Expand description
§quipu-core
Embedded, OS-independent audit-log storage engine.
- Append-only segment files with CRC framing (pure
std::fs, no OS-specific APIs) - Typed, versioned entity/actor registries (search by current or past attribute values; logs always render the values as they were at record time)
- Per-field protection: SHA-256 hashing (searchable) or RSA-OAEP encryption
- Custom audit-log columns (text / number / json) managed through a registry
- Retention windows enforced by whole-segment drops
The async event pipeline, filters, DLQ and HTTP proxy live in quipu-middleware;
this crate is the synchronous storage and query core underneath it.
Re-exports§
pub use access::summarize_access_query;pub use access::summarize_log_query;pub use access::AccessQuery;pub use access::AccessRecord;pub use access::ACCESS_TYPE;pub use access::RESERVED_TYPE_PREFIX;pub use checkpoint::Checkpoint;pub use crypto::KeyRing;pub use crypto::KeyVersion;pub use crypto::KEYLESS;pub use error::Error;pub use error::Result;pub use id::Uid;pub use merkle::Hash;pub use merkle_log::ConsistencyProof;pub use merkle_log::InclusionProof;pub use model::AuditLog;pub use model::Content;pub use model::StoredValue;pub use model::TargetRelation;pub use model::Value;pub use model::ValueKind;pub use query::LogQuery;pub use query::LogView;pub use query::MatchMode;pub use query::Order;pub use query::QueryPage;pub use query::TargetFilter;pub use query::TargetSnapshot;pub use registry::EntityInput;pub use registry::FieldTokens;pub use retention::RetentionPolicy;pub use schema::default_actor_type;pub use schema::default_target_type;pub use schema::CustomColumnDef;pub use schema::FieldDef;pub use schema::FieldIndex;pub use schema::FieldProtection;pub use schema::TypeSchema;pub use store::AnchorHook;pub use store::AuditStore;pub use store::ReadSnapshot;pub use store::RekeyEvent;pub use store::RekeyedTable;pub use store::StoreConfig;pub use store::SyncPolicy;
Modules§
- access
- Meta-audit (“access log”): records of reads and administrative actions against the audit store itself — who queried what, who ran a redrive or a retention pass. In regulated environments (HIPAA access reports, financial audit-trail reviews) the act of looking at audit data is itself auditable.
- checkpoint
- Signed integrity checkpoints.
- crypto
- error
- id
- merkle
- Append-only Merkle history tree (RFC 6962 / Certificate Transparency).
- merkle_
log - Persistent append-only spine for the
crate::merklehistory tree. - model
- query
- registry
- retention
- schema
- storage
- Append-only segment storage.
- store
- time
- UTC timestamps as plain
u64microseconds since the unix epoch. Everything is UTC+0 by construction; formatting is done with the classic civil-from-days algorithm so no platform/locale code is involved.