v1.9.1-ce — Tamper-evident agent decision lineage¶
Released: 2026-07-14 · Tag: v1.9.1-ce · Docker: synapcores/community:v1.9.1-ce
v1.9.0 introduced durable agents that run inside the database. v1.9.1 makes their audit trail
provable: every run in _system_agent_runs is now hash-chained into a tamper-evident ledger,
so a record that was edited after the fact is detectable with a single SQL query.
Decision lineage¶
Every run is chained: entry_hash = sha256(prev_hash ‖ the run's fields), where prev_hash is
the previous run's entry_hash in a per-tenant ledger (genesis for the first run). Any post-hoc
edit to a stored run breaks its own entry_hash and every downstream prev_hash link.
_system_agent_runs gains three columns — prev_hash, entry_hash, and a computed verified
(BOOL). Tamper detection is one query:
verifiedisTRUE/FALSEfor chained runs, andNULLfor pre-v1.9.1 runs (unchained — not attestable, rather than a false green).- On by default; no configuration. Full back-compat — no shipped run data is lost.
- Self-hosted: the tamper-evident ledger runs entirely inside one binary, on your box.
Why it matters¶
For the regulated verticals where in-database agents earn their keep — SOAR, AML, aerospace RCA — "the agent acted, and here is the record" is not enough; you need "and here is proof the record was not modified." That proof now lives inside the engine, next to the data the agent touched.
Validation¶
- State-asserting validator: 88/88, 0 failed.
- Recipe certification: 159/159 (zero regressions).
- Non-AVX-512 canary (i5-10400F): config-pure boot, EMBED + GENERATE +
CREATE AGENT+EXECUTE AGENT, zero illegal-instruction. - Lineage verified on the release binary (runs chained +
verified); a tamper doctest confirms an edited run flips toverified = false.
Install¶
docker pull synapcores/community:v1.9.1-ce
# or pin the installer:
curl -fsSL https://get.synapcores.com | SYNAPCORES_VERSION=v1.9.1-ce sh
Drop-in from v1.9.0 — no schema migration; lineage is automatic.