Is audit mode working?

[gianlucapisati]

What happened
I inserted a key-value pair using safeset, then manually tampered with the underlying .val file (editing the value with a hex editor while immudb was stopped).
I then restarted immudb and ran immuclient audit-mode.
Despite the tamper, the audit reported consistent: true and did not detect any hash mismatch.

What you expected to happen
I expected audit-mode to detect a mismatch between the current root hash and the previously stored state, or fail to verify the Merkle tree consistency due to the altered value.
At minimum, I expected the audit to report a hash inconsistency or raise a verification error.

How to reproduce it (as minimally and precisely as possible)

1. Start immudb (v1.9.x)

2. Run:

   immuclient safeset mykey myvalue

3. Stop immudb

4. Locate the corresponding .val file (e.g. defaultdb/val_0/00000000.val)

5. Edit it with a hex editor and change the value to mynewvalue

6. Restart immudb

7. Run:

   immuclient audit-mode \
     --immudb-address 127.0.0.1 \
     --immudb-port 3322 \
     --audit-username immudb \
     --audit-password immudb \
     --audit-databases defaultdb \
     --server-signing-pub-key ./public.key

8. Observe the output (consistent: true) even though the data has been tampered

Environment

immudb version: 1.9.7 (Docker image: codenotary/immudb:1.9-almalinux-8-minimal)
immuclient version: 1.9.7 (macOS binary and Docker image: codenotary/immuclient:1.9.7)

Additional info (any other context about the problem)