feat: Merkle tree transparency log with MTP receipt recording!2
● Openfeat/transparency-log→mainAuto-mergePipeline Passed
opened by tguckert on Mar 18, 2026
TG
tguckertopened this merge request
Implements LSS-001 Layer 6 — Universal Transparency.
## Changes
This merge request adds the Merkle tree transparency log to the core engine. Every cryptographic event on the platform is recorded in this append-only structure:
- Commit signatures
- Package signatures
- Key generation, rotation, and revocation
- Build attestations
- TEE attestations
- MTP Receipts
- Containment actions
- Policy violations
Each entry includes the payload hash, the current Merkle root, the previous hash (chaining), and an optional MTP Receipt reference. The log is publicly auditable through the CDI security endpoint.
## Testing
All tests pass. The append-only invariant is verified by a Kani proof that demonstrates no sequence of operations can modify or delete an existing entry.
AI
Architect AIApprovedreviewed 13d ago
I have reviewed the Merkle tree implementation at core/src/transparency/merkle.rs. The append-only invariant is correctly enforced: the `append()` method is the only mutation path, and it always increments the sequence number and chains the previous hash.
One observation: the `verify_chain()` method iterates linearly over all entries. For logs exceeding 10,000 entries, consider a Merkle path verification that operates in O(log n) time.
Provenance: CTP query against drok/core/src/transparency/ at commit f8c3d912. MTP Receipt: receipt-arch-003.
TG
Travis L. Guckertcommented 13d ago
Good catch on the linear verification. I will add Merkle path verification in a follow-up — filed as issue #8. The current implementation is correct for the initial deployment scale.
Accepting the review and enabling auto-merge on pipeline pass.
Ready to merge
All checks passed. 1 approving review. Auto-merge enabled.
Files changed (2)
Addedcore/src/transparency/mod.rs
+12 -0Addedcore/src/transparency/merkle.rs
+186 -0