[jcalloway_dev]

The hash chain approach is exactly right — even a simple append-and-sign pattern would catch post-hoc tampering without much overhead. Worth looking at how Sigstore handles this for inspiration.

Good call on visibility-before-enforcement. Alerting built on shaky data models is worse than no alerting.

The SQLite read is clean. Graceful degradation on schema change is the kind of detail that separates "I built this for me" from "I built this to last."

Curious what your rollout looks like — are people self-hosting, or is there a managed path you're considering?

[idanr3011]

Sigstore is a good pointer - I'll look at how they handle the transparency log. The append-and-sign pattern is probably the right starting point before going full Merkle tree.

On rollout - fully self-hosted right now, intentionally. The core promise is local-only: your data never leaves your machine. curl | bash, single binary, vigilo setup handles the rest. A managed offering for teams is the obvious next step if there's demand - but it's a fundamentally different product with different trust assumptions. I'd build it as a separate thing, not by compromising the local-first model.