loadLog should verify the hashes (and signatures) in the log, and refuse to use logs that are not valid proofs of a session.

(--replay and --graphvis need this; server's use of loadLog does not)

Everything else in debug-me checks a session's proof as it goes. And, everything that saves a log file checks the proof as it goes, so perhaps this is not actually necessary?

Yeah, let's not. Instead, --verify can be used. done --?Joey