Correlation replay
/audit/correlation/{uuid} reconstructs the request path in order: proxy, Brain signals, policy decision, HIL transition, upstream outcome.
Inspect an illustrative chain locally, then review how a configured production ledger can connect a tool call, policy verdict, approval, and upstream outcome. Your audit and compliance teams decide whether that evidence meets their requirements.
Every entry in the ledger commits to its predecessor. Tamper a single byte and /verify tells you exactly which row broke the chain — and which downstream entries can no longer be trusted.
64 × "0"
sha256(prev | json)
prev = row n hash
// hash chain genesis = 64 × "0" entry_hash[n] = sha256(prev_hash[n] || "|" || canonical_json(hashable[n])) // reconstructing a request GET /audit/correlation/{uuid} → [proxy, policy, HIL, upstream]
The five rows are a committed illustrative fixture, not live customer traffic or an independent assurance artifact.
Each fixture row uses SHA‑256 over the prior hash and the versioned canonical JSON shape.
The sample verifier runs in WebCrypto. The separate live-demo endpoint exposes only aggregate chain health.
A pilot defines captured fields, redaction, access, retention, exports, and acceptance criteria for its own ledger.
These illustrative fixture rows use the ledger's canonical shape and hash‑link rule; they are not live customer events. Each entry_hash commits to its predecessor. Change one byte and the sample stops verifying locally.
Each row's prev_hash matches the prior row's entry_hash, and every recomputed digest matches storage.
The verifier stops at the first mismatch and marks downstream rows as not trusted, even if their stored hashes still look well-formed.
# Live aggregate only — no per-row data is public. $ curl -s https://demo.clavenar.com/verify | jq '{valid, entries_checked, first_invalid_seq}' { "valid": true, "entries_checked": <current count>, "first_invalid_seq": null } # Correlation replay requires the scoped console or an authorized # pilot export; the public edge deliberately exposes no ledger rows.
prev_hash with 64 zeros. Row 1 commits to this seed.entry_hash[n] = sha256(prev_hash[n] || "|" || canonical_json(hashable[n])). The hashable shape and field order are the chain version — see clavenar‑ledger/src/lib.rs:386.prev_hash equals row N's entry_hash. Tampering any earlier row breaks every later hash.Verify button recomputes each entry_hash with WebCrypto SHA‑256, byte‑identical to what verify_chain does on the server.A hash anchors the recorded sequence; it does not establish that an omitted or inaccurate input was true. A pilot defines which request, decision, approval, and outcome fields are captured and who may replay them.
/audit/correlation/{uuid} reconstructs the request path in order: proxy, Brain signals, policy decision, HIL transition, upstream outcome.
The ledger records verdict, rule, tier, and reason. A future policy edit does not rewrite the historical decision.
Yellow-tier actions carry the approver identity, decision time, and final allow/deny transition before release.
Outcome rows link the recorded authorization to the later external-call result, so reviewers can inspect what the control plane allowed and what it observed afterward.
/verify returns the first invalid row and how many entries were checked; browser verification uses the same digest shape.
Cold-tier exports keep signed manifests beside the ledger rows, giving compliance and incident response the same evidence object.
The sample chain includes a Yellow-tier stripe.refund. The illustrative replay shows why sequence matters: the request parks first, approval lands second, and the recorded upstream outcome follows.
stripe.refund arrives from demo-sentinel-bot with correlation demo-sentinel-003.
Rule wire_transfer_requires_approval returns Review; row #3 commits the Yellow-tier decision.
finance-oncall approves in row #4. The approval is chained to the parked request, not logged separately in a side channel.
The side effect is allowed only after the chain shows authorization. A later audit can replay the exact decision path instead of trusting screenshots.
These mappings are implementation aids, not certification, attestation, legal advice, or proof that a deployment complies.
A configured ledger can record caller, tenant, method, verdict, reason, and operator identity for approvals.
Correlation IDs link request, policy, HIL, and upstream rows without depending on scattered LLM logs.
SHA-256 forward links expose row edits and downstream uncertainty immediately.
A pilot defines its retention period, storage tier, export destination, access roles, and deletion process.