Attested Intelligence
Contact

Continuity Chain

Tamper-evident sequence of enforcement receipts. Provides verifiable, immutable audit trail that can be verified offline.

What is Continuity?

The continuity chain is a hash-linked sequence of receipts that records every attestation, policy decision, and enforcement action. Each receipt includes a reference to the previous receipt's hash, creating a chain that cannot be modified without detection.

Unlike centralized audit logs that require trust in the log operator, the continuity chain can be verified by any party with access to the receipts. Tampering—insertion, deletion, or modification of any receipt—is cryptographically detectable.

Baseline Algorithm

Receipt Structure
receipt = {
  sequence_number: N,
  timestamp: RFC3339,
  action_type: "ALLOWED" | "BLOCKED" | "ATTESTED",
  action_hash: BLAKE2b(action_data),
  policy_ref: policy_artifact_hash,
  prev_hash: hash(receipt[N-1]),
  signature: Ed25519.sign(receipt_data)
}
Hash Linking
current_hash = BLAKE2b(
  sequence_number ||
  timestamp ||
  action_type ||
  action_hash ||
  policy_ref ||
  prev_hash
)
Chain Invariant
// For all receipts R[i] where i > 0:
R[i].prev_hash == hash(R[i-1])

// Sequence numbers are strictly increasing:
R[i].sequence_number == R[i-1].sequence_number + 1

Chain Structure

#1GENESIS
prev: nullhash: a7f3...
#2ATTESTED
prev: a7f3...hash: b8e2...
#3ALLOWED
prev: b8e2...hash: c9d1...
#4BLOCKED
prev: c9d1...hash: d0e4...

Verification Checklist

A verifier checks the following properties to validate chain integrity:

Hash Linking

Each receipt's prev_hash matches the computed hash of the previous receipt

Sequence Continuity

Sequence numbers are strictly increasing with no gaps

Signature Validity

Each receipt signature verifies against the issuer's public key

Temporal Order

Timestamps are monotonically increasing (optional TSA verification)

Policy Reference

Referenced policy artifacts exist and are properly sealed

Action Consistency

Action data hashes match the recorded action_hash values

Merkle Root Anchoring

ROADMAP

Future versions will support Merkle root anchoring. Periodically, a Merkle root of recent receipts is computed and published to an immutable public record. This provides:

  • Third-party verifiable timestamps
  • Compact proofs for individual receipts
  • Public anchor points for chain verification

This feature is not currently implemented. The baseline hash-linking algorithm provides tamper evidence without external anchoring.

Claims Status

FeatureStatusEvidence
Hash-linked receiptsSpecifiedProtocol spec
Sequential countersSpecifiedProtocol spec
Gap detectionSpecifiedProtocol spec
Merkle root anchoringRoadmapPlanned
Public anchor publicationRoadmapPlanned

Related Resources

TechnicalTechnology OverviewPillarPolicy ArtifactInteractivePolicy Artifact Demo