Audit

Every ledger mutation and policy evaluation is appended to a hash-chained JSONL log. Each entry references the prior entry’s hash. asd audit tail prints the latest entries; asd audit verify walks the chain and confirms it has not been tampered with. The audit log is replayable and independently verifiable.