Tamper-Evident Lineage
Tamper-evident lineage is an append-only record of an agent's actions and the governance decisions applied to them, whose integrity can be verified independently.
Definition
Tamper-evident lineage is an append-only record of everything an agent did and every governance decision applied to it, structured so that any alteration, insertion, or deletion after the fact is detectable. For each governed action the record captures the envelope as submitted, the mandate the action was checked against, the outcome, the specific rules applied, the basis for that outcome, and the time elapsed at each stage. These are the contents the MAS SAFR (Safeguards for Agentic Finance at Runtime) white paper requires of its Audit Log.
The property exists because the audit record is what gets examined when an agent's action is disputed, and the parties examining it hold opposing interests. The paper states the requirement plainly: "The log is the authoritative record, independent of any party with an interest in how events are characterised after the fact." Standard application logs are written for operators, and whoever administers the system can rotate, truncate, or edit them; their integrity rests on trusting that administrator. A lineage record is built to be examined by an outside party, so its integrity must be checkable without trusting the party that produced it.
Three mechanisms deliver the property in practice. Hash-chaining: each entry commits cryptographically to the entries before it, so a modified or removed entry breaks the chain. Write-before-decide ordering: the decision is returned only once the evidence has persisted, and the system fails closed on write failure, so no governed action can execute unrecorded. Independent verification: the record exports with a signed manifest, per-artifact inclusion proofs, and an external timestamp commitment, so a verifier can confirm integrity offline.
In SAFR, lineage appears twice. The action trace inside each governance envelope records how the agent arrived at a proposal, and the Audit Log records how the institution decided on it. Together they give an inspector the sequence of events with proof the record is unchanged, which is the evidentiary core of any runtime governance layer. In KLA's SAFR implementation, the Audit Trail and its Sealed Evidence Bundles fill this role.
