Audit logging & integrity

Operational security events are recorded for forensics and governance.

Logs support investigations; they do not by themselves prove legal compliance. Hash chains reduce undetected tampering of new rows — they do not replace WORM hardware or court-grade evidence procedures unless paired with broader controls.

What we log (examples)

API abuse signals (rate limits, CORS rejects).
Key lifecycle events (rotation/revocation).
Capture accept/reject and billing sync milestones.

Hash chain (tamper evidence)

New audit rows link cryptographically to the prior row’s hash (SHA-256 over canonical fields). Verifiers can replay the chain for contiguous hashed sequences.

Concurrent writes introduce an inherent ordering race at extreme throughput — for sequential proofs under contested scenarios, prefer serialized audit ingestion or external immutable logs.

All topics · Security overview