Every dispatch, every spawn, every exit, every tool call appends a row to the audit chain. Each row’s hash includes the previous row’s hash — truncating or rewriting the chain is detectable. 
audit_v1 hash = blake3(prev_hash || canonical_json(row))
You can replay a run end-to-end after the fact: 
flocks gateway audit replay --grant-id <id>
The 2026-04-25 audit catalogue is at docs/security/audits/2026-04-25/README.md in the source tree.