Mirrored from filpgf.io — ProPGF Batch 3 (Karma program 1479, application 6a1c7c525109f944c4d16bab, status: pending). Contact details redacted; canonical application lives on filpgf.io. 1.1 Project Name ProvenanceLayer 1.4 Team Lead/Point of Contact Maheswaran Velmurugan , Full-Stack Blockchain Developer & Protocol Infrastructure Engineer , Telegram: @maheswar1412 1.5 Category [ "RFPs (Coming Soon)" ] 1.6 Open Source Status Partial 2.1 Project Summary AI teams are sitting on a compliance time bomb. The EU AI Act requires documented, auditable training data provenance — and most teams have no way to prove their datasets weren't tampered with after the fact. ProvenanceLayer is a paid product that solves this: AI teams submit datasets, get a tamper-evident provenance certificate backed by Filecoin PDP proofs, and can hand that certificate to auditors, regulators, or rights-holders on demand. The certificate is an onchain artifact — dataset CID, PDP proof, timestamp, and audit trail — verifiable by any third party without trusting us. Revenue flows through Filecoin Pay per dataset submitted. We have a confirmed pilot user in AI security who will use ProvenanceLayer for training data audit within the first milestone window. 2.2 Who does this work support? [ "Network Infrastructure", "Application Users", "Application Builders" ] 2.3 Total Funding Requested (USD) 95000 2.4 Milestones & Budget [ { "title": "Milestone 1 - Core Product: Provenance Certificate Engine", "description": "Build the core pipeline. AI teams upload a dataset through the web app, the system generates a PDP proof via Filecoin Warm Storage, mints an onchain certificate on FVM (dataset CID, proof hash, timestamp), and collects payment through Filecoin Pay per submission. A verifier contract is deployed on Filecoin mainnet so any auditor or regulator can check a certificate's validity without touching the UI and without trusting us.", "dueDate": "2026-08-31", "fundingRequested": "$40,000", "completionCriteria": "Web app is live and accepting real dataset uploads. PDP proof is generated and stored for every submission. Onchain certificate is minted per dataset with a transaction hash as verification. Filecoin Pay payment rail is active and collecting per-dataset fees on mainnet. Verifier contract is deployed and publicly callable by any third party. At least one pilot user from an AI security background has submitted a real dataset and provided written feedback on the compliance workflow." }, { "title": "Milestone 2 - Compliance API and First Paying Customers", "description": "Ship a REST verifier API so auditors and regulators can verify certificates programmatically without using the UI. Add certificate metadata fields covering licensing info, data source declarations, and contributor attestations. Onboard the first paying customers under a basic SLA. Publish a one-page compliance brief mapping ProvenanceLayer certificates to EU AI Act Article 10 training data documentation requirements.", "dueDate": "2026-10-31", "fundingRequested": "$35,000", "completionCriteria": "Verifier API is live with public documentation. Certificate metadata fields are live in the product. Minimum two paying customers have signed agreements. EU AI Act compliance brief is published. API is returning verified proof status against real mainnet certificates." }, { "title": "Milestone 3 - Scale and Ecosystem Validation Report", "description": "Onboard the third paying customer. Add bulk dataset submission for teams managing large corpora. Publish the end of grant report covering certificates issued, total data volume provenance certified, Filecoin Pay deal volume generated, and customer feedback. Open source the verifier contract and proof infrastructure under MIT license.", "dueDate": "2026-12-31", "fundingRequested": "$20,000", "completionCriteria": "Three paying customers are in production. Bulk submission feature is live and tested on mainnet. Total certified dataset volume is published onchain. Verifier contracts are open sourced with a public repo. End of grant report is published with real Filecoin Pay deal volume numbers and customer feedback." } ] 3.1 Impact pathway Every dataset submitted through ProvenanceLayer triggers a paid Filecoin deal via Filecoin Pay and mints an onchain certificate backed by a PDP proof. That is the output.The outcome is that AI teams now have a auditable, third party verifiable record of their training data at a point in time. Their compliance team can hand a certificate ID to a regulator or auditor who verifies it onchain without trusting us. That changes the relationship between AI teams and Filecoin from "interesting infrastructure" to "product we need for compliance."The impact flows across all three objectives. Every certificate issued is a direct paid deal on Filecoin, moving Objective 1. Each paying customer is a named enterprise AI team, exactly the flagship client profile Objective 3 targets. As deal volume from this segment grows, SP revenue and network economics strengthen, which is Objective 2. The key shift is that the demand is compliance driven, not crypto native, which means it is recurring and grows as EU AI Act enforcement tightens through 2026 and 2027. 