How It Works

From filesystem events to verifiable journals and deterministic replay.

Filesystem Activity as Evidence

Most systems preserve state. JCOOP preserves the activity that led to that state. A snapshot can show that a file exists. A journal can show how it came to exist.

JCOOP treats filesystem activity as evidence. Rather than recording snapshots of a system, JCOOP records the operations that created those snapshots.

Think of JCOOP as CCTV for filesystem activity. Like a security camera records activity within a building, JCOOP records filesystem activity within its configured observation boundary.

The JCOOP Pipeline

JCOOP observes the operations that mutate your filesystem and records them into an append‑only journal. Integrity checks and policy evaluation precede deterministic replay, ensuring that reconstruction is both trustworthy and under human control.

  • Filesystem Activity: Creates, writes, renames and deletes.
  • Journal Capture: Each mutation becomes a record with sequence number, timestamps and path data.
  • Integrity Verification: Hash chains and segment seals make tampering evident.
  • Policy Evaluation: Policies decide which events to replay and which to exclude.
  • Deterministic Replay: The journal is processed in order to reconstruct state.
JCOOP pipeline diagram

Journal Model

Every filesystem mutation is stored as an immutable journal entry. Records include sequence numbers, timestamps, operation types, path information, hash information and provenance metadata. Entries are grouped into append‑only segments that are sealed once complete.

  • Sequence number and timestamp
  • Operation type (create, write, rename, etc.)
  • Path and metadata
  • Hashes linking to previous records
  • Provenance information
Journal model icon

Integrity Model

JCOOP uses hash chaining to ensure that records cannot be altered or reordered without detection. Each entry includes the hash of the previous entry, forming a chain. Segments are sealed with their own cryptographic seal to define a trust boundary. If any record is tampered with after sealing, verification fails.

  • Hash Chains, Not Blockchains: Hashes make tampering evident without consensus or mining.
  • Segment Sealing: Completed segments are sealed and immutable.
  • Independent Verification: Anyone can recompute hashes and seals to verify integrity.
Integrity icon

Policy & Deterministic Replay

Reconstruction is governed by explicit policies. A policy specifies which events to include and which to exclude. Replay processes the journal in order, applying each event if allowed. Because replay has no hidden state and no external dependencies, it is fully deterministic: given the same journal and policy, you always get the same result.

  • Explicit Policies: Decide which operations to replay.
  • Determinism: No hidden state, no surprises.
  • Selective Restore: Exclude events such as deletes during reconstruction.
Policy icon