> ## Documentation Index
> Fetch the complete documentation index at: https://docs.qwedai.com/llms.txt
> Use this file to discover all available pages before exploring further.
# QWED Legal: deterministic verification guards for legal AI
> QWED Legal is a deterministic rejection layer that verifies dates, amounts, and structured legal claims, failing closed when proof is impossible.
**Deterministic verification guards for computational legal claims.**
> Block unproven legal claims before they become liabilities.
## What is QWED-Legal?
QWED-Legal is a verification layer for **deterministic, computational legal claims**. It is designed to sit between untrusted LLM or workflow output and any downstream legal action.
QWED-Legal verifies only what can be deterministically proven, such as:
* **Date calculations** (business days, holidays, leap years)
* **Liability arithmetic** (cap percentages, tiered amounts, indemnity multipliers)
* **Structured contradictions** between modeled clauses
* **Citation format** for supported reporters
* **Provenance metadata** (hash integrity, disclosure markers, allowed models)
Interpretive legal reasoning is **not** automatically trusted. When proof is not possible, the correct outcome is to reject the claim or mark it unverified.
```bash theme={null}
pip install qwed-legal
```
## Verification boundaries
QWED-Legal operates under strict limits:
* Only deterministic claims can be verified.
* Ambiguous or interpretive output is rejected or marked unverified.
* Legal reasoning is **not** assumed correct without proof.
* If something cannot be proven, it must not pass.
QWED-Legal is **not**:
* a legal reasoning engine
* a source of legal truth
* a replacement for lawyers
* a contract drafting or review platform
* a guarantee that every legal output can be verified
## Guard coverage
Not every guard provides full formal verification. Some operate on partial rules or structured validation and should **not** be treated as complete legal proof.
| Guard | Status | What it checks |
| ----------------------------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **DeadlineGuard** | `DETERMINISTIC` | Date arithmetic and business-day calculations for supported, structured inputs |
| **LiabilityGuard** | `DETERMINISTIC` | Cap and tiered amount computations for supported numeric inputs |
| **ClauseGuard** | `PARTIAL / HEURISTIC` | Limited text-based clause consistency and contradiction checks (explicit Z3 path is deterministic) |
| **CitationGuard** | `PARTIAL / HEURISTIC` | Citation shape / format validation, not authoritative existence proof |
| **JurisdictionGuard** | `PARTIAL / HEURISTIC` | Structured checks around governing law and forum combinations |
| **StatuteOfLimitationsGuard** | `MIXED` | Deterministic date arithmetic over a parsed limitation-period lookup; the lookup itself is `PARSED`, not authority proof |
| **IRACGuard** | `PARTIAL / HEURISTIC` | IRAC structure and consistency checks, not proof of legal reasoning |
| **FairnessGuard** | `HEURISTIC / FAIL-CLOSED` | Counterfactual consistency signal only; **never** returns `verified=True` — fairness cannot be proven by text substitution (requires an external LLM client) |
| **ContradictionGuard** | `MIXED` | Deterministic Z3 SAT/UNSAT over a limited set of modeled clause categories; unmodeled inputs fail closed |
| **ProvenanceGuard** | `DETERMINISTIC` | SHA-256 hash integrity, disclosure markers, model allowlist, timestamp validity |
A valid result from a `PARTIAL / HEURISTIC` or `MIXED` guard does **not** mean the underlying legal claim is correct. It means the claim matched a supported structural pattern, or that a deterministic sub-computation succeeded over parsed inputs.
## Verification traces
As of **v0.4.0**, every guard returns a `verification_trace` — an ordered list of `VerificationStep` records that make each decision auditable. A trace is **not** a narrative explanation. Each step carries an `evidence_type` that classifies *how* its output was derived:
| `evidence_type` | Meaning | `is_proven()` |
| --------------- | ------------------------------------------------------------------- | :-----------: |
| `DETERMINISTIC` | Proven by math/logic (Z3, date arithmetic, exact compare) | `True` |
| `PARSED` | Read/matched from structure or a lookup table — not authority proof | `False` |
| `INFERRED` | Pattern/keyword derived — may be wrong on edge cases | `False` |
| `HEURISTIC` | Approximate/statistical signal | `False` |
| `UNSUPPORTED` | Guard cannot model this input — fail-closed | `False` |
Only `DETERMINISTIC` steps constitute proof. `PARSED`, `INFERRED`, `HEURISTIC`, and `UNSUPPORTED` steps are visible for auditability but must **not** be treated as verification.
