Verification
syndicate audit verify output
Verification checks chain integrity and signature integrity for audit evidence.
syndicate audit verify
syndicate audit verify --verbose
syndicate audit verify --output json
Typical clean-chain output:
audit chain: OK
events: 47
genesis: a3f2bc91... (previous_hash: 0000...0000)
head: c4d8e2f1...
policy: 7:a3f8c2d1...
This command is independently invocable and does not require launching TUI (per CLI-007).
Verification failures
| Failure | Meaning |
|---|---|
| Hash mismatch at event N | Event data or predecessor link changed after insertion |
| Gap in sequence | One or more events are missing from chain order |
| Missing genesis event | Initialization chain anchor is absent or deleted |
| HMAC signature mismatch | Signature key or signed payload integrity mismatch |
Failure output includes failing event context and mismatch reason in machine-readable mode.
Verification in CI
# machine-readable verification for pipelines
syndicate audit verify --output json
# verbose event-level verification report
syndicate audit verify --verbose --output json
Exit-code expectations for CI:
0: clean chain1: chain integrity failure5: control plane unavailable
Export for external audit
syndicate audit export <session-id> --format ndjson --out audit-$(date +%Y%m%d).ndjson
syndicate audit export <session-id> --format json
NDJSON export preserves hash-link fields (event_hash, previous_hash) for independent external verification workflows.