What's in a record
Six sections. Every time.
A logged action is a chat transcript. A sealed record is contemporaneous evidence. The difference matters when someone asks what happened.
Trigger
What started this action? Who or what requested it?
Context
What did the AI know at the time? What files and rules were active?
Reasoning
Why did it choose this approach? What alternatives did it consider?
Authority
Who approved this action? What policy allowed it?
Execution
What tools were called? How long did it take? What resources were used?
Outcome
Did it succeed? What changed? Were there side effects?
Hash-chained
Modify any record. The chain breaks.
Each record carries the SHA3-256 hash of the previous record. To tamper with anything, you'd need to recompute every hash from that point forward and re-sign every record.
Without the signing keys, that's mathematically impossible. With the keys, you'd still leave a fingerprint. Tampering is detectable.
The cryptography
Safe today. Safe tomorrow.
Every record gets dual signatures. If one algorithm is ever broken, the other still protects you. No deprecated crypto, ever.
SHA3-256
FIPS 202Content hashing for every record. Identifies tampering at the byte level.
Ed25519
FIPS 186-5Classical digital signatures. The current gold standard for authenticity.
ML-DSA-65
FIPS 204Post-quantum signatures. Safe against attacks from machines that don't exist yet.
No MD5. No SHA-1. No RSA. No DES. No 3DES. No deprecated algorithm ever appears in the AskQP signature chain.
Three privacy layers
Detail decays. Accountability remains.
Right to erasure works. Layer 3 can be deleted while Layer 1 preserves the audit trail. Designed for GDPR, HIPAA, and financial recordkeeping.
Layer 1
Summary
Record ID, type, timestamp, status, outcome. Proves something happened.
Layer 2
Detail
Anonymized reasoning, redacted tool calls. For operational review.
Layer 3
Full context
Complete reasoning, full prompts. Encrypted at rest. Auto-deleted.