DeterministicESPAsyncWebServer v6.28.0
Zero-allocation, bounded-execution async HTTP server for ESP32
Loading...
Searching...
No Matches
audit_log.h File Reference

Tamper-evident, hash-chained audit log (DETWS_ENABLE_AUDIT_LOG). More...

#include "ServerConfig.h"
#include <stddef.h>
#include <stdint.h>

Go to the source code of this file.

Detailed Description

Tamper-evident, hash-chained audit log (DETWS_ENABLE_AUDIT_LOG).

An append-only security log where each entry carries hash = SHA-256(prev_hash || seq || ts || category || msg), chaining every record to its predecessor. Altering, reordering, or deleting any retained record breaks the chain, which detws_audit_verify() detects in O(n). All storage is a fixed RAM ring of DETWS_AUDIT_LOG_ENTRIES records (no heap, bounded latency); when it wraps, the evicted record's hash becomes a moving chain anchor, so the retained window still verifies end-to-end.

Durability / forwarding. The RAM ring is only the recent window for query and verification. Install a sink with detws_audit_set_sink() to forward every record, at the moment it is created (before it can ever be evicted), to a durable or remote store - an SD-card file, a syslog / HTTP log service, a serial console. Because the sink receives the full record including its chain hash, the external store preserves the same tamper-evident chain. Use detws_audit_format() to render a record as one JSON line for that sink.

Pure and host-tested (the chain is the same on host and ESP32; SHA-256 comes from ssh_sha256, hardware-accelerated on ESP32). Single-accessor like the log buffer: append from one context (a worker / loop), not concurrently.

Author
Douglas Quigg (dstroy0)
Date
2026

Definition in file audit_log.h.