[maxcr]

Thanks! The hash chain is stored in Cloudflare D1 (edge SQLite). Each registration entry includes the previous entry's hash, so the chain is tamper-evident. You can walk it from genesis and verify every link via the public API (/v1/chain).

It's centralized storage with cryptographic integrity, not decentralized consensus. The tradeoff was deliberate: we wanted verifiable ordering and tamper-evidence without the overhead of a blockchain. Any client can independently validate the chain by re-hashing from entry 0.

Longer term, the chain data could be mirrored or anchored to a decentralized store (IPFS, Arweave, or even periodic Bitcoin/Ethereum anchoring) for stronger guarantees. But for now, the priority was getting the identity + reputation primitives right.