YuleYule
CLI

yule audit

Query and verify the inference attestation log

Overview

Every inference Yule runs produces a signed attestation record. These records are stored in a hash-chained append-only log at ~/.yule/audit.jsonl. The yule audit command lets you query and verify this log.

Each record contains:

  • Session ID — unique identifier for the inference session
  • Timestamp — when the inference ran
  • Model name and Merkle root — which model produced the output
  • Token count — how many tokens were generated
  • Sandbox status — whether the process was sandboxed
  • Ed25519 signature — cryptographic proof of record authenticity
  • Previous hash — blake3 hash of the prior record (chain integrity)

Usage

yule audit [options]

Options

FlagDefaultDescription
--last <n>50Number of recent entries to display
--verify-chainfalseVerify the entire audit log chain integrity

Querying Records

yule audit --last 10
showing last 10 of 10 requested:

  session:   a1b2c3d4-e5f6-7890-abcd-ef1234567890
  timestamp: 1710432000
  model:     TinyLlama 1.1B
  tokens:    128
  sandbox:   yes
  signed:    yes (64B)
  prev_hash: 0000000000000000000000000000000000000000000000000000000000000000

  session:   b2c3d4e5-f6a7-8901-bcde-f12345678901
  timestamp: 1710432060
  model:     TinyLlama 1.1B
  tokens:    256
  sandbox:   yes
  signed:    yes (64B)
  prev_hash: 7a3f8c1e9d0b2f4a6e8c0d2f4a6b8e0c2d4f6a8b0e2c4d6f8a0b2c4e6d8f0a

Verifying Chain Integrity

The audit log is hash-chained: each record includes the blake3 hash of the previous record. If any record is modified, deleted, or reordered, the chain breaks.

yule audit --verify-chain
chain integrity: VALID (847 records)

If tampering is detected:

chain integrity: BROKEN (847 records)

Why This Matters

The attestation log provides a tamper-evident history of every inference your Yule instance has run. Combined with the Merkle root in each record, you can prove:

  1. Which model produced a given output (by Merkle root)
  2. When the inference happened (by timestamp)
  3. Under what conditions it ran (sandbox status, sampling params)
  4. That the log hasn't been altered (hash chain verification)

This is the foundation for audit compliance in regulated environments — healthcare, finance, legal — where you need to prove what model produced what output.

yule pull / list

Download models from HuggingFace and manage the local cache

API Overview

Authentication, API surfaces, and design philosophy

On this page

OverviewUsageOptionsQuerying RecordsVerifying Chain IntegrityWhy This Matters