Hash Chain Verification
Verify the integrity of your audit log using cryptographic hash chain verification to detect any tampering or modifications.
What is Hash Chain Verification?
Logproof uses a cryptographic hash chain to ensure the integrity of your audit log. Each event contains a hash that is calculated using SHA-256 based on:
- The hash of the previous event
- The current event's data (timestamp, action, actor, target, metadata)
This creates a tamper-proof chain where any modification to a past event will break the chain and be immediately detectable. If any event is altered, deleted, or inserted, the hash chain verification will fail at that point.
How it works: Event hash = SHA-256(previous_hash + event_data). This ensures that each event cryptographically depends on all events that came before it.
Verify Endpoint
GET
/verify
Verify the integrity of your entire audit log hash chain.
Required Scope
verify
Response
| Field | Type | Description |
|---|---|---|
status |
string | Verification status: valid or broken |
events_checked |
integer | Total number of events checked |
first_event_id |
string | ID of the first event in the chain |
last_event_id |
string | ID of the last event in the chain |
broken_at_event_id |
string|null | ID of the event where the chain broke (null if valid) |
Examples
curl -X GET "https://logproof.de/v1/verify" \ -H "Authorization: Bearer YOUR_API_KEY"
<?php
$client = new \GuzzleHttp\Client();
$response = $client->get('https://logproof.de/v1/verify', [
'headers' => [
'Authorization' => 'Bearer YOUR_API_KEY',
],
]);
$data = json_decode($response->getBody(), true);
if ($data['data']['status'] === 'valid') {
echo "Hash chain is valid!\n";
echo "Checked {$data['data']['events_checked']} events\n";
} else {
echo "Hash chain is broken at event: {$data['data']['broken_at_event_id']}\n";
}
const axios = require('axios');
async function verifyHashChain() {
try {
const response = await axios.get('https://logproof.de/v1/verify', {
headers: {
'Authorization': 'Bearer YOUR_API_KEY'
}
});
const { status, events_checked, broken_at_event_id } = response.data.data;
if (status === 'valid') {
console.log('Hash chain is valid!');
console.log(`Checked ${events_checked} events`);
} else {
console.log(`Hash chain is broken at event: ${broken_at_event_id}`);
}
} catch (error) {
console.error('Verification failed:', error.message);
}
}
verifyHashChain();
import requests
headers = {
'Authorization': 'Bearer YOUR_API_KEY'
}
response = requests.get(
'https://logproof.de/v1/verify',
headers=headers
)
data = response.json()['data']
if data['status'] == 'valid':
print(f"Hash chain is valid!")
print(f"Checked {data['events_checked']} events")
else:
print(f"Hash chain is broken at event: {data['broken_at_event_id']}")
Example Response (Valid Chain)
{
"data": {
"status": "valid",
"events_checked": 15234,
"first_event_id": "evt_01H2X3Y4Z5A6B7C8D9E0F1G2",
"last_event_id": "evt_01H8X3Y4Z5A6B7C8D9E0F1G2",
"broken_at_event_id": null
}
}
Example Response (Broken Chain)
{
"data": {
"status": "broken",
"events_checked": 15234,
"first_event_id": "evt_01H2X3Y4Z5A6B7C8D9E0F1G2",
"last_event_id": "evt_01H8X3Y4Z5A6B7C8D9E0F1G2",
"broken_at_event_id": "evt_01H5X3Y4Z5A6B7C8D9E0F1G2"
}
}
Important: A broken hash chain indicates that your audit log may have been tampered with. Contact support immediately if you detect a broken chain.