| shipped something today. then found a problem with it. fixed it. here's the full story.
there are three ways a computational result can lie to you: the file was changed after the fact — SHA-256 catches this
the evidence was stripped from the bundle — the semantic layer catches this
the computation itself was run differently than claimed — nothing catches this until today.
i added Step Chain Verification to ML_BENCH-01. every step of the computation hashes itself into the next:
init_params → hash_1
hash_1 + dataset → hash_2
hash_2 + metrics → hash_3
hash_3 + verdict → trace_root_hash
change the seed, skip a step, reorder anything — trace_root_hash doesn't match. the chain breaks.
this isn't blockchain. no network, no consensus, no tokens. same idea as git commits — each commit hashes its parent. except here it's computation steps, not code commits.
then i checked the actual verifier.
mg.py verify --pack bundle.zip — the command i've been telling people to run — wasn't checking trace_root_hash at all. the chain was in the data. the construction tests passed. but the verifier itself ignored it entirely.
so "three verification layers" was technically true in the data structure. not true in what the verifier actually ran.
i fixed it before posting. added to scripts/mg.py _verify_semantic(): trace_root_hash must equal the final step hash
if one field exists without the other → FAIL
if any step hash isn't valid 64-char hex → FAIL then wrote tests/steward/test_cert03_step_chain_verify.py — 5 tests that attack the verifier specifically, not just the chain construction.
now mg.py verify actually runs all three layers:
integrity: SHA-256 root_hash match
semantic: job_snapshot present, payload.kind correct
step chain: trace_root_hash == final step hash
118 tests total. steward_audit PASS.
git clone https://github.com/Lama999901/metagenesis-core-public
python -m pytest tests/steward/test_cert03_step_chain_verify.py -v
the lesson: "i implemented X" and "X runs when you call verify" are two different things. found that gap myself. fixed it first.
# the chain is just SHA-256, chained:
hash_1 = SHA256("init_params" + data + "genesis")
hash_2 = SHA256("generate_dataset" + data + hash_1)
hash_3 = SHA256("compute_metrics" + data + hash_2)
trace_root_hash = SHA256("threshold_check" + data + hash_3)
``` change anything — seed, sample count, noise level, step order — trace_root_hash changes. the verifier catches it. 118 tests. three independent layers. MIT license. no network. no trust required.
```
git clone https://github.com/Lama999901/metagenesis-core-public
python -m pytest tests/steward/test_cert03_step_chain_verify.py -v |