Pillar 3
Evidence-Grade Audit
Audit data designed for independent scrutiny. Signed bundles, hash chains, and snapshot records that let auditors verify integrity offline — without trusting the platform.
What you get
- Tamper-evident signed bundles (HMAC-SHA256) verified with standard tools
- Snapshot hash recorded to database at export time — independent of the bundle itself
- Full policy state captured at evaluation time, not just the outcome
- Hash-chained access events detect reordering or deletion
- Offline verification — auditors need no platform access
How it works
- 1Access events accumulate
Every share access — granted, denied, or revoked — is logged with outcome, policy state, token suffix, client IP, and server timestamp.
- 2Export signed bundle
The bundle endpoint produces a ZIP: access_report.csv + manifest.json (file hashes) + signature.txt (HMAC-SHA256). A snapshot hash is recorded to the database.
- 3Auditor verifies offline
Standard tools (sha256sum, HMAC verification) confirm file integrity, signature validity, and snapshot consistency. No platform access required.