How does SHA-256 pinning make an AI audit record tamper-evident?

SHA-256 (FIPS 180-4) produces a fixed 256-bit digest where any change to the input — one bit in the model, probe set, or result — yields a completely different hash, and the function is collision-resistant. Pinning each artifact by its digest and binding them…

register 09 · Compliance pins· SHA-256 / FIPS 180-4
01 ·

Answer.

Supply-chain / provenance standard · SHA-256 / FIPS 180-4.

SHA-256 (FIPS 180-4) produces a fixed 256-bit digest where any change to the input — one bit in the model, probe set, or result — yields a completely different hash, and the function is collision-resistant. Pinning each artifact by its digest and binding them into a Merkle root means internal or external compliance recomputes the hashes and detects any alteration. That is what makes a Planisphere record tamper-evident: a third party can recompute the root and confirm nothing changed, without trusting the producer.

02 ·

The mark behind the answer.

SHA-256 / FIPS 180-4 is a provenance standard: it cares about where an artifact came from and whether the chain is unbro…

hash algorithm · per-file pinning primitive.

→ Full reference for SHA-256 / FIPS 180-4

Prepare evidence for SHA-256 / FIPS 180-4 review.

First evidence record within 21 days of access · re-runs in a single business day. Planisphere measures model behaviour and emits a reproducible, sha-pinned record — it does not certify, file, or give legal advice.