Struct ReceiptLog 

pub struct ReceiptLog { /* private fields */ }

An append-only, hash-chained receipt log.

Implementations

impl ReceiptLog

pub fn new() -> Self

Create a new empty receipt log.

pub fn from_entries(entries: Vec<Receipt>) -> Self

Create a log from existing entries (e.g., loaded from disk).

pub fn append(&mut self, receipt: Receipt)

Append a receipt to the log.

pub fn last_hash(&self) -> String

Get the hash of the last receipt (for chain linking).

pub fn next_sequence(&self) -> u64

Get the next sequence number.

pub fn verify_integrity(&self) -> Result<()>

Verify the integrity of the hash chain (sequence numbers + previous_hash linkage).

This does NOT verify receipt signatures — use verify_integrity_with_key() for full cryptographic verification including signature checks.

pub fn verify_integrity_with_key( &self, public_key_bytes: &[u8; 32], ) -> Result<()>

Verify full cryptographic integrity: hash chain linkage AND each receipt’s signature.

Security: fix S2 (receipt signatures were never verified)

Without signature verification, an attacker with write access can forge receipts with correct hash chaining — invalidating the entire compliance audit trail.

public_key_bytes is the Ed25519 public key of the agent that signed the receipts. For multi-agent logs, use verify_integrity_with_resolver() (future).

pub fn entries(&self) -> &[Receipt]

Get all entries.

pub fn len(&self) -> usize

Get the number of entries.

pub fn is_empty(&self) -> bool

Trait Implementations

impl Default for ReceiptLog

fn default() -> Self

Returns the “default value” for a type.