Attested AIVerify Sample

What is a Continuity Chain?

A Continuity Chain is a hash-linked sequence of receipts where each receipt includes the hash of its predecessor, creating an immutable, tamper-evident audit trail.

How It Works

Receipt 0 (POLICY_LOADED)
    └── prev_leaf_hash: null (genesis)
    └── this_leaf_hash: "a1b2c3..."

Receipt 1 (MEASUREMENT_OK)
    └── prev_leaf_hash: "a1b2c3..."  ← links to Receipt 0
    └── this_leaf_hash: "d4e5f6..."

Receipt 2 (DRIFT_DETECTED)
    └── prev_leaf_hash: "d4e5f6..."  ← links to Receipt 1
    └── this_leaf_hash: "g7h8i9..."

Receipt 3 (ENFORCED: QUARANTINE)
    └── prev_leaf_hash: "g7h8i9..."  ← links to Receipt 2
    └── this_leaf_hash: "j0k1l2..."

Chain Properties

  • Immutability: Modifying any receipt breaks the hash chain
  • Ordering: Receipt sequence is cryptographically enforced
  • Completeness: Missing receipts are detectable via hash gaps
  • Independence: Each receipt is individually signed

Tamper Detection

If any receipt in the chain is modified, its hash changes. This causes the next receipt'sprev_leaf_hashto no longer match, breaking the chain and producing aFAIL verdict during verification.

Time Attestation

In ENTERPRISE mode, receipts can include RFC 3161 TSA tokens for external time attestation. This provides third-party proof of when events occurred, adding another layer of non-repudiation beyond the hash chain itself.

Related Terms

Policy ArtifactEvidence BundleContinuity ChainSelective InterceptionOffline Verification

See It In Action

Download a sample Evidence Bundle and verify it offline with our CLI tool.

Download Sample Bundle