In addition to the check command, what other measures does restic use internally to safeguard integrity of the data?
Given it is run with
--read-data, afaik check command is enough to detect the inconsistencies. If you’d like recovery from situations like data loss/storage medium issues I don’t think there is redundancy yet, this issue could be relevant: Feature: Add redundancy for data stored in the repository · Issue #256 · restic/restic · GitHub
All data is integrity checked on use. That is, prune, restore etc. will detect corrupt data. The data format is also constructed to never modify existing files which reduces the risk of damage to existing data. It is also built such that restic operations can be interrupted at any point without damaging the repository. For certain backends, restic informs the backend about the expected hash of the uploaded data to prevent data corruption during uploads.
However, there is currently no protection (detection is possible using
check) against bit rot during storage.