Trust your data with a tamper-evident log

You need to trust the data you rely on. Your organisation handles more data every day, and the data helps you make critical decisions. But you need to know that it hasn't been modified or corrupted.

Building with tamper-evident logs means you can cryptographically prove that the data hasn’t been unexpectedly changed. Knowing the provenance, integrity and sequence your data was created means you’ll be able to monitor third-party ecosystems and simplify regulatory compliance. You can trust the data you rely on.

A tamper-evident log stores an accurate, immutable and verifiable history of activity. This is an example of a verifiable system. You could use them to track credits and debits in banking transactions, access logs to sensitive healthcare records, cryptographic hashes of software packages, compliance artifacts of regulated activities, or modifications to a document.

Join the Community

Welcome to Transparency.dev, a community dedicated to promoting transparency across various ecosystems and pioneering its integration into new application domains.

Get started by joining our Slack Channel

Watch the talks from the 2024 Transparency.dev Summit on our community YouTube Channel

About Transparency.dev Summit 2025

Tamper-evident logs are relied on by

Golang's Logo

Provides a shared global view of the hash of every software module, enabling reproducible builds.
Certificate Transparency's Logo

A verifiable ecosystem helps detect misbehaviour of certificate authorities by enforcing that all certificates are in a verifiable log.
Sigstore's Logo

A non-profit, public good software signing & transparency service.

Discourage Insider Threats

An illustration of a latops commands being logged

A tamper-evident log makes it impossible for a malicious insider to cover their tracks.

Simplify regulatory compliance

An illustration of compliance receords being logged

A tamper-evident log keeps you in control of your audit artifacts and gives auditors confidence.

Regulated industries require companies to collect and retain many types of compliance records. Auditors need to verify the integrity and nonrepudiation of those records.

By using a tamper-evident to store compliance records, you can keep them in one place and simplify presenting them to an auditor. You can cryptographically prove they haven't been tampered with.

Monitor third-party ecosystems

An illustration of an ecosystem being monitored

A tamper-evident log enables multiple parties to monitor each others' actions.

Where organisations can be required to publish data about their actions, a tamper-evident log can hold a permanent record of this data.

Applications of Tamper-evident Logs

An illustration of a file being downloaded

Add tamper-checking to a package manager

An illustration of a computers commands being logged

Reliably log all actions performed on your servers

An illustration of a set of encryption keys

Strengthen discovery of encryption keys with Key Transparency

An illustration of a certificates being logged

Discourage misbehaviour by third parties in Certificate Transparency

Start verifying to get more from your log

Often people just put everything in the log and stop there.

For a system to be valuable to you and those that rely on it, you need to identify what’s important to log and who will verify its contents.

We've designed two exercises to help you get started.

How to design a verifiable system

Learn more about tamper-evident logs

Applications of tamper-evident logs

Google's Logo

Privacy