You’re exploring the full DataBridge platform free, with synthetic Future Horizons University data. Everything is unlocked; actions run in your demo session (in-session only, not saved to a real backend).

FHU Databridge
Enterprise
Pricing
Evaluator & Procurement
7 min

The proof

Cited rules and a tamper-evident audit trail — why DataBridge is procurement-grade.

By the end you’ll be able to

  • Understand citation discipline: every rule cites a published source or is marked `[UNVERIFIED:]`.
  • Understand the hash-chained audit log: appends are signed and alteration is detectable.
  • Recognise the two artefacts an evaluator can ask for to test the proof claim end-to-end.

There are two reasons DataBridge calls itself procurement-grade, and you can test both yourself in this lesson. The first is citation discipline: every Quality Rule names the published source it enforces — a HESA coding-manual field, an OfS regulatory threshold, a TCSI data-element rule — or it carries an explicit `[UNVERIFIED:]` marker. The audit-rule coverage report (`docs/AUDIT_RULE_COVERAGE.md`) tracks how many rules are unverified at HEAD; that number is visible rather than hidden, and the freshness gate keeps it honest.

Citation matters because a finding without a citation is just an opinion. With a citation, the finding can be defended to a registrar against the exact paragraph of the published source it enforces. Refusing to ship fabricated citations is a hard product rule (see `CLAUDE.md`); the F12–F15 audit packs are the working enforcement of it.

The second reason is the tamper-evident audit log. The `@databridge/audit-log` package implements a SHA-256 hash chain: `AuditLog.append` writes the next entry with the previous entry's hash folded in, and `verifyChain` walks the chain to detect any alteration after the fact. The `chainHeadOf` query returns the latest head — useful for snapshotting in disaster-recovery drills (the `dr:drill` job exercises chain integrity as part of restore verification).

Together, citation discipline and the hash chain give you two evidence packages. Per finding: a cited rule and an appended log entry. Per submission: a verifiable chain whose head can be snapshotted and re-verified later. An evaluator can ask for either — the answer is a real artefact, not a screenshot.

In this walkthrough you'll open the audit log to see the chain, then open the codesets reference to see how rules carry their citations alongside the underlying enumerations.

Walkthrough

  1. 1.Open the tamper-evident audit log

    Open the audit log. Each row is an append to the SHA-256 chain. Note the per-entry hash — altering any earlier entry would break the chain on `verifyChain`.

    Open the audit log

  2. 2.Browse the codesets reference

    Open the codesets reference. Each codeset is the enumeration a rule cites — HESA, OfS, TCSI — and shows the published source for the values.

    Open codesets

  3. 3.See a HESA return surface

    Open the HESA returns workspace. The streams listed there are the targets the cited rules ultimately guard — Student, Provider, Staff, EMR, GOS, AOS, Finance.

    Open HESA streams

Your turn

Open the audit log and look at any single entry. Note (a) that it carries its own hash and (b) that the chain runs unbroken back to the first entry — the property `verifyChain` exercises.

Hint: Use the 'Open the tamper-evident audit log' step above.

Knowledge check

1.What does citation discipline guarantee about an audit finding?
2.What property does the SHA-256 hash chain give the audit log?
3.An evaluator asks: 'Prove the chain hasn't been altered since last quarter.' What's the answer?

Complete this lesson