Self-Verifying Measurement Records: Hash-Linked Evidence Graphs for Hardware Benchmarking

📅 2026-06-26
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
Hardware benchmarking often suffers from limited verifiability, hindering reproducibility and auditability, and is vulnerable to silent computational errors. This work proposes the first end-to-end verifiable measurement logging system, which integrates transparent logs, probabilistic verification (e.g., Freivalds’ algorithm), and an adversarial-aware Fiat-Shamir challenge mechanism to bind all observations into an append-only hash chain via content-based hashing, enabling offline auditing. The system incorporates algebraic checks, floating-point error tolerance calibration, and di/dt power and thermal stress testing to effectively distinguish physical faults from malicious tampering. Experiments on Blackwell and Hopper GPUs demonstrate that the approach accurately characterizes residual noise floors across varying precisions and scales, detects no undetected silent errors, and thereby validates its effectiveness and robustness.
📝 Abstract
Performance numbers reported for hardware are accepted on trust: the reader cannot recompute them, the apparatus is gone, and the silicon itself can be silently wrong, with fleet studies reporting on the order of one core in a thousand returning incorrect arithmetic with no error raised. We make a reported hardware measurement a tamper-evident, independently checkable record. Every quantity in the text, a table, or a figure is bound, by its content hash, to the observation and the verification behind it; the whole is a hash-linked, append-only structure (a transparency log for measurement) that a verifier audits offline without trusting its producer. Matrix products are verified by a probabilistic identity (Freivalds) at O(k n^2) cost under a tolerance we derive from floating-point error analysis and calibrate to the device's own measured residual floor, so a wrong product is rejected with probability 1 - 2^(-k); quantities with no such identity carry an algebraic checksum and a measured reproducibility class. We then treat the check itself as a security object: a probe seed committed for offline reproducibility is an attack surface, and a probe-aware adversary can hide a corruption in the probe's null space, fooling even a quorum of bit-identical witnesses, while a Fiat-Shamir challenge derived from the claimed output closes this. Driving the device from an unprivileged tenant's reach, with a di/dt power virus and a thermal soak, neither moves the calibrated tolerance nor produces a silent error, placing the physical-fault threat at the rare defective part or the privileged attacker and marking the boundary at which the record must compose with a hardware root of trust. We demonstrate the construction across Blackwell and Hopper GPUs and report a residual-floor and reproducibility map by precision, size, and device.
Problem

Research questions and friction points this paper is trying to address.

hardware benchmarking
silent errors
measurement verification
tamper-evident records
reproducibility
Innovation

Methods, ideas, or system contributions that make the work stand out.

Self-Verifying Measurement
Hash-Linked Evidence Graph
Probabilistic Verification
Fiat-Shamir Challenge
Hardware Benchmarking Trust