Glossary

Audit hash chain

A tamper-evident audit log structure in which each row carries a SHA-256 hash of the previous row + the canonical-JSON form of itself.

Hash-chained audit logs make tampering detectable. Mutating a row requires recomputing the hash of every subsequent row to keep the chain intact — which is detectable if the verifier walks the chain. RateStack implements this with previous_hash and entry_hash = SHA-256(previous_hash || canonical(row)).

The verify endpoint /v1/admin/audit/verify walks the chain and reports the first break (or ok: true). Run it on a schedule from your monitoring stack; treat a break as a security incident.

Feature: Observability
Trust: Security

← Back to glossary