Blog — MEOK AI Labs

Q: What is 49 days to the EU AI Act Article 50 cliff — and what we're doing about it?

2026-06-14 · Nicholas Templeman · EU AI Act Article 50 MEOK

Q: Why we chose Ed25519 over RSA for compliance attestations?

2026-06-13 · Nicholas Templeman · Ed25519 cryptography MEOK

Q: What is The 32-server MCP fleet: how MEOK got from 0 to compliance-as-a-service in 4 days?

2026-06-12 · Nicholas Templeman · MCP architecture fleet

Articles from the MEOK AI Labs team on the EU AI Act, sovereign AI infrastructure, Ed25519 attestations, MCP compliance, and the .ai brand.

49 days to the EU AI Act Article 50 cliff — and what we're doing about it

2026-06-14 · Nicholas Templeman · EU AI ActArticle 50MEOK

On 2 August 2026, the EU AI Act Article 50 transparency obligations land. If your company builds, deploys, or resells any AI system whose outputs reach EU users, you're in scope. The trigger is the user, not the HQ. Fines start at €15M or 3% of global turnover.

Most UK companies I talk to think this is "someone else's problem" — until the regulator asks for an attestation on 3 September. The scary part isn't the disclosure. The scary part is being asked for a signed, machine-verifiable audit trail and not having one.

That's why MEOK exists. compliance.meok.ai · the keystone · £199/mo Pro

Why we chose Ed25519 over RSA for compliance attestations

2026-06-13 · Nicholas Templeman · Ed25519cryptographyMEOK

A PDF audit report is a screenshot. It can be edited in Acrobat, re-saved, and forwarded with no chain of custody. When a regulator asks "show me your Article 50 attestation as it was on 2 August 2026," a PDF has no answer.

We issue every audit as an Ed25519-signed JSON-LD attestation:

Public key registered to your legal entity
Hash of the audit payload (scope, models, findings, remediation state)
Signature verifiable offline with pip install meok-attestation-verify
Anchor to a transparency log so it can't be backdated

Why Ed25519 over RSA? Smaller signatures (64 bytes), faster verification, no padding oracle history, and it's what sigstore and the major supply-chain attestation frameworks (in-toto, SLSA L3) use. Why JSON-LD over a PDF? Because a regulator — or a procurement team in your supply chain — can verify the signature, the schema, and the revocation status in a single curl.

Article 50 doesn't prescribe this. The EU AI Act's implementing acts specifically allow machine-readable formats. We picked the format that survives a 7-year retention requirement without rotting.

The 32-server MCP fleet: how MEOK got from 0 to compliance-as-a-service in 4 days

2026-06-12 · Nicholas Templeman · MCParchitecturefleet

When we started MEOK, compliance was a 6-week PDF audit costing £40-80K from Big-4. Today it's a 4-day signed attestation costing £4,950, installable with pip install eu-ai-act-compliance-mcp.

The key was the 32-server MCP fleet. Each MCP is a specialised compliance surface — eu-ai-act-compliance-mcp for risk classification, dora-compliance-mcp for 5-pillar audit, uk-ai-bill-compliance-mcp for 100% readiness scoring, etc. They all share the same signing substrate (the keystone at meok-attestation-api.vercel.app) and the same wire format (Ed25519 + JSON-LD).

Try it: pip install meok-governance-engine-mcp + a free-tier /sign call → instant signed attestation. Pro £199/mo gets you unlimited calls + auditor-verify-able Ed25519 receipts. Subscribe.

Why MEOK is sovereign UK infrastructure (and why that matters)

2026-06-11 · Nicholas Templeman · sovereigntyUKdata residency

CSOAI Ltd, UK Companies House 16939677. 100% Nick Templeman. Built from a 6.5-acre farm in the UK. Not VC-backed. Not acquirable. No exit pressure.

Why sovereign UK? Because the EU AI Act's data governance duties (Article 10) are real, and the EU AI Office is going to start asking where your training data lives, where your model weights are stored, and where your audit trail is anchored. The answer "us-east-1" is not going to satisfy them.

The MEOK Sovereign AI OS is sovereign end-to-end. Persistent memory stored encrypted on UK infrastructure. Multi-LLM routing through OpenAI, Anthropic, Google DeepMind, Mistral — but the orchestration, the audit, the compliance, the verification, all live in the UK. CSOAI Ltd. UK 16939677. 100% Nick. csoai.org

How a UK challenger bank got a regulator-grade signed Article 50 attestation in 4 days

2026-06-10 · Nicholas Templeman · case studyfintech£165K saved

A UK-headquartered challenger bank (~1,200 staff, FCA-authorised) came to us with a Deloitte quote: £180K, 8-week turnaround for an Article 50 audit. We did it for £15K, 4 days, with a signed Ed25519 attestation their regulator can verify with curl.

Their credit-decisioning model is a black-box gradient-boosted ensemble — exactly the kind of high-risk AI under EU AI Act Annex III (3). They needed a signed cert that says "this model is in scope, here are the 7 obligations, here's the documentation, here's the verification URL." We produced it. Their procurement team now shows it to every EU enterprise customer in onboarding.

Read the full case study: proofof.ai/case-studies/fintech

The .ai brand: why one domain absorbs every hive

2026-06-09 · Nicholas Templeman · brandarchitecture

MEOK.ai isn't a domain. It's a brand that absorbs every hive. proofof.ai (trust). csoai.org (council). compliance.meok.ai (centre). wowmcp.ai (gaming). hive (SOV3). One meok.ai brand, ten live sub-domains, one sovereign UK company (CSOAI Ltd, 16939677).

Why? Because the alternative is fragmentation. Different domains, different brand voices, different founders, different stories. The user has to figure out who's behind each. With MEOK, you have one trust anchor, one verification chain, one Founder Office Hour, one .ai.

Same lesson as Apple, Google, Amazon — the platform that wins is the platform that absorbs the most verticals without losing coherence. MEOK.ai is that platform. CSOAI is the independent trust surface. csoai.org is the council. Same 100% Nick.