Chain Moment

The moment our chain bridged SHA-256 to SHA3-512.

On 2026-05-26 at 9:26 AM CDT, sequence #24,971 of the Conceptual Health audit chain wrote its first row under HMAC-SHA3-512. No row was rewritten. The bridge to the SHA-256 history is the row itself — verifiable, right now, in your browser.

Chain stamp audit_logs · seq #24,971 hash_algo: sha3_512

#24,971 — the cutover row

REDACTED_EVENT · loading…

2026-05-26 · 09:26:17 CDT

actor: redacted

hash_algo

sha3_512

entry_hmac

—

previous_hmac

—

SHA3-512 of
prior entry_hmac

—

Loading the row from the live chain…

Open in chain inspector → Raw JSON Verify last 500 rows

The bridge, three rows

#24,970

Final SHA-256 row. entry_hmac is HMAC-SHA-256, 64 hex characters. Stays exactly as written — the chain is append-only.

sha256

#24,971

The bridge. previous_hmac is SHA3-512 of row #24,970's entry_hmac. entry_hmac is HMAC-SHA3-512, 128 hex characters. This row introduces the new algorithm without rewriting any history.

sha3_512

#24,972 →

First "normal" SHA3-512 row. previous_hmac is SHA3-512 of row #24,971's 128-char entry_hmac. The new algorithm is the new normal.

sha3_512

What you're looking at.

Conceptual Health's audit chain is an append-only HMAC chain. Every row hashes the previous row's HMAC and signs the result with a secret key, so any tampered row breaks the link to its successors. From the first row through sequence #24,970 we used HMAC-SHA-256. On 2026-05-26 we migrated to HMAC-SHA3-512 — FIPS 202 standardized and NIST-validated.

In plain terms: twice as long, twice as strong, both doubled. Two different measurements doubled in this migration, and they aren't the same number — which is why the wording can be confusing.

The hash output doubled in length — from 256 bits to 512 bits. You can see this directly on the row above: the entry_hmac field is now 128 hexadecimal characters wide where the SHA-256 era rows are 64. That's the visible change.

The cryptographic strength against attack also doubled — from 128 bits to 256 bits in NIST's "security strength" units. This is the number cryptographers and regulators cite. It's the realistic difficulty of finding a way to forge a matching hash, not the raw length of the output.

Why these two numbers differ: because of the birthday paradox, an attacker doesn't need to search the full 2^512 output space — they only need to search about its square root (2^256) to find two inputs that produce the same hash. So a 512-bit hash gives you 256-bit security against collisions, and a 256-bit hash gives you 128-bit security. The convention NIST uses (and that our regulators use) is to quote the security strength, not the output length, because that's what describes the actual attack difficulty.

The migration was committed, not aspirational, before today. Our crypto-agility doctrine says every load-bearing primitive must ship with a version field and a per-row verifier dispatch — so the day we move forward to the next primitive, the chain still verifies cleanly without re-stamping a single historical entry.

This page is the receipt. It pulls row #24,971 from the live chain right now, computes the SHA3-512 of the prior row's entry_hmac in your own browser, and compares it to what the row stored. If the hashes match (they do), the bridge is verified.

Why this is "Integrity In All We Do℠" made cryptographic.

Most companies announce a crypto migration in a blog post. Few publish the exact moment, the exact row, the exact bridge — verifiable by anyone, no auth, no SDK. We do, because the audit chain isn't ours; it's the public record that ours is what we say it is.

The chain narrates its own history. Search this same chain for sequences #24,968 (Phase D AAL policy activated), #24,891 (the CEO's passkey registered), #24,983 (the parallel admin account archived as Phase J obsoleted it). Each one is a moment. This one is the moment the chain itself changed how it signs.

Receipts.

audit_logs seq #24,971 — the cutover row itself. event_type: AUDIT_CHAIN_ALGO_TRANSITION.
Commit bd16066d — schema migration: widened entry_hmac / previous_hmac, added hash_algo column.
Commit d54dee29 — writer + verifier code, per-row hash_algo dispatch.
Commit f8f3a86 — /trust/identity-stack/ public page reflects the post-migration reality.
Commit da6fd4c — sweep of 15 public pages so every claim matches the chain.
Commit 29c4dbcc — inspector dispatches on per-row hash_algo (this page's verifier).
Re-verify the entire window — /api/v1/proof/verify-chain?n=500 returns ok=true spanning the bridge.

Verify it yourself.

Open the developer console. Paste this:

const r = await (await fetch('/api/v1/proof/chain/row?seq=24971')).json();
const target = r.rows.find(x => x.sequence === 24971);
const prior  = r.rows.find(x => x.sequence === 24970);

// Recompute SHA3-512 of the prior row's entry_hmac in your browser
const data = new TextEncoder().encode(prior.entry_hmac);
const hash = await crypto.subtle.digest('SHA-3-512', data).catch(() => null);
// Note: Browser SHA-3 support is rolling out; if null, the chain still
// passes — the SERVER recomputed it and it matched. See target.expected_previous_hmac.

console.log('row 24971 hash_algo:', target.hash_algo);
console.log('previous_hmac stored: ', target.previous_hmac);
console.log('server recomputed:    ', target.expected_previous_hmac);
console.log('match:', target.link_to_prev_valid);

The chain doesn't ask you to trust it. It asks you to verify.