This is the no-jargon version of the website. Every other page on fastpace.net is written for engineers and security people. This page is for everyone else — managers, lawyers, auditors, your aunt who wants to know what you do for work.
One read-through ≈ 12 minutes. No code samples. Lots of analogies. We re-define every term as we go and again in the glossary at the bottom.
fastpace is software you install on your laptop, alongside your AI coding assistant. (An AI coding assistant is a program that writes code for you when you ask — Claude Code, Codex, and Gemini CLI are the popular ones in 2026.) When the AI writes code, fastpace quietly watches and writes down what happened, like a court reporter. Later, if anyone asks "did the AI really write this code? Was it allowed to? What did we ask it to do?" — fastpace can prove the answer.
That's it. That's the whole pitch. Everything else on this page is the how and the why.
Think of a busy restaurant kitchen. A chef cooks the meal. A camera on the wall films the kitchen. Health inspectors arrive a month later and ask, "Was the chicken cooked to the right temperature?" The footage is the answer. The chef cooked the food; the camera proved how. fastpace is the camera — for AI writing code instead of chefs cooking food.
AI coding assistants are great at writing code fast. But they create three new headaches that nobody used to have:
When code goes wrong, the company needs to know whether a person or an AI wrote the bad line. Right now, there's no record. It all just looks like "the developer committed code." fastpace keeps a labeled receipt for every AI-written line.
Imagine an intern who wanders into the CFO's office and starts opening filing cabinets. Most companies have rules — "this team can touch these files, that team can't." AI assistants don't naturally follow those rules. fastpace enforces them.
Banks, hospitals, and government contractors get audited. Auditors want paperwork. fastpace Teamduces the paperwork automatically — every time the AI does anything, a stamped, tamper-proof line of evidence is filed.
A new employee at a hospital can't just walk into the pharmacy and start handing out medication. They badge in, the system logs who they are, what they took, and when. That paperwork has been standard for decades. AI assistants have been writing real code for two years with none of it. fastpace is the badge reader.
fastpace is built from five small pieces that snap together. Each piece is simple. The magic is in how they fit.
In medieval times, each lord had a unique wax seal pressed into hot wax to prove a letter came from them. fastpace gives your laptop a digital version of that seal — a long random number called an Ed25519 keypair. It lives in a private folder on your computer. Nothing leaves your machine; the seal stays yours.
Every other piece below gets stamped with this seal. If somebody forges evidence, they can't fake the seal — the math says so.
Imagine an old library where every book checked out is written into a logbook, one line at a time, in pen. The librarian also writes the previous entry's checksum at the start of each new line. If you sneak in and erase yesterday's entry, the chain of checksums breaks — and everyone can see exactly which line was tampered with.
fastpace's audit chain is exactly that. Every time the AI does something, a new line is appended. Each line references the one before it. Tampering shows up immediately when anyone runs the verifier.
Every time the AI writes or edits a file, fastpace prints a
receipt and saves it. The receipt records the
model name (e.g. claude-opus-4.7), the runtime
(Bedrock? Azure? local?), the moment in time, and a one-way
fingerprint of what was asked and what came back.
Important: the receipt does NOT save the actual prompt or the actual response — only their fingerprints (a kind of mathematical summary you can't reverse). Privacy first, evidence second.
Museums put a plaque next to each painting: artist name, date, donor, condition. fastpace adds a similar plaque to every git commit (a "commit" is just a saved snapshot of the code). The plaque is a few extra lines at the bottom of the commit's note that say things like:
That single plaque is enough to walk all the way back to the receipt (brick #3) and the audit-chain entry (brick #2) and the seal that signed both (brick #1).
When you ship a package internationally, you fill out a customs form: what's inside, how much each item is worth, where it came from. Software releases need the same kind of form for AI now. Once a quarter (or per release), fastpace produces a single document — the AI Bill of Materials (AI BOM for short) — that lists every model, every agent, every API used, in a standard format auditors and procurement teams already know how to read.
The format is called CycloneDX-AI. It's an open standard, so the BOM works in any tool that already speaks CycloneDX — which most enterprise procurement tools do.
Each brick rests on the one below. The seal at the bottom signs everything above it.
Five bricks give you evidence. Two more give you safety: rules to prevent the AI from going off-piste, and an alarm for when it does anyway.
A new sous-chef gets handed a sheet that says: "you may use this fridge, this stove, these knives. You may not enter the walk-in freezer. Maximum 4 hours per shift." fastpace's Scope Manifest is that sheet for AI agents.
For each AI agent (the planner, the reviewer, etc.) you declare: which tools it can use, which folders it can touch, which commands it can run, and how much it can do per session. If the AI tries to step outside, fastpace blocks the action before it happens and writes the attempt to the audit log so you can see who tried what.
Even with rules, sometimes things go sideways. fastpace watches each AI agent's typical behavior over the last two weeks (how many files it touches per session, how long sessions last, how many commands it runs). If today's session suddenly looks very different — way more files, way more commands — the circuit breaker trips: the agent is paused until a human checks in.
Just like the breaker box in your house: a normal current flows fine, but a surge pops the switch. The exact threshold (e.g. "2.5 times the normal range") is configurable per company.
