Transparency
Every time Penny hands out a key, it's written into a sealed, append-only log — each entry chained to the last, so nothing can be quietly altered or removed. What you see below proves the log is complete. What you'll never see is who read what: entries carry no reader identity and are salted so they can't be linked to one. Verify it yourself: pnpm verify:chain.
2 keys released to date
| Seq | When (hour) | Piece | Kind | Salt (8…) | Hash (12…) |
|---|---|---|---|---|---|
| 2 | 2026-07-08T15:00:00.000Z | The Spike in My Inbox | purchase | bd4cb9e4… | 0de2ac176098… |
| 1 | 2026-07-08T15:00:00.000Z | The Spike in My Inbox | purchase | b082a3a3… | dd7bd86fbbc9… |
To recompute any hash: sha256(previous_hash ‖ JSON([seq, hour_ts, content_id, kind, salt_hex])). Run pnpm verify:chain to walk the whole chain.
Anonymous reads (M15c)
These are reads that happened before a reader signed in. The figures are aggregate counts and pence — no tab cookie, no IP, and no reader identity is exposed here.
No anonymous grants yet.