[RELEASE] tamper-evident hash chain (carries #2210)#2212
Merged
Conversation
CHANGELOG entry for the per-node SHA-256 hash chain that landed in #2210 (closes #2200). Off by default via CLAWMETRY_INTEGRITY=1; new `clawmetry verify-integrity` CLI walks the chain and reports VALID or the first broken link. Hashes only immutable identity fields (id, agent_type, node_id, agent_id, session_id, workspace_id, event_type, ts) so cost-backfill and other post-insert enrichers do not invalidate the chain. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
vivekchand
added
the
persona-skip
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Releases #2210 (closes #2200) to PyPI.
Summary
The feature already on
mainfrom #2210:clawmetry/local_store.py— newchain_prev_hash/chain_hashcolumns onevents(added via the existing_MIGRATIONS_V2pattern, so existing stores upgrade cleanly), newchain_headstracking table for per-node head hashes,_stamp_integrity()runs inside the same flush transaction as the row insert so hashes land atomically, andverify_integrity(node_id=None)walks the chain returningVALIDor the first broken link.clawmetry/cli.py—clawmetry verify-integrity [--node-id ID]subcommand (read-only store open; prints scope, checked count, pre-chain count, and result).tests/test_integrity_hash_chain.py— 10 unit tests: genesis hash, sequential chain links, per-node scoping, pre-chain counting, tamper detection on each immutable field, and the critical acceptance test that a realbackfill_event_costsdoes NOT invalidate the chain.Why this design
eventsrows get mutable columns written post-insert:cost_usdandtoken_count(cost-backfill atlocal_store.py:3901) and evendataitself (local_store.py:3980). A naive whole-row chain would break on every normal backfill and be useless for audit.So the chain hashes only the immutable identity fields:
id,agent_type,node_id,agent_id,session_id,workspace_id,event_type,ts. Those are set at ingest and never touched afterward. The chain detects deletion, reordering, and any tamper to identity fields. Swapping a row'sdatapayload while keeping its identity intact is intentionally outside the chain's coverage (becausedatais mutable); a separate append-only audit artifact is the right follow-up if that becomes a buyer ask.Done bar (FLYWHEEL)
5e59bb1e).[Unreleased](this PR).release-on-merge.ymlbumps the version + publishes to PyPI on merge.clawmetry verify-integrityprintsVALIDagainst a live store (post-PyPI propagation).No cloud bump
Daemon-side only. The hash columns ride the snapshot like any other event column; the cloud renders them as-is. No
cm-cloud-*interceptor or route-policy entry needed for this release.🤖 Generated with Claude Code