Expand description
Audit trail structures for AION v2
This module implements the embedded audit trail as specified in RFC-0002 and RFC-0019. All audit operations are logged with cryptographic hash chaining to prevent tampering.
§Structure
The audit trail is a hash-chained sequence of 80-byte entries. Each entry records:
- Timestamp - Nanosecond-precision Unix timestamp
- Author - Who performed the action
- Action - What operation was performed
- Details - Human-readable description (stored in string table)
- Chain Link - BLAKE3 hash of previous entry
§Hash Chain Integrity
Each audit entry contains the BLAKE3 hash of the previous entry, forming an immutable chain. The genesis entry (first entry) has an all-zero previous hash. Any modification to an entry breaks the chain, making tampering evident.
§Compliance
The audit trail satisfies requirements for:
- SOX: Comprehensive change tracking with non-repudiation
- HIPAA: Access control and information system activity logging
- GDPR Article 30: Records of processing activities
§Usage Example
use aion_context::audit::{AuditEntry, ActionCode};
use aion_context::types::AuthorId;
// Create genesis audit entry
let entry = AuditEntry::new(
1_700_000_000_000_000_000, // timestamp in nanoseconds
AuthorId(1001),
ActionCode::CreateGenesis,
42, // details_offset in string table
15, // details_length
[0u8; 32], // previous_hash (all zeros for genesis)
);
// Entry is exactly 80 bytes
assert_eq!(std::mem::size_of_val(&entry), 80);§Serialization
Audit entries use deterministic binary serialization with #[repr(C)] layout.
All multi-byte integers are little-endian. The format is zero-copy compatible
for efficient parsing.
Structs§
- Audit
Entry - Audit trail entry with hash chain integrity
Enums§
- Action
Code - Action codes for audit trail entries