Immutable audit trail

Hash-chained, tamper-evident execution logs for regulators

Immutable audit trail

Every Nexus gate decision, agent action, and operator override appends to a tenant-scoped, hash-chained audit log. Entries are append-only, cryptographically linked, and exportable in formats auditors expect.

Why hash chaining

Regulators and internal audit teams require evidence that logs were not altered after the fact. Nexus implements a Merkle-style chain per tenant:

  1. Each entry includes hash and prevHash columns
  2. prevHash references the prior entry's hash (genesis hash for the first entry)
  3. Payload canonicalization excludes mutable fields before hashing
  4. Writes serialize per tenant via advisory locks

Tampering with any historical entry breaks the chain on verification.

What gets logged

Event categoryExamples
Agent executionTool calls, policy decisions, confidence scores
Policy gateALLOW, BLOCK, REQUIRE_HUMAN with rule IDs
Shadow modepolicy.shadow.would_have_blocked counterfactuals
MCP Gatewaymcp.gateway.blocked with reason codes
Operator actionsKill switch, approval resolution, export downloads
ComplianceConformity bundle generation, FRIA updates

Verify the chain

curl -X POST "https://nexus.hardalion.com/api/v1/audit/verify" \
  -H "Authorization: Bearer $TENANT_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "2026-01-01T00:00:00Z",
    "to": "2026-06-30T23:59:59Z"
  }'

Returns chain integrity status, entry count, and first break location if tampered.

Export audit logs

curl "https://nexus.hardalion.com/api/v1/audit/export?format=json&from=2026-01-01" \
  -H "Authorization: Bearer $TENANT_API_KEY" \
  -o audit-export.json

Supported formats: JSON, CSV. PDF summaries available via the compliance dashboard.

Retention

Default retention: 7 years (MiFID II Article 16 aligned). Enterprise tenants can configure extended retention and legal hold.

Regulatory fields

Audit hash payloads include optional regulatory metadata:

  • Regulation codes (EU AI Act, DORA, MiFID II)
  • Rule citations and confidence scores
  • Human override flags with operator identity
  • Correlation IDs linking agent executions to API requests

Open verifier

The npl-spec repository includes a standalone audit verifier CLI for offline chain validation on exported bundles.