Audit Chain
Every proxy action is logged to an append-only, tamper-evident audit chain.
Format
JSONL (JSON Lines). One entry per line.
{"seq":1,"ts":"2024-01-15T10:30:00Z","cap":"openai-chat","action":"request","outcome":"allowed","hash":"abc...","prev":"000...","sig":"def..."}
{"seq":2,"ts":"2024-01-15T10:30:01Z","cap":"openai-chat","action":"response","outcome":"success","hash":"ghi...","prev":"abc...","sig":"jkl..."}
Entry Fields
| Field | Description |
|---|---|
seq | Sequence number, monotonically increasing |
ts | ISO 8601 timestamp |
cap | Capability name |
action | request, response, blocked, error |
outcome | Result: allowed, denied, rate_limited, taint_blocked, etc. |
hash | SHA-256 hash of this entry (excluding hash and sig) |
prev | Hash of previous entry (chain link) |
sig | Ed25519 signature of hash |
Integrity Properties
Hash Chain
Each entry's prev field contains the previous entry's hash. Tampering with any entry breaks the chain.
Entry 1 Entry 2 Entry 3
┌──────┐ ┌──────┐ ┌──────┐
│hash_1│◄───────│prev │◄───────│prev │
└──────┘ │hash_2│ │hash_3│
└──────┘ └──────┘
Signatures
Each entry is signed with an Ed25519 private key. The corresponding public key can be used to verify authenticity.
Verification
To verify an audit log:
- Check each entry's
hashmatches SHA-256 of entry content - Check each entry's
prevmatches previous entry'shash - Verify Ed25519
sigagainsthashusing public key - Check
seqis monotonically increasing - Check
tsis monotonically increasing (within tolerance)
Storage
Default path: /var/log/hull0/audit.jsonl
Configurable via manifest settings.audit_path.
Compliance
The audit chain provides:
- Non-repudiation (signatures)
- Tamper evidence (hash chain)
- Completeness (sequence numbers)
- Temporal ordering (timestamps)
Suitable for SOX, HIPAA, GDPR audit requirements.