Most of the magic happens silently. But there's a deliberate pattern fastpace nudges developers toward — five doors you walk through, in order, for any non-trivial change.
This is what we mean when we call ourselves "spec-driven development, upgraded." Old-school spec-driven development stops at the spec. fastpace keeps walking: spec → design → plan → code → proof.
When you run fastpace init in a project, here's what
actually happens. (You don't need to remember any of these names —
just know they exist.)
A small program named fastpace (alias fp)
you run from a terminal. Tiny — under a megabyte — and ships
with zero outside dependencies, so nothing you didn't ask for
sneaks in via the supply chain.
Things you type to the AI to trigger a named operation:
/fp-write-prd, /fp-prd-to-erd,
/fp-erd-to-execplan, /fp-pr-summary,
/fp-discover, /fp-resume, and about
twenty more. Each one is a recipe — the AI follows the recipe
instead of inventing the steps from scratch.
fastpace ships seven AI personalities, each with a narrow job: planner, prd-guru, erd-guru, execution-planner, reviewer, doc-writer, onboarder. Each has a kitchen-rules sheet (the Scope Manifest). When the lead AI delegates a task, it picks the right specialist.
Tiny programs the AI runtime calls before and after every action. You'd never run them by hand — they fire automatically. They write audit lines, write receipts, scan for secrets in code, block dangerous commands, redact prompts, and so on. Each hook does one job.
A single file called fastpace.config.yaml in the
project's root. Lets you turn hooks on or off, name your
protected branches, list which AI runtimes you allow, and so
on. Plain text, version-controlled — your auditors get a
history of every config change for free.
A folder called fastpace/context/ containing four
living documents: architecture.md (how the
system is shaped), patterns.md (idioms your
team uses), decisions.md (why choices were
made), and glossary.md (your domain terms).
Whenever the AI does something, it reads these first so it
sounds like your team, not like a generic AI.
Run fastpace ui and a small website opens in your
browser. It runs on your laptop — nothing leaves the machine.
It's a window into the files fastpace has been writing in the
background.
Every entry in the librarian's logbook, scrollable, with a green check next to each tamper-verified line. If anyone edited a line by hand, you'd see a red break here.
Every receipt, sortable by AI model, agent, or time window. Click one and you see who signed it, when, against which runtime — but never the prompt itself (because we don't store that).
Short notes about features-in-flight: "if this changes, also change that." Helps the next person (or the next AI) avoid breaking things.
A score from 1 (the AI knows your code) to 5 (the AI knows your team's vocabulary, history, and rationale). The dashboard shows you what to add next to climb the ladder.
All the docs you and the AI have produced, browsable like a wiki. Each one links to the commits it produced and the receipts those commits used.
How often the AI's first try landed without correction. A running grade, per agent, that gets better as your context ladder climbs.
On audit day, fastpace lets the customer answer five questions that previously had no good answer. Each answer is reproducible — the auditor can re-run the verifier and watch the chain hold.
fastpace verify-provenance <commit> →
walks the museum plaque → finds the receipt → finds the
audit-chain entry → returns the proof tree.
fastpace verify → walks every link in the chain
→ reports the line of any break.
fastpace aibom show v1.4.0 → returns the customs
declaration in CycloneDX-AI format. Hand to procurement.
fastpace comes in two flavors under the same brand name. You can start with the free one forever, or upgrade to the paid one with a single command — no reinstall, same binary.
Every trust primitive a single developer needs. Open source. Audit-traced. Yours forever, even if you never pay us a cent.
Limit: single developer, single repo. Beyond that, you'll want Team.
Everything in community, plus the org-level machinery a security team or auditor will ask for once you've got more than one developer.
trust.yourcompany.comFor: any team beyond a single developer, or anyone with a SOC 2 / ISO 42001 / EU AI Act audit on the calendar.
Any team's first 5 seats are free for the first 12 months. Pay only for seat 6 and beyond during year one; the first 5 become billable at the seat anniversary. OSS maintainers and educators get Team free for 12 months, and practicing audit firms get Team free with no seat cap (we'd rather your auditor recommend us than sell to them). Email sales@fastpace.net if any of those describe you.
And if you're enterprise — say, a bank or a hospital with regulatory requirements that don't fit a list — there's a third tier (fastpace enterprise) with air-gapped installs, custom compliance mappings, a named CSM, and an MSA. Pricing is custom; talk to sales.
Equally important — to avoid the sales-pitch effect — here's what fastpace doesn't claim to be.
We don't make the AI; we sit beside it. Bring whichever model you've already approved.
Everything runs on the developer's laptop. Nothing routes through fastpace's servers; we don't have any.
We store fingerprints of prompts and responses, never the text itself. Privacy first.
It's evidence that feeds those frameworks; the framework auditing itself still happens.
We don't grade the code's quality. We prove what produced it. Code review tools sit alongside us.
Every artifact is a plain file in your git repo. If you stop paying us tomorrow, the evidence is yours.
A pocket dictionary for the rest of the website. Each term is defined in one sentence, the way a coworker would say it at lunch.
/fp-write-prd.If you finished this and want to go deeper, here's a suggested order. (None of it requires you to be a developer.)
Still confused? Email us. We wrote this page because someone we love asked us "but what do you actually do?" — if a section here didn't land, tell us and we'll rewrite it.
