Skip to content

[codex] clarify current audit signing scheme#20

Draft
hizrianraz wants to merge 1 commit into
mainfrom
codex/audit-catalog-propagation
Draft

[codex] clarify current audit signing scheme#20
hizrianraz wants to merge 1 commit into
mainfrom
codex/audit-catalog-propagation

Conversation

@hizrianraz

@hizrianraz hizrianraz commented Jun 27, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds the requested audit-signing callout above the existing HMAC/Ed25519 migration section.
  • Leads with the current truth: hash-chain integrity is the load-bearing guarantee; HMAC-SHA256 is required today; optional Ed25519 verification exists via an agent public key; producer-side Ed25519 event signing is v1.1.

Live receipts

curl -fsS https://api.ainfera.ai/v1/audit/public-key | python3 -c "import sys,json;print('alg=',json.load(sys.stdin)['alg'])"
# alg= Ed25519
curl -fsS 'https://api.ainfera.ai/v1/audit/public?limit=1' | python3 -c "import sys,json; d=json.load(sys.stdin); e=(d.get('events') or [{}])[0]; print(sorted(e.keys())); print('has_signature=', any('signature' in k.lower() for k in e)); print('has_prev_hash=', any(k in e for k in ('prev_hash','previous_hash')))"
# ['agent_name', 'canonical_uri', 'created_at', 'event_hash', 'event_id', 'event_type', 'model', 'owner_handle', 'provider', 'seq']
# has_signature= False
# has_prev_hash= False

Validation

uv run --extra dev pytest
# 45 passed, 2 skipped
uv run --extra dev ainfera-verify bundle tests/fixtures/annex_iv_bundle.zip
# 1247 events verified
# HMAC signatures valid
# Bundle is genuine. Cryptographic chain of custody verified.

Draft PR for founder/D4 review. No merge performed.


Note

Low Risk
Documentation-only wording in README; no verifier, API, or cryptographic behavior changes.

Overview
Adds a blockquote callout in the Trust model section (Audit signing — what’s true today) immediately above the existing HMAC/Ed25519 migration subsection.

The callout states in one place that hash-chain integrity is the load-bearing offline guarantee, HMAC-SHA256 is required for signing today, optional per-event Ed25519 verification is available via an agent public key, and full producer-side Ed25519 on every event is planned for v1.1. The longer migration section below is unchanged aside from positioning relative to this new summary.

Reviewed by Cursor Bugbot for commit 234327c. Bugbot is set up for automated code reviews on this repo. Configure here.

@coderabbitai

coderabbitai Bot commented Jun 27, 2026

Copy link
Copy Markdown

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 52a83d46-ee24-4a81-b1e0-26e5a7ab5d6e

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/audit-catalog-propagation

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant