Temporal Versioning AUDITLOG Replay Hash-Chained States

Replayable Systems

Reconstruct any system state at any point in time. Every transition hash-chained.
What was the value of key X at time T? Answer: 31 nanoseconds.

31ns
Historical State Lookup
Version History Depth
0
Events to Replay
3
PQ Sigs per Version
Definition

A replayable system can reconstruct any state at any point in time. Every state transition — every SET, UPDATE, DELETE — is recorded in a hash-chained audit log. Replay only works if you have a tamper-proof audit trail. Every version of every key is preserved. The system can answer "what was the value of key X at time T?" for any key and any time. This is not event replay (rebuilding state from a log). This is direct version lookup — the historical state is stored and accessible at 31 nanoseconds.

Why It Matters

Three Reasons You Need State Replay

A regulator asks: "What was the account balance at 3:47 PM on March 15?" A developer asks: "What data was in production when the bug occurred?" An auditor asks: "Prove the state at the time of this transaction." All three require the same capability: reconstructing past state.

Visual

State at Any Point in Time

Every key maintains a complete version history. Query any version at any timestamp.

account:balance_4821 — Temporal Version History

Every version is hash-chained to the previous. No version can be retroactively inserted or modified.

T-3h
v1 $12,450.00 initial deposit
T-2h
v2 $11,950.00 -$500.00 wire
T-45m
v3 $14,200.00 +$2,250.00 ach
T-10m
v4 $14,175.00 -$25.00 fee
T-now
v5 (current) $14,675.00 +$500.00 refund
Query
GET account:balance_4821 --at T-2h
Result
$11,950.00 (v2, verified, 31ns)
Comparison

Event Sourcing vs CQRS vs Cachee

PropertyEvent SourcingCQRSCachee Audit Chain
State ReconstructionReplay events (slow)Read model (separate)Direct lookup (31ns)
Storage CostAll events foreverEvents + projectionsVersions + hash chain
Query Historical StateReplay to time TOnly if projectedGET key --at T (31ns)
Tamper EvidenceNone (append-only trust)NoneSHA3-256 hash chain
ComplexityEvent handlers, projections, snapshotsCommand/query splitOne library, automatic
Schema EvolutionEvent versioning neededProjection rebuildValues stored directly
PQ SignaturesNot availableNot available3 families per version

Event sourcing gives you replay at the cost of complexity and rebuild time. Cachee gives you the same time-travel capability with direct version lookup — no events to replay, no projections to maintain, no snapshots to manage. Every replay is grounded in verifiable computation results. Every version is a first-class value stored at 31ns.

Architecture

Event Replay vs Direct Version Lookup

Event Sourcing Replay
Load event stream (N events)
Apply event 1 to empty state
Apply event 2...
Apply event N (reach target time)
O(N) event replays. Seconds to minutes for large streams. Snapshot helps but adds complexity.
Cachee Direct Version Lookup
GET key --at timestamp
Binary search version index
Return versioned value (31ns)
Verify hash chain link
O(log N) lookup. 31 nanoseconds. No events to replay. No projections.
Performance

State Reconstruction Speed

Event sourcing replay (10K events to target state) 500,000,000 ns (500ms)
Replay 10,000 events sequentially
CQRS read model (if pre-projected) 1,000,000 ns (1ms)
Database query to read model
Cachee direct version lookup (hash-chained, PQ-signed) 31 ns
16,129,032x
vs event sourcing replay. Same historical state. No events to process.
Reconstruction

The AUDITLOG Command

The AUDITLOG command reconstructs the full lifecycle of any key: every version, every state transition, every actor who modified it, every timestamp. The result is a hash-chained sequence of records that can be independently verified.

// Full lifecycle of a key AUDITLOG account:balance_4821 // Lifecycle since a specific date AUDITLOG account:balance_4821 SINCE 2026-04-01 // Lifecycle filtered by actor AUDITLOG account:balance_4821 ACTOR system:wire_transfer // Point-in-time query GET account:balance_4821 --at 2026-05-02T15:47:00Z // Diff between two points in time DIFF account:balance_4821 --from T-3h --to T-now

Unlike grep-based log search, AUDITLOG returns structured, cryptographically-linked records. Every record is PQ-signed. Every transition is hash-chained to the previous. The audit trail itself is tamper-proof.

Deep Dive

Temporal Versioning Internals

Every key in Cachee maintains a version index — a time-ordered list of all versions. When a key is updated, the previous value is not overwritten. Instead, a new version is created with a hash-chain link to the previous version.

