You’re exploring the full DataBridge platform free, with synthetic Future Horizons University data. Everything is unlocked; actions run in your demo session (in-session only, not saved to a real backend).

FHU Databridge
Enterprise
Pricing
Analyst & Compliance
7 min

Prove it — the audit-log hash chain

Verify the tamper-evident trail behind every action you took.

By the end you’ll be able to

  • Read the hash-chained audit log.
  • Understand how chain verification proves integrity.
  • Connect the chain to the DR drill's `chain-head` and `chain-integrity` checks.

Every action the platform takes — audits, repairs, sign-offs, submissions, role changes, secrets touches — is appended to the audit log (`@databridge/audit-log`) as a structured event with a SHA-256 hash that chains to the previous entry. Altering a past entry breaks the chain, and verification (`verifyChain`) detects it.

The hash chain is what makes the data-quality story provable. You can hand a regulator the chain head (`chainHeadOf`), a small verification proof, and the canonical model, and they can independently confirm that the return was built from the data you said it was — months or years later, with no trust in DataBridge or the operator required.

The chain is also part of the disaster-recovery contract (`docs/DR_RUNBOOK.md`). The quarterly `pnpm dr:drill` exercises `chain-head` (the restored chain head matches the snapshot) and `chain-integrity` (the restored chain verifies end-to-end). A restore that loses or alters chain entries fails the drill — even if row counts match.

You'll open the audit-log viewer for the demo institution, scan recent entries, and see the chain head. This is the closing piece of the analyst's story: the trail you've been adding to all the way through this track is the evidence pack.

Walkthrough

  1. 1.Open the audit-log viewer

    See the recent entries for the demo institution, with actor, action, target and the chain hash.

    Open audit log

  2. 2.Find a repair or submission entry

    Look for an `rule.repair` or `submission.send` entry from the earlier lessons. Note its prevHash + hash — that's the chain link.

    Inspect entries

  3. 3.Connect to the DR drill

    Read the DR runbook section that names `chain-head` and `chain-integrity` — the drill that exercises this same chain in CI.

    DR drill lesson

Your turn

Open the audit log for the demo institution and find at least one hash-chained entry.

Hint: Use the 'Open audit log' step above.

Knowledge check

1.What does `verifyChain` confirm about an audit log?
2.Why is the chain part of the DR drill?

Complete this lesson