Please report security issues privately — via GitHub's private vulnerability reporting (the repository Security tab → "Report a vulnerability"). Please do not open public issues for security reports.
Upholdr's ledger is tamper-evident, not tamper-proof.
- Detects: in-place edits, record deletion, and reordering of ledger records —
via append-only SQLite triggers plus a SHA-256 hash chain over a single monotonic
append sequence.
upholdr verifyrecomputes the chain from genesis and reports the first divergence; tail truncation is caught by the sequence counter. - Does NOT protect against: an attacker with filesystem or process access can
- delete or replace the entire database file;
- drop the triggers and rewrite a fresh, internally-consistent forged chain — without record signing, the chain proves internal consistency, not authenticity;
- edit the mutable
ledger_seqcounter to mask a tail truncation; - or, in a compromised Upholdr process, write false records before they are sealed.
The real defenses against a privileged attacker are record signing (HMAC /
ed25519) and off-box export / external anchoring of the chain head. See
docs/threat-model.md for the full model and the hardening
roadmap.
Operate the ledger where the governed agent cannot write to it out-of-band, ship the chain head off-box, and treat a
verifyfailure as an incident.