// Internal version chain for account:balance_4821 version_index = [ { seq: 1, ts: "T-3h", hash: SHA3-256(v1_data || genesis), val: 12450.00 }, { seq: 2, ts: "T-2h", hash: SHA3-256(v2_data || v1_hash), val: 11950.00 }, { seq: 3, ts: "T-45m", hash: SHA3-256(v3_data || v2_hash), val: 14200.00 }, { seq: 4, ts: "T-10m", hash: SHA3-256(v4_data || v3_hash), val: 14175.00 }, { seq: 5, ts: "T-now", hash: SHA3-256(v5_data || v4_hash), val: 14675.00 }, ] // Point-in-time query: binary search on timestamp GET key --at T-45m // binary search -> seq:3 -> return v3 (31ns)

The version index is itself hash-chained. No version can be retroactively inserted — inserting between v2 and v3 would require recomputing v3's hash (which includes v2's hash), which would require recomputing v4's hash, and so on. The chain is tamper-evident by construction.

Point-in-time queries use binary search over the version index — O(log N) complexity. For a key with 1,000 versions, the lookup touches at most 10 entries. For 1,000,000 versions, 20 entries. The result is always returned in nanoseconds, regardless of version depth.

cachee-replay-demo
[1] $ AUDITLOG account:balance_4821 SINCE T-3h
    v5 T-now $14,675.00 actor=system:refund chain:OK
    v4 T-10m $14,175.00 actor=system:fee chain:OK
    v3 T-45m $14,200.00 actor=system:ach chain:OK
    v2 T-2h $11,950.00 actor=system:wire chain:OK
    v1 T-3h $12,450.00 actor=system:deposit chain:OK
 
[2] $ GET account:balance_4821 --at T-45m
    $14,200.00 (v3) verified in 31ns
 
[3] $ DIFF account:balance_4821 --from T-3h --to T-now
    $12,450.00 → $14,675.00 (+$2,225.00) 5 transitions
 
    Full state history. Every version verified. Every transition chained.

Run it yourself: brew install cachee && cachee replay-demo

Applications

Where Replayable Systems Matter

💰
Financial State Replay
SEC Rule 17a-4 and MiFID II require trade reconstruction. Regulators ask: "What was the position at 3:47 PM?" Direct version lookup returns the answer in 31ns with cryptographic proof.
🐛
Production Debugging
A bug occurred in production at 2:15 AM. What data was in the cache at that moment? Reconstruct the exact state, identify the exact input that caused the failure, and fix with certainty.
SOX Compliance
Section 404 requires internal control testing. Auditors need to verify that controls were effective at specific points in time. Temporal versioning provides cryptographic proof of state at any past moment.
🏥
Healthcare Access Replay
HIPAA investigations require reconstructing who accessed what data and when. Every access event is hash-chained. The audit chain is tamper-proof and instantly queryable.
🛡
Incident Forensics
After a security incident, you need to reconstruct the system state at the time of compromise. What data was accessed? What was modified? The audit chain provides cryptographic evidence.
🤖
AI Model Rollback
A model update produces worse results. Roll back to the previous version's cached results instantly. Every inference result is versioned with its model version, inputs, and parameters.
Install

Get Started

brew tap h33ai-postquantum/tap && brew install cachee cachee init && cachee start # Every SET automatically creates a versioned entry SET account:balance_4821 12450.00 SET account:balance_4821 11950.00 # Query historical state at any point GET account:balance_4821 --at 2026-05-02T12:00:00Z # Full audit trail with hash chain verification AUDITLOG account:balance_4821 # Diff between two points in time DIFF account:balance_4821 --from T-1h --to T-now

Temporal versioning is automatic. Every SET preserves the previous value and creates a hash-chain link. No configuration needed. No event store to manage. No projections to maintain. Every key is replayable by default. This is what makes the system verifiable audit infrastructure.

Reconstruct any state. At any time. In 31 nanoseconds. Cryptographically proven.

Install Cachee Audit Trail Architecture

Deep Dives

Tamper-Proof Audit Trails Compliance Audit Infrastructure Computation Fingerprinting Cache Attestation: Three PQ Families Data Lineage Verification Verifiable Computation Compliance-Ready Infrastructure What is Post-Quantum Caching?
Knowledge Base

Explore Verifiable Computation Infrastructure

Every page in the Cachee knowledge base. Proven computation, not cached data.

Post-Quantum Caching
The category definition. Run computation once, serve forever. Tamper-Proof Audit Trails
SHA3-256 hash-chained immutable logging. Cache Attestation
Signed cache entries. Three PQ families per SET. Computation Fingerprinting
Identity for results. Provenance, not just output. Data Lineage Verification
Prove where your data came from. Compliance-Ready Infrastructure
Pass audits without slowing down.