Skip to content

Cryptographic Audit Logs & Integrity

As an on-premise solution for the African accounting market, firmflow. must ensure that its logs are tamper-proof and regulatory compliant (NDPR/GDPR).

The Cryptographic Chain

Every audit log in the system is part of a SHA-256 Chained Hash. This means each entry validates the entry that came before it, creating an immutable ledger.

Log Structure

Each AuditLog entry contains: - Previous Hash: The hash of the log entry immediately preceding it. - Payload Hash: A SHA-256 hash of the current action's metadata, timestamp, and entity. - Final Hash: The combined hash of the Payload Hash + Previous Hash.

Integrity Verification

Administrators can verify the integrity of the audit trail via the Audit Log Dashboard.

  • Verified Status: Indicates that every hash in the chain correctly links back to the genesis entry.
  • Tampering Detected: If even a single character in the database is modified manually (e.g., via SQL injection or unauthorized DB access), the hash chain will break, and the system will alert the administrator.

Manual Verification

The system logic for verification is located in: src/lib/audit.ts -> verifyAuditIntegrity()

Field-Level Encryption

Beyond full-disk and database encryption, firmflow. implements Field-Level Encryption (FLE) for high-sensitivity data using AES-256-GCM.

  • Protected Data: MFA secrets, electronic signature hashes, and third-party API keys.
  • Key Management: Managed via the FIELD_ENCRYPTION_KEY environment variable. This ensures that even with read access to the database, attackers cannot decrypt core security tokens.

SmartRequestAI™ Privacy Gateway

To enable cloud-powered AI while maintaining data sovereignty, firmflow. uses a 'Privacy-First' gateway logic:

  1. PII Scrubbing: Before sending any prompt to the AI bridge, the system scans for sensitive Nigerian data patterns:
    • BVN (Bank Verification Numbers - 11 digits)
    • TIN (Tax Identification Numbers)
    • Nigerian Phone Numbers
  2. Audit Logs: Every AI request is logged with metadata (tokens, latency, flow name) to ensure non-malicious use by staff.
  3. Outbound Controls: Network policies restrict the AI bridge to validated TLS 1.3 outbound-only tunnels.

Regional Compliance (NDPR)

The Nigerian Data Protection Regulation requires firms to maintain accurate and verifiable records of data access. - Data Localization: By running on-premise, PII never leaves Nigeria. - Accountability: Chained logs ensure that even system administrators cannot "delete" their tracks without being detected. - Right to Access (DSAR): Administrators can use the automated DSAR Export Tool to generate a comprehensive package of a client's data in under 60 seconds. - Evidence-Based: In the event of an audit, the cryptographic chain provides mathematical proof that the logs have not been altered since they were created.

Best Practices

  1. Backup Logs: Ensure the AuditLog table is part of your daily encrypted backups.
  2. Rotation: For very high-traffic firms, logs can be archived, provided the "End-of-Chain" hash is recorded to maintain continuity with the next batch.