# NoahAI Technical Whitepaper

Version: v1.9  
Updated: 2026-07-12  
Type: Public technical baseline

## 0. Executive Summary

NoahAI is an AI decision infrastructure for finance, not an auto-trading promise engine.

Its operating principles are:

- explainable judgment,
- clear responsibility boundaries,
- replayable logs,
- risk-first execution control.

## 1. Scope and Purpose

This document defines NoahAI's public technical baseline.

Included:

- architecture and operating layers,
- judgment/execution separation,
- logging, XAI, and replay model,
- security and governance,
- KPI framework,
- recent operational updates.

Excluded:

- return guarantees,
- performance marketing claims,
- internal sensitive controls.

## 2. Problem Statement

Financial decision environments repeatedly face:

- information asymmetry,
- continuous monitoring burden,
- emotional bias,
- lack of auditable decision records.

NoahAI addresses this by structuring decision environments rather than giving opaque one-shot answers.

## 3. Identity and Responsibility Boundary

NoahAI is not:

- an asset custodian,
- a discretionary manager,
- an investment advisor.

NoahAI provides judgment assistance and risk controls.
Execution and fund movement are performed by user-controlled accounts and external exchange/broker APIs.

## 4. Architecture

NoahAI uses a 7-layer architecture:

1. Market Data Layer
2. Account State Layer
3. Decision Layer
4. Risk & Guardrails Layer
5. Execution Bridge Layer
6. Logging & Report Layer
7. Feedback Loop Layer

This layered model separates concerns and supports operational traceability.

## 5. Judgment/Execution Separation

- AI generates decision candidates and rationale.
- Execution occurs only under user policy and external API constraints.
- Success/failure/blocked outcomes are all logged.

This enables:

- explainability,
- auditability,
- reproducibility.

## 6. Data and Logging Model

Core event objects include:

- DecisionLog,
- MarketSnapshot,
- RiskEvent,
- ExecutionResult,
- XAITrace.

Data principles:

- minimum necessary collection,
- separation between personal and operational data,
- retention and anonymization policy,
- separation of source logs and aggregate reporting.

## 7. XAI and Replayability

XAI is treated as an operational accountability requirement.

NoahAI provides:

- human-readable rationale for decisions,
- post-hoc traceability,
- version-tagged policy comparison.

Replayability is supported through input-state logging and versioned decision context.

## 8. Security and Compliance

Security baseline:

- user assets/API keys remain user-controlled,
- minimized server-side data footprint,
- access separation and audit logs,
- masking and anonymization where required.

Compliance baseline:

- non-discretionary/non-custodial boundary disclosure,
- aligned disclosure and consent flows,
- explicit consent evidence for anonymized operational analytics.

## 9. Operational KPI Framework

KPI is used as operational health instrumentation.

Examples by layer:

- Auth: login/session/health-check events,
- Decision: inference completion and latency quality,
- Execution: order success/failure taxonomy and holding metrics,
- Operations: deployment reflection time and incident recovery.

KPI changes require synchronized update across collection schema, server aggregation, and UI.

## 10. Recent Baseline Updates (2026-07)

- Auth portal policy page and onboarding path alignment,
- separated consent items at signup with evidence storage,
- one-command/manual deployment standardization,
- update UX and exchange verification guidance improvements.

## 11. Enterprise Adoption View

Key enterprise evaluation points:

- clear responsibility boundaries,
- audit/replay readiness,
- security control and access separation,
- standardized deployment and recovery,
- explainable decision records.

## 12. Limits and Roadmap

Current limits:

- adapter complexity across heterogeneous APIs,
- environment-level performance variance,
- conservative rollout policy for advanced learning features.

Roadmap:

- stronger adapter verification automation,
- tighter KPI disclosure alignment,
- end-to-end traceability across policy, consent, and deployment logs.

## 13. Conclusion

NoahAI's core value is not short-term return claims.
It is operationally reliable AI decision infrastructure with:

- safety,
- explainability,
- replayability,
- clear responsibility boundaries.

## 14. Public Documentation Policy

- Public technical documents do not expose internal/private paths.
- Sensitive operational details remain in internal-only documentation.
- Every public revision must update version/date/change baseline.
