The chain only grows.
It never rewrites.
Most AI tools ask you to trust the answer. Watcher hands you the arithmetic. Every record the daemon writes folds the one before it into a hash, so the only way to alter the past is to forge the entire future. Trust is arithmetic, not a promise.
Append-only. SHA-256. HMAC-authenticated. Tail-verifiable.
The chain only grows
Every operation the daemon performs is a new record at the head. Nothing in the past is edited or deleted. To change a record you would have to forge every record after it.
Each record carries the last
A record's hash folds the previous record's hash with its own content. One identifier per assertion, one hash per record. Rewrite the content and the hash stops matching.
Signed, not just hashed
Records are authenticated with a daemon key, so a third party cannot append a record that looks like yours. The signature travels with the Pack.
Check the head, trust the body
Verifying the head hash confirms the whole chain beneath it. One recomputation, from genesis to HEAD, answers whether a single byte moved.
hash(n) = SHA-256( hash(n-1) + id(n) + content(n) )Genesis is sixty-four zeroes. Every record after it inherits the head. The demo below computes this in your browser, byte for byte.
Rewrite one record. Watch the rest fall.
These four records are a real hash chain, computed live with the browser’s own SHA-256. Edit any content, or flip a byte. The tampered record and every record after it turn red, because their stored prevHash no longer matches the recomputed head.
Edit any content, or flip a byte. The hash is recomputed in your browser.
You do not have to take our word.
wotw-verify is a standalone, cosign-signed binary. It checks a Pack’s content hashes, daemon signature, and chain anchor on a clean machine, with no daemon running and no call home. If the arithmetic holds, it prints VERIFIED. If a byte moved, it does not.
brew install 3030-labs/tap/wotw-verifywotw-verify is shipped today: cosign-signed, Homebrew-installable, and it checks a Pack with no daemon and no network.
The honest status.
A provenance system should not overclaim. Here is exactly what ships today and what is still being built.
The substrate
The daemon, the append-only chain, and the hash-folding pipeline are live. Watcher v0.8.4, 935 tests green.
The standalone verifier
wotw-verify is shipped. Cosign-signed Go binary. Verifies a Pack on a clean machine with no daemon. Installable from Homebrew, signed with cosign.
The Pack data model
The portable artifact layer, the on-disk Pack format you hand to someone else, is still in active build. We will not call it done until it round-trips through the verifier end to end.
Your key is injected, never persisted.
Bring your own model. Your provider key is injected into the daemon at spawn-time and held only for the life of that process. It is never written to disk, never logged, and never leaves your machine. When the process ends, the key is gone with it.
- Injected at spawn-time from your environment
- Held in process memory only, never persisted
- Never written to the chain, the wiki, or a log
- Nothing leaves your machine unless you say so