Audit Chain
HMAC-SHA256 tamper-evident, append-only audit chain. Verify integrity, export logs, inspect stats.
Tamper-evident, append-only audit log. Every governance decision is HMAC-SHA256 linked to the previous entry, forming a verifiable chain. Import from governance-sdk/audit-integrity.
Functions
| Function | Signature | Description |
|---|---|---|
createIntegrityAudit | createIntegrityAudit(governance, { signingKey, algorithm? }) => IntegrityAudit | Create an integrity audit instance. Requires a signing key for HMAC-SHA256. |
chain.log | chain.log(event) => void | Append an entry to the chain with HMAC signature. |
chain.verify | chain.verify() => { valid: boolean; brokenAt?: number } | Walk the full chain, checking every HMAC link. |
chain.export | chain.export() => AuditEntry[] | Return the full chain as a serializable array. |
chain.stats | chain.stats() => AuditStats | Return summary statistics: chain length, timestamps, chain tip hash. |
Setup
ts
Note: The audit chain is built automatically. Every call to
enforce()appends an entry. No manual instrumentation needed.
Verify Integrity
ts
Export
ts
Stats
ts