Dual ledger: tamper-proof transaction tracking on both sides

Every inference request is recorded in a local JSONL ledger with a SHA-256 hash of (id + tokens + duration + cost + shared_secret). Both sides keep independent copies: - Gateway (Matt's): writes to ledger.jsonl on every request - Receiver (Seth's): receives callbacks, saves per-gateway ledger Endpoints: - GET /ledger — view transactions + total cost - GET /reconcile — compare ledger vs stats, verify all hashes - POST /config — adjust cost params live ledger_receiver.py runs on Seth's server: - POST /transaction — receive and verify gateway callbacks - GET /summary — total cost per gateway - GET /ledger — all transactions across gateways If either side resets stats, the other's ledger has the full history. If either side tampers with entries, hash verification catches it. Tested: request → ledger write → reconcile → hash valid → zero discrepancy Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-20 19:56:10 -04:00
parent 583c563daa
commit 968b00890f
3 changed files with 275 additions and 3 deletions
@@ -20,5 +20,9 @@ SPENDING_CAP=10.00           # $ before gateway stops accepting
 LABOR_RATE_PER_HOUR=0.00     # $/hr for setup/maintenance time
 PROFIT_MARGIN=0.00           # Markup multiplier (0.10 = 10%)

+# Dual ledger
+LEDGER_SECRET=change_me_to_a_shared_secret   # Both sides must match
+CALLBACK_URL=                                # Seth's server (e.g. http://seth_ip:8435/transaction)
+
 # Features
 ALLOW_MODEL_UPDATES=false    # Allow remote model push via /admin/update-model