Back to Glossary
VEX

Merkle Audit Trail

tamper-evident loggingcryptographic log integrityautonomous execution audit

A Merkle-linked audit trail is an append-only log structure in which each entry contains the cryptographic hash of the preceding entry, forming a tamper-evident chain.

THE AUDIT INTEGRITY PROBLEM

Traditional logging systems are vulnerable to post-hoc modification. A Merkle-linked structure makes sanitization detectable because any deletion or modification of a log entry breaks the hash chain from that point forward.

PROTOCOL CONTEXT (ARCHITECTURE.TSX / VEX-CORE)

The vex-core library implements Merkle-linked log construction. Each Evidence Capsule's Witness section is a Merkle leaf. The tree root is periodically anchored, providing an externally verifiable integrity checkpoint.

ProvnAI Mitigation

Every security event processed by McpVanguard is appended to the Merkle-linked audit trail. Log consumers can verify historical integrity by recomputing the hash chain via the Provn SDK's verify_chain() API.