```python theme={null}
from qwed_legal import StatuteOfLimitationsGuard, trace_to_dict
result = StatuteOfLimitationsGuard().verify(
claim_type="breach_of_contract",
jurisdiction="California",
incident_date="2020-01-01",
filing_date="2023-01-01",
)
for step in result.verification_trace:
print(step.step, step.evidence_type, "->", step.output)
# JSON-safe export for audit logs (each entry includes an explicit is_proven flag)
serialized = trace_to_dict(result.verification_trace)
```
## Quick example
### Verify a deadline calculation
```python theme={null}
from qwed_legal import DeadlineGuard
guard = DeadlineGuard()
result = guard.verify(
signing_date="2026-01-15",
term="30 business days",
claimed_deadline="2026-02-14",
)
print(result.verified) # False
print(result.computed_deadline) # 2026-02-27
print(result.message)
```
### Verify a legal citation
```python theme={null}
from qwed_legal import CitationGuard
guard = CitationGuard()
result = guard.verify("Brown v. Board of Education, 347 U.S. 483 (1954)")
print(result.format_valid) # True - matches a supported citation format
print(result.status) # "unverifiable_authority" - format ok, authority unknown
print(result.verified) # False - authority can never be proven by format
print(result.parsed_components)
# {'volume': 347, 'reporter': 'U.S.', 'page': '483'}
```
A valid format result does **not** prove that the cited authority exists or is controlling. `result.verified` is always `False`, and `result.status` is `unverifiable_authority` when the format matches. CitationGuard has no case-law database. It only confirms the citation matched a supported structural pattern.
## Architecture
### High-level flow
```mermaid theme={null}
flowchart TB
subgraph Agent["🤖 Legal AI Agent"]
LLM["LLM (GPT-4, Claude)"]
end
subgraph QWED["🏛️ QWED-Legal v0.4.0"]
direction TB
subgraph Guards["10 Verification Guards"]
DG["Deadline Guard
(Business Days)"]
LG["Liability Guard
(Decimal Math)"]
CG["Clause Guard
(Text Heuristics)"]
CTG["Citation Guard
(Bluebook)"]
IG["IRAC Guard
(Reasoning)"]
FG["Fairness Guard
(Bias Detection)"]
CDG["Contradiction Guard
(Z3 Logic)"]
PG["Provenance Guard
(SHA-256)"]
end
Receipt["📋 Verification Receipt"]
end
subgraph Output["✅ Verified Output"]
Contract["Contract System"]
Client["Legal Client"]
end
LLM -->|"Tool Call"| Guards
Guards --> Receipt
Receipt -->|"Approved"| Output
Receipt -->|"Rejected"| LLM
```
### Guard selection flow
```mermaid theme={null}
flowchart LR
Input["LLM Output"] --> Detect{"Detect Type"}
Detect -->|"Date/Term"| DG["Deadline Guard"]
Detect -->|"$ Amount"| LG["Liability Guard"]
Detect -->|"Clause Text"| CG["Clause Guard"]
Detect -->|"Case Citation"| CTG["Citation Guard"]
DG --> Result["Verified ✓ / Rejected ✗"]
LG --> Result
CG --> Result
CTG --> Result
```
## Examples of claims QWED-Legal can reject
These are examples of supported checks catching unsupported claims. They are **not** proof that every legal hallucination is detectable.
| Input | Claimed result | Example outcome |
| ---------------------------------- | ------------------------ | ---------------------------------------- |
| "Net 30 business days from Dec 20" | Wrong computed date | Blocked by `DeadlineGuard` |
| "Liability cap: 2x fees" | Wrong cap arithmetic | Blocked by `LiabilityGuard` |
| Structured liability conflict | "Clauses are consistent" | Blocked by `ContradictionGuard` |
| Unsupported citation reporter | "Valid citation" | Blocked by `CitationGuard` format checks |
## Why not just trust the LLM?
LLMs are **probabilistic** and can fail in legally significant ways:
| Failure mode | Example | Risk |
| -------------------- | ------------------------------------------------ | ----------------------------- |
| Fabricated authority | AI cites a nonexistent or malformed legal source | Sanctions, bad filings |
| Deadline mistakes | "30 business days" miscomputed | Missed obligations, defaults |
| Clause inconsistency | Two provisions cannot both be true | Disputes, unenforceable terms |
| False certainty | Model states a legal conclusion without proof | Liability, audit failure |
QWED-Legal treats LLM output as **untrusted input**. It does not assume correctness. It requires proof for every property it verifies. When proof is not possible, it fails closed.
## Jurisdiction support
DeadlineGuard supports jurisdiction-specific holidays:
```python theme={null}
from qwed_legal import DeadlineGuard
# US holidays (default)
us_guard = DeadlineGuard(country="US")
# UK holidays
uk_guard = DeadlineGuard(country="GB")
# California-specific holidays
ca_guard = DeadlineGuard(country="US", state="CA")
```
## Next steps
* [The 10 guards](/legal/guards) - Deep dive into each verification guard
* [Examples](/legal/examples) - Real-world contract verification scenarios
* [Troubleshooting](/legal/troubleshooting) - Common issues and solutions