On-chain anchoring: closing the local-tamper gap

Hash-chained audit logs are tamper-evident locally: a third party who has the chain bytes can detect any byte-flip. But they can't prove the chain wasn't replaced wholesale by the attacker. SBO3L's on-chain anchor closes that gap — the audit chain root is committed to a public blockchain on a regular interval.

The contract

SBO3LAnchorRegistry on Sepolia at 0x4C302ba8…E8f4Ac. One function:

function publish(bytes32 root, uint64 chain_length) external;

Each call costs ~24K gas. The contract emits an event with (publisher, root, chain_length, timestamp); we never store anything in contract storage beyond a moving "latest" pointer per publisher.

Cron + key management

A 6-hour cron job on the daemon (or Vercel cron for the playground) computes the chain root, packs it into a transaction signed with the publisher's wallet, and broadcasts to Sepolia. The publisher key is separate from the daemon's signing key — compromise of one doesn't unlock the other.

Verifying with the anchor

A skeptic given a capsule can:

1. Verify the capsule's audit-chain proof goes back to a chain root R.
2. Query Etherscan for the AnchorRegistry's publish(R, ...) event — confirms R existed on-chain at timestamp T.
3. Compare T with the capsule's claimed event timestamp — must be in the past.

Result: a 24K-gas check (one Etherscan API call) gives you proof that the agent took the action no later than the on-chain anchor block — even if the daemon's whole filesystem is later replaced.