3.2 Verification metrics | Metric | Data Source | How It's Measured | Target (End of Grant) | |---|---|---|---| | Paid Filecoin deals via Filecoin Pay | Filecoin Pay onchain contract logs | Deal count from ProvenanceLayer's payment rail wallet address on mainnet | 50 paid deals | | Provenance certificates issued | FVM certificate registry contract | Count of certificate records minted by ProvenanceLayer's contract address | 50 certificates | | Paying customers in production | Signed agreements and onchain wallet activity | Unique customer wallet addresses with active payment rails | 3 paying customers | | Total data volume certified | FOC dataset registry | GB stored under PDP proofs originating from ProvenanceLayer submissions | 1TB certified | 3.3 References Balasubramaniyan, AI Security Engineer - [redacted] Confirmed pilot user. Works directly with AI systems and training data pipelines. Has agreed to use ProvenanceLayer for training data provenance auditing in his work. Jagadeeshan, Software Engineer - [redacted] Early adopter and technical reviewer for ProvenanceLayer. 4.1 Monthly Operating Burn [ "$10-$100K (small team)" ] 4.2 What % of total team monthly burn depends on this grant? 75% 4.3 If this grant is not awarded, what happens? ProvenanceLayer does not ship on this timeline. The EU AI Act compliance window is narrow and AI teams are making tooling decisions right now for 2027 audits. We would continue part time but miss the window where being the first verifiable provenance product on Filecoin matters. The market does not wait and a 12 month delay means competing against solutions that are already in production with paying customers. 4.4 Core Team Maheswaran Velmurugan , Founder and Lead Engineer Full stack blockchain engineer with a track record of shipping production infrastructure solo. Delivered both Arbitrum Foundation Stylus-Toolkit milestones on time with 224 NPM downloads and 32.6% gas reduction benchmarked. Built the Rootstock Python SDK published to PyPI and the Rootstock Agentic DeFi Framework, an MCP server with a 5 rule policy enforcement engine. The verifier architecture in ProvenanceLayer comes directly from that work. Polkadot Blockchain Academy graduate and Superteam India member. Smart contract security researcher with 20 plus confirmed findings across Sherlock, Code4rena, Cantina and Immunefi including High severity reports on Ammplify, Super DCA, Merkl and SukukFi. The security background is directly relevant here since designing tamper evident systems and catching proof verification gaps is the same skill applied to a product context. GitHub: github.com/soloking1412 4.5 Has your team received a ProPGF grant or funding from PLFIF before? [ "No" ] 5.1 Key risks & dependencies Customer acquisition is the primary risk. The product itself is buildable given prior work on onchain proof systems and policy enforcement engines. The harder question is whether AI teams will pay before EU AI Act enforcement creates urgency at scale. To address this we are targeting teams already in active regulatory conversations rather than teams waiting to see how enforcement plays out. One design partner locked before Milestone 1 completion changes the trajectory significantly. Filecoin Pay and PDP stability are core dependencies. Both are live on mainnet but still maturing post launch. We implement directly against published contract ABIs rather than high level wrappers, which is the same approach the Synapse SDK uses internally and gives us a stable surface even when higher level tooling changes. EU AI Act enforcement timing could shift short term demand. If enforcement is delayed the compliance urgency argument weakens temporarily. The provenance use case has parallel demand independent of EU enforcement though, including dataset licensing disputes, copyright litigation from rights holders, and enterprise buyer audit requirements that exist regardless of regulatory timelines. Solo delivery carries execution risk on a product that involves real customers. The scope is sequenced to manage this. Milestone 1 delivers a working product, Milestone 2 adds paying customers, Milestone 3 scales. Each milestone is independently valuable if the next one slips. Anything else you want to share that we didn't ask? The verifier contract architecture in ProvenanceLayer is not being designed from scratch. The Rootstock Agentic DeFi Framework we shipped uses the same pattern of onchain state commitments verified by external callers with a policy enforcement layer on top. That work is the direct predecessor to what ProvenanceLayer's verifier does. We are porting and extending a proven architecture, not experimenting with a new one. The decision to open source the verifier contracts is strategic, not just a grant requirement. If the verification primitive is auditable and forkable, regulators and auditors will trust the output. A proprietary verification system does not solve the compliance problem regardless of how well it works technically. The product layer being proprietary is fine. The proof layer being open is necessary. We are also aware this is a moment where timing matters more than perfection. EU AI Act Article 10 compliance requirements are not theoretical — enterprise AI teams are having these conversations with legal and compliance departments right now. Being the first verifiable provenance product live on Filecoin with paying customers in 2026 creates a reference point the ecosystem benefits from beyond just our own traction. We intend to treat Batch 3 as the start of a longer relationship with the ecosystem, not a one-time grant. Objective 1 Direct Objective 2 Indirect Objective 3 Direct Open Source Context Verifier contracts and proof infrastructure fully open source (MIT). Product frontend and API layer are proprietary. The verifiability primitive must be auditable by anyone; the product layer doesn't need to be.