Tamper-evident audit log.

Every business-meaningful action in the Agent Exchange Protocol (AEX) — agent registration, transfer initiation, scanner verdict, policy decision, delivery, revocation — writes an [Event] to an [AuditLog].

Integrity model

Events are hash-chained: each event stores the hash of the previous event. This means any retroactive modification of an event breaks the chain for every event that followed — you cannot rewrite history without producing a visibly different chain head.

Chain-head hashes are the basis for future Merkle-batching and Sigstore Rekor submission (Phase G1). When that lands, the interface here does not change — [AuditLog::current_head] just starts being submitted to Rekor periodically.

Implementations

• [MemoryAuditLog] — in-memory, used by tests and M1 demo.
• [FileAuditLog] — append-only JSONL file, one line per event. Used by the dev-tier control plane.
• (Phase 2) PostgresAuditLog — events in Postgres with a maintained chain_head table for fast reads.
• (Phase G1) RekorAnchoredAuditLog<Inner> — wraps any inner log and periodically submits chain heads to the Sigstore Rekor transparency log.