Ujex Audit — Hash-chained tamper-evident log
Ujex Audit is the audit subsystem. Every privileged callable writes a row; rows are hash-chained; hourly verifier walks the chain.
Detailed: A hash-chained audit log for your AI agent (and why it matters).
What goes in
- Identity: agent created, scope changed, key rotated
- Postbox: message sent / received / scored
- Recall: memory written / read / searched
- Ingress: webhook dispatched / received
- Governor: budget threshold crossed, action refused, override granted
- Mobile: approval asked / decided / timed out
Hash chain
row[N].hash = sha256(prev_hash || canonicalize(row.body))Tamper-evident: editing any past row breaks every subsequent hash; the verifier returns the first bad seq.
Library
@axy/audit-chain in TS and axy-audit-chain in Python. Apache-2.0. ~200 LoC each. Append + verify.
Verifier
Cloud Function on a 1-hour Cloud Scheduler trigger. Walks the chain; alerts on first hash mismatch. Cheap (<1s on yearly chains at 1k events/day).
Export
Export rows + last verified hash; recipient runs the open-source verifier; if hashes match, export wasn't tampered.
FAQ
Why hash chain instead of signing each row?
Catches insertion + deletion + modification; signing alone catches only modification.
Is the chain GDPR-friendly?
The chain itself is. PII inside row bodies is your job — redact at append, not after.