Verifying the audit log

Most audit logs ask you to trust that no one edited them. Clavitor's lets you check.

The chain badge

Open the Audit view. In the header, a badge reports the state of the tamper-evident chain. It checks automatically when the view loads, and you can click it to re-verify at any time. It shows one of:

• Tamper-evident · N verified — every event is cryptographically bound to the one before it, in order, with nothing inserted, removed, or altered since it was written. N is the number of chained records.
• Witnessed @ central — the same, plus confirmation that your chain's position matches the independent witness recorded on separate infrastructure. This is the strongest state: even wiping the tail of the local log would be caught.
• Chain broken @<position> — verification failed, and the badge points to the exact event where the chain stops adding up. A genuine break localizes the problem to a precise record.

What a pass proves

That the log you're reading is the log as it was written — no row silently edited, no event quietly deleted, no reordering to hide a sequence of actions. The check recomputes the chain and needs no secret key, so you, or an outside auditor sitting next to you, can run it independently and trust the result.

What it doesn't claim

Verification proves the record wasn't altered after the fact. It is one layer of several: access itself is controlled by your hardware key, and the chain's position is witnessed off-box so a wholesale wipe is detectable too. A green badge means "this record is intact and complete," not "nothing bad can ever happen" — no honest system claims the latter.

If it ever shows broken

A broken chain is a signal to take seriously — it means a record was altered or lost. Don't clear anything. Contact us with the position the badge reports; the break localizes the issue, and we'll work it through with you.