Technology Counsel-grade architecture

A six-layer reference architecture. One canonical record. Zero asymmetry.

Dispute resolution only works when all parties trust the process — the same is true for an objective AI tool. Trust is a runtime property here, not a policy. Symmetric processing, citation-grounded outputs, a cryptographic audit ledger, and a deterministic neutrality auditor are built into the stack itself.

Walk the architecture → Security & compliance

01 Six-layer reference architecture

From intake to agreement,
one stack of record.

Every layer is independently auditable. Every layer writes to the SPOC. Models are swappable; the architecture isn't.

Experience

Mediator Console · Counsel Portal · Consumer Web. Three surfaces, one SPOC. Role-based access, signed sessions, full keyboard support.

ReactWCAG 2.2 AA

Orchestration

7-stage pipeline runner. Deterministic state machine over Plan · Intake · Redact · Summarize · Gap Analysis · Resolution · Memorandum. Checkpoints emit signed certificates.

State machineRBAC

Reasoning

Model layer. Citation-grounded retrieval; symmetric prompt construction; per-party processing in isolated contexts. No model output ships without a source anchor.

BYOKModel-agnostic

SPOC

Single Point of Consistency. One canonical case object. Every output reconciles to it. Versioned, immutable history, cryptographically chained.

Append-onlySHA-256 chain

Trust

Deterministic neutrality auditor. Verifies symmetry on every output before it's surfaced. Verifies privilege boundaries. Failures block, don't paper over.

DeterministicBlock-on-fail

Platform

Tenant-isolated infrastructure. Per-tenant encryption keys (BYOK supported). Region-pinned storage. Subprocessors are published; counsel can pin a list.

SOC 2 Type IIISO 27001GDPR

02 Responsible AI · By construction

Symmetric.
Citation-grounded.
Auditable.

Three runtime properties — not three checkboxes. If any of them fails, the matter doesn't advance.

≡

Symmetric processing

Both parties receive identical prompts, scoring rubrics, and access. A deterministic auditor verifies symmetry on every output before it surfaces. No "AI helps the prepared side more."

Citation-grounded

No paraphrase without an anchor. Every claim in every deliverable links back to intake, statute, or prior comparable matter. If retrieval fails, the model abstains rather than hallucinates.

Counsel-grade audit trail

Every prompt, every output, every sign-off is hash-chained. Exportable as JSON or PDF. Defensible under counsel review and admissible under standard evidence rules.

Principle

"AI proposes, you dispose."

Mediators hold the final say at three checkpoints per matter. The platform does not draft settlement language that the mediator hasn't reviewed; it does not release redaction sets the mediator hasn't approved; it does not score claims the mediator can't override.

03 Security & Privacy

Privilege is a runtime component.
Not a policy.

Tenant isolation

Per-tenant keys. Region-pinned storage. No cross-tenant retrieval, ever. Subprocessors are listed and counsel can pin them.

BYOK encryption

Bring-your-own-key option for firms with KMS already in place. AES-256 at rest; TLS 1.3 in transit; envelope encryption on documents.

Privilege boundary

Per-party context isolation enforced at the retrieval layer. The model cannot see Party B's documents while reasoning about Party A's claims.

No vendor training

Matter data never trains third-party models. Internal model improvements use opt-in, anonymized, mediator-reviewed telemetry only.

Right to delete

Parties may request matter deletion at any time. SPOC is purged; audit hashes retained for the statutory minimum, then expunged.

Disclosure standard

Parties are told an AI tool is in use, what it does, and what it cannot do. Plain-language disclosure, jurisdiction-aware, signed before intake opens.

04 Compliance posture

Where we are, plainly stated.

Phase-based language only. We don't claim certifications we haven't earned. Pre-release functionality is labeled "Launching" or "Future."

SOC 2 Type II

Currently · Audit in progress

Type I evidence collected; Type II window opens Q3 2026.

ISO 27001

Launching · 2026

ISMS scoped; statement of applicability drafted with Phase 1 design partners.

GDPR · EU-US DPF

Currently

DPA template available; EU subprocessors listed; data residency on request.

HIPAA

Future · Phase 2

In scope when medical-bill dispute vertical (#10) launches.

NIST AI RMF

Currently · Govern + Map

Risk register maintained; Measure + Manage functions roll out Phase 2.

State Bar disclosure

Currently · NY · CA · UT · TX

Jurisdiction-specific AI-disclosure language; updated as state rules evolve.

05 Marketplace & integrations

Add what you need.
One click.

JusticeX.ai is the case-of-record, and the connectors are a marketplace — a menu of click-to-enable, role-gated add-ons, so each person sees only what fits. Turn one on and it connects in a click; enabling it fires the consent and redaction checks automatically — the click can't skip the privacy fence. Add a tool two ways: we provide it, or connect an account you already own for a flat fee. Public resources are free for everyone; licensed attorney-grade research stays in the attorney path via your own account. Every third-party tool is vetted before it's offered, and where it integrates it pushes — not pulls — to keep the record authoritative.

Practice mgmt

Clio · MyCase · PracticePanther

Connect your own · matter sync, deadlines

Financial

QuickBooks · Plaid

Asset / income / business valuation · consent-gated

Docs & intake

Google Drive · Box · Microsoft 365

Included · redacted on ingest

eSign

DocuSign · Adobe Sign

Provided or your own · executes the Memorandum

Court data

CourtListener · Trellis

Public · all roles · reference only

Court filing

NYSCEF · Tyler · Odyssey eFile

Launching · NY · 2026

Identity

Okta · Azure AD · Google SSO

SAML 2.0 · OIDC

Attorney research

Westlaw · Harvey · Everlaw

Attorney path · your own license · no resale

06 Trust packet

Counsel review · Security review · DPA.

A packet for your security and legal team: architecture diagram, subprocessor list, DPA template, neutrality-audit methodology, and pen-test summary.

Request the trust packet → See the pipeline →