The traceability of a procedure is measured by two things: whether everything that happens is recorded, and whether what is recorded can be altered after the fact. Append-only logs with hash chaining solve both dimensions elegantly: every action is logged, and any later modification produces a mathematical inconsistency that can be detected immediately.
Append-only: records that cannot be rewritten
Append-only means that only adding entries is allowed, never modifying or deleting existing ones. If an entry was wrong, it is corrected with a new entry that supersedes the previous one, leaving the history intact. It is a simple architectural decision whose evidentiary consequence is enormous: the log literally reflects what happened, without later reinterpretations.
Hash chaining
Each entry includes, in addition to its content, the hash of the previous entry. Therefore, if anyone tried to modify an old entry without more, the hash that the next entry stored would no longer match and the chain would break. Altering history would require recomputing all subsequent hashes, an operation detectable because earlier copies of the log would already be published or backed up.
What is recorded exactly
- Who (user and role) carried out the action.
- When (timestamp with time stamp).
- What type of action (asset added, modification, closure of preferences, draw, adjudication...).
- Previous and subsequent state, where applicable, in compact format.
- Hash of the previous entry, closing the chain.
Periodic verification
An automated routine traverses the log periodically and validates the chain of hashes. Any break escalates as an immediate incident. For maximum rigour, a global fingerprint of the log (root hash) is published daily in an external registry (for example an anchor in a public chain or a qualified time stamp), so that not even the platform operator can rewrite history without it being detectable.