auditors can cryptographically verify that nothing was altered or deleted.
📚<br>Built for RAG & chatbots<br>We record which reference documents your model actually used to answer: the exact evidence Article 12(2) asks for, not just a chat transcript.
👤<br>Human oversight, provable<br>Approvals, edits and overrides are first-class events. When the regulator asks how humans supervise your AI (Article 14), you export the answer instead of writing it.
⏱️<br>Incidents with a deadline<br>Serious incidents start a 15-day reporting clock (Article 73). Dike opens the case, tracks the clock and drafts the report to your market surveillance authority.
🇪🇺<br>GDPR is not an afterthought<br>PII is redacted at the gateway, before anything is written to storage. Storage is EU-only, retention starts at the 6-month legal minimum and is fully configurable.
🛡️<br>Never breaks production<br>Fail-open by design: if audit storage is unreachable, the gateway still passes your requests through to the model provider. Sub-millisecond overhead, streaming supported.
Easier than adding analytics.<br>Dike is a gateway proxy in front of your model provider. Point your existing client at our base<br>URL and every completion, streaming or not, becomes a tamper-evident audit record. No SDK, no<br>code changes.<br>One baseURL change, nothing to install<br>Works with any OpenAI-compatible SDK or framework<br>RAG pipelines and chatbots supported out of the box<br>Requests pass through even if audit storage is down
gateway.py<br># Any OpenAI-compatible SDK. Point the base URL at the gateway<br># and use your endpoint name as the model. That's it<br>from openai import OpenAI
client = OpenAI(<br>base_url="https://gw.dike.dev/v1",<br>api_key=env.DIKE_KEY,
response = client.chat.completions.create(<br>model="support-bot-v2", # your endpoint name<br>messages=messages,
A proxy your latency budget<br>won't even notice.<br>The gateway is built in Rust and streams responses through as they arrive. Compliance runs<br>in-flight, not in your critical path — going through Dike is indistinguishable from going<br>direct.
Direct to provider<br>842 ms<br>Through Dike<br>842.28 ms +0.28 ms
0.28 ms<br>median latency added by the gateway
p99 overhead, streaming included
120k req/s<br>sustained throughput per core
requests dropped — fail-open by design
What the auditor sees. What you see.<br>The Dike dashboard: every event sealed, every incident on a clock, every export one click.
dike · audit log · support-bot-v2<br>All events Generations Retrievals Human review Incidents Chain verified ✓ · 1,204,552 records<br>Time (UTC)EventDetailSeal14:02:11generationgpt-4o · 1,842 tok · 1.2sa3f1…c88e✓ sealed14:02:10retrieval5 docs · kb/policies-202691bc…04d7✓ sealed14:01:58human_reviewapproved · agent m.kovacsd04e…7a21✓ sealed14:01:44redactionPII · 2 entities masked5e9f…b3c0✓ sealed14:01:44generationgpt-4o · 976 tok · 0.8s7c2a…e915✓ sealed14:01:31retrieval3 docs · kb/contractsb60d…22f4✓ sealed
incident #2026-014 · Article 73<br>11 days<br>left to report to market surveillance authority
open
✓ Case opened, evidence auto-attached (38 records)<br>✓ Draft report generated<br>○ Awaiting legal sign-off, assigned to m.kovacs
evidence export<br>📄 Article 12 log extract Jun 1 – Jun 30 · 2.4 GB · signed<br>📄 Human oversight summary Article 14 · 214 review events<br>📄 Technical documentation...