Skip to main content
Sigvex

Forensic Provenance Ledger

Hash-chain ledger of anchored artefacts with chain verification, tamper simulation, and JSON/CSV export.

What it is

A page that anchors artefacts (bytecode, detector configs, CLI invocations, scan reports, findings, capsules, custom blobs) into a hash-chain ledger. The actions row exposes Verify chain, + Anchor artefact, Try Me, Export JSON, Export CSV, and Clear ledger. A Simulate a tamper section contains a Tamper record action for teaching and testing.

Why it exists

Audit output is only defensible if its provenance is verifiable. This page records each artefact’s hash in a chain, exposes verification on demand, and lets a reviewer simulate a tamper to see the chain fail — so the property is visible instead of implicit.

Who uses it

  • Auditor — anchors key artefacts during an engagement.
  • Reviewer — verifies chain integrity for reporting or court use.

How to open it

  1. Sidebar → Ledgers → Provenance Ledger.
  2. Direct URL — /provenance-ledger.

Using the page

  1. + Anchor artefact — opens the anchor form with a kind selector: Bytecode, Detector config, CLI invocation, Scan report, Finding, Capsule, Custom.
  2. Verify chain — recomputes hashes and reports whether the chain is intact.
  3. Try Me — loads a sample chain.
  4. Export JSON / Export CSV — download the ledger (with anchor metadata) or the records table.
  5. Clear ledger — admin-restricted; shows a notice that the operation requires the CLI or an admin.
  6. Simulate a tamper → Tamper record — disabled against the server-backed ledger; displays a notice explaining that API records are tamper-evident by construction.

Inputs and outputs

Input Source Required
Artefact Anchor form yes to anchor
Output Format Destination
Ledger + anchor metadata JSON Browser download
Records table CSV Browser download
Verification result In-page status Ledger header

Controls reference

  • Verify chain — recomputes the chain.
  • + Anchor artefact — opens the anchor form.
  • Try Me — loads a sample.
  • Export JSON / Export CSV — output actions.
  • Clear ledger — admin-gated; displays a notice.
  • Tamper record — disabled in server mode; displays a notice.

Limits

  • Requires a signed-in account.
  • Clear ledger and Tamper record are admin-restricted and cannot be performed from this UI against the server-backed ledger.
  • The hash chain is maintained per-ledger; it does not cross-reference external anchors such as timestamping services.

Troubleshooting

Symptom or error Cause Action
Verify chain fails Chain was tampered (via an out-of-band mutation) Restore from an exported JSON file.
Empty ledger No records anchored Use + Anchor artefact or Try Me.