Verifying Integrity of KEL and Witness Logs — Any Cryptographic Methods in Signify or KERIA?

[Kaifmohd]

Hi all,

While working with signify-ts and KERIA, I had a question regarding the integrity of event logs.
Is there any recommended way to cryptographically verify the authenticity and integrity of KEL (Key Event Logs) or witness receipts/logs? Specifically:

1. Can we detect if any tampering has occurred in the event sequence or witness data?
2. Are there any built-in methods or endpoints in signify-ts or KERIA that help validate these logs?
3. Can signatures from controllers and witnesses be verified independently using local cryptographic primitives?
4. I understand that the KEL structure and SAIDs offer some protection, but I’m looking for a robust verification method to ensure that:
5. The event chain is cryptographically intact (e.g., digest chaining, proper d field)
6. Attached signatures (atc, receipts) can be independently verified

Would love to hear how others handle this, or if there are utility methods in the libraries that I might have missed.

Thanks in advance!

[SmithSamuelM]

A KEL is a backword and forward hash chained non-repudiably signed self-referencial verifiable data structure. So when you say that the KEL structure and SAIDs offer some protection, I can't help but feel that your question is premature, that you have yet to understand the unprecedented high degreee of protection that is already provided by a KEL before you can even ask if it is lacking if at all. Since the code is open source and the KERI whitepaper provides detailed abstract data models of all the events in a KEL, I suggest you start there.

If what you want is someone to give you a tutorial on how the various pieces of the KEL work, I suggest you look at the slide decks on the keri.one site which walk one through the KEL and what each piece does.