Cryptographically provable audit logs

The audit log that proves itself.

Sigilbase chains, seals, and signs every event your systems record, and ships a standalone verifier so evidence stands on its own.

append-only log checkpoint #4192
user.role.granted seq 40917 root a3f9…c21e
record.updated seq 40918 root b71c…9d40
export.requested seq 40919 root 0e28…f5aa
checkpoint.sealed seq 40920 root 6c14…8b02 root matches, signature valid
The problem
01

Anyone with database access can rewrite an audit table.

02

Auditors are asked to trust screenshots and CSV exports.

03

Logging tools prove events were received, not that history is intact.

How it works

Four steps from event to evidence.

POST /v1/events step 1
POST /v1/events
{
  "actor":   "svc:billing",
  "action":  "invoice.voided",
  "payload": {
    "invoice_id": "inv_9f21",
    "reason": "duplicate"
  }
}
seq 40919  export.requested
  data      0e28…f5aa
  prev      b71c…9d40   (event 40918)

  hash = SHA256(data ‖ prev)
       →  0e28…f5aa

seq 40920  checkpoint.sealed
  prev      0e28…f5aa
       →  6c14…8b02
checkpoint #4192
  events       40901 – 40920
  merkle_root  6c14…8b02
  sealed_at    2026-07-08T09:14:02Z
  algo         ed25519
  key_id       key_9f0a…2d17
  signature    MEUCIQ…c4b1
$ sigil export --from 40901 --to 40920
  wrote evidence-bundle.tar
  2,481 events, 7 checkpoints

$ sigil-verify ./evidence-bundle.tar
  hash chain ......... ok
  inclusion proofs ... ok
  signatures ......... ok
Verification

An auditor never has to take our word for it.

sigil-verify ./evidence-bundle.tar
reading evidence-bundle.tar
events            2,481
checkpoints           7
recomputing hash chain ... ok
verifying inclusion proofs ... ok
verifying Ed25519 signatures ... ok
verified: 2,481 events intact, 0 breaks
What the bundle contains

The events, their hash chain, the Merkle inclusion proof for each event, the signed checkpoints, and the public signing keys. One file, no database access required.

Why the verifier is standalone

It runs offline and depends on nothing from Sigilbase, your application, or your database. It reads the bundle, recomputes the chain, and checks every signature itself.

The plain-terms guarantee

A modified, deleted, or reordered event fails verification. The failure names the sequence number, so you know exactly which record broke.

More on the open verifier

For engineers The primitives, no marketing translation.
REST API
Idempotent writes
Batch ingestion
Inclusion proofs per event
Ed25519 signed checkpoints
Public signing keys

Join the waitlist

Building now. Early access for teams preparing SOC 2, ISO 27001, or PCI DSS evidence.

No spam, one email when it opens.

Privacy

This site runs no analytics and no trackers.

It collects one thing: an email address, if you choose to join the waitlist. That address is used to send one announcement when access opens, and nothing else.

To protect the waitlist form from automated abuse we use Cloudflare Turnstile, a privacy-preserving challenge from our hosting provider; it may set a temporary cookie for that purpose and is not used to track or profile you.

To have your email removed, contact hello@sigilbase.io.

Read the full privacy policy

Last updated July 2026