A Git-like audit layer for LLM output sounds niche. It might be the next compliance checkbox enterprises can't ignore.
There's a bug in your codebase. It's been there for three weeks. You know a model wrote the function, but was it Copilot last Tuesday or Claude last month? Did someone edit the output after? Which version of the model? Nobody knows. The Git blame points to a developer who barely touched the file.
This is the problem GitAttest is trying to solve, and I think it's a real one. The question is whether it's a real business.
Right now, when a developer accepts a Copilot or Cursor suggestion, that code gets committed to Git like any other change. The model version, the prompt, the temperature setting, the token count — gone. The audit trail for AI-assisted code is essentially nonexistent.
For a solo indie hacker, this is annoying at worst. For a fintech with 200 engineers shipping AI-assisted code into production systems, it's a compliance time bomb. SOC2 auditors are already asking questions about software supply chain integrity. SLSA (Supply-chain Levels for Software Artifacts) is becoming a real requirement in regulated industries. And the EU AI Act, whatever its final form, is going to demand some level of accountability for AI-generated outputs.
The evidence that this pain is live: a Reddit thread in r/iOSProgramming with 62 upvotes where developers are already casually attributing bugs to Claude-generated code. Informally. Without any tooling. That's the pre-systematic-solution stage of a real problem.
The timing argument for this idea is genuinely interesting. Enterprises are deploying LLM-assisted development at scale, but the compliance tooling hasn't caught up. There's a window where the pain is real but no incumbent has closed it.
JFrog's adjacent tooling in the software supply chain space sells at $10K+/year, which tells you something about enterprise willingness to pay for provenance-adjacent problems. That's not a perfect comp, but it's a signal.
Here's the caveat though: the EU AI Act's technical implementation standards for code-level provenance haven't been finalized. Enforcement is years away. Some compliance officers will buy now because they're already under SLSA pressure. Many others will wait for regulatory clarity before signing a purchase order with an unknown startup. You'll need to sell into the first group and largely ignore the second, at least in year one.
The core product is a VS Code extension that intercepts AI insertions at the moment they happen — not retroactively detected, but captured in real time — and writes provenance metadata to a sidecar JSON file: model version, prompt hash, timestamp, token count. A pre-commit Git hook checks provenance coverage and flags unattested hunks. A web dashboard surfaces the audit graph with a per-file diff view that separates model-generated from human-edited content. SARIF export for the compliance report.
Tech stack is straightforward: Next.js, Supabase, Stripe, the VS Code Extension API, Git hooks via Husky. The estimate is 6-8 weeks solo for a working MVP. That's believable for a focused vibe coder who doesn't get distracted.
The aha moment the product is aiming for: you run your first `git provenance diff` and see a clean split between what the model wrote and what you changed. Takes about 10 minutes from install. That's a good north star for a first-time user experience.
TAM estimate is ~$2.5B, based on 50,000 regulated enterprises with active AI-assisted dev programs, spending an average $50K/year on compliance tooling, with roughly 20% of that increasingly allocated to AI code governance. The 3-year SAM for a solo or small team is more realistically ~$25M, targeting the top 5,000 most AI-forward regulated orgs at $5K/year average contract.
I'll be honest: the TAM figure feels like it was built backward from a number that sounds respectable. But the SAM is plausible, and $25M is enough headroom to build a real business. At $49/user/month with an average of 20 users per account and 18-month retention, you're looking at roughly $17K LTV per customer. Break-even at 18-22 paying customers.
This space is genuinely underserved right now. MLflow and DVC do ML experiment tracking but don't touch the code artifact layer. Weights & Biases and Helicone track LLM calls and prompts but stop short of linking those calls to the artifacts they produced and tracking subsequent human edits. GitHub Copilot and Cursor capture some usage metadata but expose none of it as structured, queryable provenance.
No direct YC-funded competitor has been surfaced in this exact space. That's a positive signal. The absence could also mean nobody has figured out how to make it a business, but I lean toward the former interpretation here.
I'd be doing you a disservice if I glossed over the two problems that could kill this.
First: Microsoft owns GitHub and GitHub Copilot. They can ship a native Copilot Provenance feature into the GitHub UI with zero distribution cost and 100 million developers already using the platform. Given the EU AI Act timeline, this is likely within 18 months. When it happens, the core tagging feature gets commoditized overnight.
The only defensible position against this is multi-provider neutrality. GitAttest would capture provenance across Copilot, Cursor, Codeium, and custom LLMs — Microsoft's native solution will only cover Copilot. That's a real wedge, but it requires you to move fast enough to build the audit graph into compliance workflows before Microsoft ships. If you're a solo founder starting today, that timeline is tight.
Second: the clean model-vs-human diff breaks down in real workflows. A developer accepts a Copilot suggestion, edits three lines, then asks Copilot to refactor that same function. The result is genuinely interlaced. The boundary between model-generated and human-edited is indeterminate. A sophisticated compliance auditor might reject this as evidence.
The honest response to this is the framing shift the idea already proposes: position the product as tracking what was inserted by AI at the moment of insertion, not detecting what was written by AI retroactively. Deterministic recording versus probabilistic detection. That's a defensible technical claim. But it requires developers to have the extension active every time they use an AI tool, across every machine they work on. Coverage gaps will happen. Whether auditors accept an incomplete audit trail is a real question.
One risk I haven't seen discussed enough: if GitAttest produces a compliance report that a company relies on for an audit, and the report turns out to be incomplete because a developer had the extension turned off on their home machine, the startup could face contractual liability for a failed audit. Enterprise customers will push for indemnification clauses. A solo founder cannot cover that exposure.
This isn't a reason not to build it. It's a reason to be very careful about how you write the terms of service and what claims you make in your compliance reports. You'll need a lawyer involved earlier than you'd like.
The go-to-market path is specific enough to actually work:
Before building anything, validate with a Notion doc and a Google Form asking what someone would pay for SLSA-compliant AI provenance attestation. Success metric: 5 DevSecOps-titled respondents at 50+ engineer orgs willing to pay $15+/user/month, or 2 paid pilots at $500-1,500/month before writing a line of code.
Once an enterprise runs a SOC2 audit that references the GitAttest provenance reports, deleting the tool means losing historical compliance evidence. The switching cost is genuine and grows with time. The audit graph becomes a system of record that's painful to abandon.
That's a real moat, even if it takes 12-18 months to build it per customer. Pre-commit hooks embedded in `.git/hooks` create persistent touchpoints even if the dashboard subscription lapses. These are the right kinds of retention mechanics for a compliance-adjacent tool.
This is a 7/10 idea for a reason. The problem is real, the timing window is real, and the path to the first 10 customers is specific. But the GitHub/Microsoft risk is serious and the technical ambiguity in model-vs-human attribution is not fully solved.
If you're going to build this, move fast, price for enterprise from day one, and don't let the free Microsoft version catch you flat-footed. The multi-provider audit graph is your moat. Build toward it deliberately.