Expand description
Astrid Audit - Chain-linked cryptographic audit logging.
This crate provides:
- Cryptographically signed audit entries
- Chain-linked entries (each contains hash of previous)
- Persistent storage with
SurrealKV - Chain integrity verification
§Security Model
Every audit entry is:
- Signed by the runtime’s ed25519 key
- Linked to the previous entry via content hash
- Timestamped
- Indexed by session
The chain linking provides tamper evidence - any modification to historical entries breaks the chain and is detectable.
§Example
use astrid_audit::{AuditLog, AuditAction, AuditOutcome, AuthorizationProof};
use astrid_core::SessionId;
use astrid_crypto::KeyPair;
// Create an in-memory audit log
let runtime_key = KeyPair::generate();
let user_id = runtime_key.key_id();
let log = AuditLog::in_memory(runtime_key);
// Start a session
let session_id = SessionId::new();
// Record an action
let entry_id = log.append(
session_id.clone(),
AuditAction::SessionStarted {
user_id,
platform: "cli".to_string(),
},
AuthorizationProof::System {
reason: "session start".to_string(),
},
AuditOutcome::success(),
).unwrap();
// Verify chain integrity
let result = log.verify_chain(&session_id).unwrap();
assert!(result.valid);Modules§
- prelude
- Prelude module - commonly used types for convenient import.
Structs§
- Audit
Entry - A single audit log entry.
- Audit
Entry Id - Unique identifier for an audit entry (used for linking).
- Audit
Log - Audit log for recording and verifying security events.
- Chain
Verification Result - Result of chain verification.
Enums§
- Approval
Scope - Scope of an approval.
- Audit
Action - Actions that can be audited.
- Audit
Error - Errors that can occur with audit logging.
- Audit
Outcome - Outcome of an audited action.
- Authorization
Proof - How an action was authorized.
- Chain
Issue - An issue found during chain verification.
Type Aliases§
- Audit
Result - Result type for audit operations.