Self-Verifying Measurement Records: Hash-Linked Evidence Graphs for Hardware Benchmarking

Computer Science > Cryptography and Security [Submitted on 26 Jun 2026] Self-Verifying Measurement Records: Hash-Linked Evidence Graphs for Hardware Benchmarking Faruk Alpay, Baris Basaran Performance numbers reported for hardware are accepted on trust: the reader cannot recompute them, the apparatus is gone, and the silicon itself can be silently wrong, with fleet studies reporting on the order of one core in a thousand returning incorrect arithmetic with no error raised. We make a reported hardware measurement a tamper-evident, independently checkable record. Every quantity in the text, a table, or a figure is bound, by its content hash, to the observation and the verification behind it; the whole is a hash-linked, append-only structure (a transparency log for measurement) that a verifier audits offline without trusting its producer. Matrix products are verified by a probabilistic identity (Freivalds) at O(k n^2) cost under a tolerance we derive from floating-point error analysis and calibrate to the device's own measured residual floor, so a wrong product is rejected with probability 1 - 2^(-k); quantities with no such identity carry an algebraic checksum and a measured reproducibility class. We then treat the check itself as a security object: a probe seed committed for offline reproducibility is an attack surface, and a probe-aware adversary can hide a corruption in the probe's null space, fooling even a quorum of bit-identical witnesses, while a Fiat-Shamir challenge derived from the claimed output closes this. Driving the device from an unprivileged tenant's reach, with a di/dt power virus and a thermal soak, neither moves the calibrated tolerance nor produces a silent error, placing the physical-fault threat at the rare defective part or the privileged attacker and marking the boundary at which the record must compose with a hardware root of trust. We demonstrate the construction across Blackwell and Hopper GPUs and report a residual-floor and reproducibility map by precision, size, and device. Comments: 17 pages, 3 figures, 7 tables. Ancillary files (anc/) contain the full source code, the raw observations, the hash-linked evidence graph, and a SHA-256 manifest; the record audits offline with a standard-library script Subjects: Cryptography and Security (cs.CR); Hardware Architecture (cs.AR) MSC classes: 68M25, 68W20, 94A60, 65G50 ACM classes: E.3; C.4; B.8.1; G.1.0 Cite as: arXiv:2606.27934 [cs.CR]   (or arXiv:2606.27934v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2606.27934 Focus to learn more Submission history From: Baris Basaran [view email] [v1] Fri, 26 Jun 2026 10:26:50 UTC (387 KB) Access Paper: HTML (experimental) view license Ancillary files (details): README.md adversary.json code/adversary.py code/build_graph.py code/canon.py (37 additional files not shown) Current browse context: cs.CR < prev   |   next > new | recent | 2026-06 Change to browse by: cs cs.AR References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)