The problem
`evidence_pointer` in `Finding` is shaped:
```json
{ "tool": "inspect_persistence_locations", "turn": 2, "field": "observation.actionable_suspicious_count" }
```
That is a pointer into the agent's run-time state, not preserved evidence. By the time an analyst reads the report, the original tool output may not be retained (depends on `--evidence-bundle-dir` flag). Even when it is, no hash, signature, or chain-of-custody metadata exists. This is unusable for any forensic process that needs to be defensible.
What good looks like
```json
{
"evidence": {
"hash_sha256": "643a6da2...887389",
"captured_at": "2026-04-26T10:30:00Z",
"original_path": "C:\Windows\System32\notepad.exe",
"copy_path": "./evidence/2026-04-26-run-abc/notepad.exe",
"tool_invocation": { "tool": "hash_binary", "args": {"path": "C:\Windows\System32\notepad.exe"} },
"raw_observation": { "sha256": "643a6da2...", "path": "C:\Windows\..." },
"signature": "ed25519:..."
}
}
```
For registry/event-log/network observations, the "copy" is a snapshot of the queried subtree at run time, signed with a per-host key (generated on first run, persisted in OS keystore).
Acceptance
- Every finding carries hash + timestamp of preserved observation.
- Evidence bundle tarball is signed and verifiable offline (`wraithrun verify-evidence `).
- Documentation references chain-of-custody requirements (DFIR practitioner audience).
The problem
`evidence_pointer` in `Finding` is shaped:
```json
{ "tool": "inspect_persistence_locations", "turn": 2, "field": "observation.actionable_suspicious_count" }
```
That is a pointer into the agent's run-time state, not preserved evidence. By the time an analyst reads the report, the original tool output may not be retained (depends on `--evidence-bundle-dir` flag). Even when it is, no hash, signature, or chain-of-custody metadata exists. This is unusable for any forensic process that needs to be defensible.
What good looks like
```json
{
"evidence": {
"hash_sha256": "643a6da2...887389",
"captured_at": "2026-04-26T10:30:00Z",
"original_path": "C:\Windows\System32\notepad.exe",
"copy_path": "./evidence/2026-04-26-run-abc/notepad.exe",
"tool_invocation": { "tool": "hash_binary", "args": {"path": "C:\Windows\System32\notepad.exe"} },
"raw_observation": { "sha256": "643a6da2...", "path": "C:\Windows\..." },
"signature": "ed25519:..."
}
}
```
For registry/event-log/network observations, the "copy" is a snapshot of the queried subtree at run time, signed with a per-host key (generated on first run, persisted in OS keystore).
Acceptance