Protocol v1.0

Tamper-Evident Cryptographic Memory

Append-only event logs. Ed25519 signed. SHA-256 hash-chained. Readable on a 50-year horizon.

Try Playground Read Spec
provara://vault VERIFIED
{ "type": "event", "action": "user.login", "actor": "alice", "ts": "2026-02-22T14:30:00Z", "sig": "ed25519:a3f8c9...d721", "prev": "sha256:7b2cf1...e490", "hash": "sha256:9c4a21...f832" }
Ed25519 signature valid
Hash chain integrity confirmed
How It Works

How Provara Makes Events Tamper-Evident

Most systems ask you to trust the operator. Provara makes trust unnecessary — every event carries its own proof.

Phase 01

Sign

Every event gets an Ed25519 signature at creation. The private key never leaves your machine.

Phase 02

Chain

Each event's hash includes the previous event's hash. Break one link, invalidate the chain.

Phase 03

Verify

Anyone with the public key can verify any event. No server required. No trust required.

Protocol

Beyond signing. A complete provenance framework.

Vault Init

One command. One key pair. An empty chain ready to receive evidence.

Event Append

Structured NDJSON. Each entry signed, hashed, and chained to its predecessor.

Verification

Offline-first integrity checks. Verify a single event or replay the entire chain.

Deterministic Replay

Same input, same vault. Every event is replayable from genesis.

v1.0
Spec Version
2
Languages
Apache 2.0
License
STABLE
Status
Developer Experience

Three lines to tamper-evident

Python. CLI. npm. Pick your interface. Every operation is cryptographically verifiable.

View Docs → 
from provara import Vault

vault = Vault.init("./my-vault")
vault.append({"action": "user.login", "actor": "alice"})
# Ed25519 signed + SHA-256 chained automatically
# Initialize a new vault
provara init ./my-vault

# Append an event (signed + chained automatically)
provara append ./my-vault '{"action": "user.login"}'

# Verify the entire chain
provara verify ./my-vault
# Exit 0 = chain intact
import { Vault } from '@provara/sdk';

const vault = await Vault.init('./my-vault');
await vault.append({ action: 'user.login', actor: 'alice' });
// Every event is signed and chained
FAQ

Frequently asked questions

Everything you need to know about Provara Protocol, tamper-evident event logs, and getting started.

What is Provara Protocol?
Provara is an open-source protocol for tamper-evident event logs. Every event is Ed25519 signed and SHA-256 hash-chained into an append-only NDJSON file. The result is a verifiable, replayable record that works offline and stays readable for decades. Think of it as git for structured events — but cryptographically sealed.
How does the hash chain work?
Each event's SHA-256 hash incorporates the previous event's hash. This creates a chain where modifying any single event breaks the hash of every event that follows. Verification is a single pass through the log — no external service, no blockchain, no consensus mechanism. Just math.
What happens if someone modifies an event?
The hash chain breaks at the point of modification. Every subsequent event's hash will fail verification. This is detectable by anyone with the public key and the event log. Provara doesn't prevent tampering — it makes tampering provably detectable.
Do I need to run a server?
No. Provara vaults are local files. The protocol is designed for self-sovereign operation — you hold the keys, you hold the logs. No hosted dependency, no API calls, no account creation. Verification is a pure computation that runs anywhere.
What key types are supported?
Ed25519 is the sole supported signing algorithm. This is a deliberate constraint — Ed25519 is fast, deterministic, and widely supported across languages and platforms. Key rotation is supported through the checkpoint mechanism, which seals one key and activates the next without breaking the chain.
Is Provara Protocol open source?
Yes. Apache 2.0 licensed. The specification, Python reference implementation, and all tooling are available on GitHub at github.com/provara-protocol/provara. Contributions welcome.