Core Value Proposition
"Regulators and third-party auditors can independently detect log tampering without trusting the log producer."
1 Executive Summary
The VCP Tamper-Evidence Validation Demo transforms compliance from assertion-based ("trust me") to proof-based ("verify, don't trust") by demonstrating:
- How traditional logs can be tampered with undetectably
- How cryptographic hash chains create mathematical dependencies between events
- How any modification breaks the chain and becomes immediately detectable
- How third parties can verify integrity without accessing raw trade data
| Attribute | Value |
|---|---|
| Type | Proof-of-Concept / Educational Demo |
| Runtime | Client-side only (browser) |
| External Dependencies | None |
| Build Requirements | None (vanilla HTML/CSS/JS) |
| Cryptographic API | Web Crypto API (native browser) |
| Target Deployment | GitHub Pages / Static hosting |
2 Purpose and Objectives
To provide RegTech companies, audit firms, and compliance officers with an immediately understandable demonstration of tamper-evidence technology that can be:
- Evaluated in under 5 minutes
- Shared internally without technical setup
- Used as a reference for product integration discussions
- Presented to non-technical stakeholders (C-suite, compliance heads)
| Objective | Success Criteria |
|---|---|
| Immediate comprehension | User understands value within 60 seconds |
| Zero friction | No installation, no accounts, no configuration |
| Technical credibility | Real cryptographic operations (SHA-256) |
| Business relevance | Audit-ready terminology and outputs |
| Shareability | Evidence Pack downloadable for internal distribution |
3 Target Audience
Primary Audience
| Role | Needs | Demo Value |
|---|---|---|
| RegTech Product Manager | Evaluate integration feasibility | See working verification logic |
| Compliance Officer | Understand technical capabilities | Non-technical explanation + proof |
| Head of Audit (Big 4) | Assess methodology validity | Cryptographic verification steps |
| CTO / VP Engineering | Technical due diligence | Source code inspection |
Secondary Audience
| Role | Needs | Demo Value |
|---|---|---|
| Regulator (technical staff) | Understand verification mechanism | Independent verification capability |
| Institutional Client (Buy-side) | Evaluate broker transparency | Evidence of tamper-proof logging |
| Developer | Implementation reference | Copy-pasteable patterns |
4 Event Data Model
Event Schema
{
"event_id": "string (UUIDv7-like)",
"trace_id": "string",
"timestamp_ms": "number (milliseconds since epoch)",
"event_type": "string (SIG|ORD|ACK|EXE)",
"payload": "object",
"prev_hash": "string (64 hex chars or 'GENESIS')",
"event_hash": "string (64 hex chars)"
}
Event Types
| Type | Name | Description |
|---|---|---|
| SIG | Signal | AI/algorithm decision point |
| ORD | Order | Order creation |
| ACK | Acknowledgment | Venue acceptance |
| EXE | Execution | Trade execution (fill) |
5 Cryptographic Implementation
Algorithm
SHA-256
Output
64 hex characters
Implementation
Web Crypto API
Hash Computation
The event_hash is computed as:
event_hash = SHA-256(prev_hash + canonical_json(event_core))
Canonical JSON
To ensure deterministic hash computation, JSON is canonicalized with:
- Sorted keys: Alphabetical ordering at all nesting levels
- Stable stringify: Consistent number/string representation
- No whitespace: Compact format
Key Insight: If ANY event is modified, its event_hash changes, the next event's prev_hash no longer matches, the chain is broken, and tampering is DETECTED.
6 Tampering Scenarios
The demo implements three tampering scenarios representing common audit log attacks:
Payload Modification (Post-hoc Edit)
Audit Term: payload modification
Insider modifies execution price after the fact to hide front-running evidence.
Target: First EXE event (Event #3)
Modified Field: payload.price
Original: "1.08523" → Tampered: "1.09999"
Event Deletion (Omission)
Audit Term: omission, evidence destruction
Insider deletes an event to hide evidence of order acknowledgment.
Target: First ACK event (Event #2)
Effect: Event removed from chain
Detection: prev_hash references non-existent hash
Event Reordering (Sequence Tampering)
Audit Term: chronology manipulation
Insider swaps event order to misrepresent execution timeline.
Target: Events #2 and #3
Effect: ACK and EXE events swapped
Detection: prev_hash linkage broken at swap point
7 Evidence Pack Format
The Evidence Pack is a ZIP file containing complete audit documentation:
vcp-evidence-pack-{timestamp}.zip
├── original.jsonl # Original event chain
├── tampered.jsonl # Tampered event chain
├── verification_report.json # Detailed verification results
└── README.txt # Verification instructions
Note: The Evidence Pack includes all necessary materials for independent verification by auditors and regulators.
8 Use Cases
Sales Demo for RegTech Prospects
Scenario: Product manager evaluating VCP integration
"Add this capability to your product in days, not months."
Compliance Officer Education
Scenario: Explaining tamper-evidence to non-technical compliance team
"Compliance becomes proof, not assertion."
Audit Firm Technical Evaluation
Scenario: Big 4 audit team assessing methodology
"Standard cryptography, auditable implementation."
Regulator Technical Briefing
Scenario: Presenting to regulatory technical staff
"Independent verification without data disclosure."
9 Limitations and Scope
What This Demo IS
- Conceptual demonstration
- Educational tool
- Reference implementation
- Proof of verification logic
- Shareable artifact
What This Demo is NOT
- Production system
- Real-time capable
- Full VCP implementation
- Secure key management
- Performance optimized
10 Related Standards
| Standard | Relevance |
|---|---|
| RFC 8785 (JCS) | JSON Canonicalization Scheme |
| NIST FIPS 180-4 | SHA-256 specification |
| RFC 4122 / RFC 9562 | UUID specification |
| MiFID II RTS 25 | Regulatory context |
| EU AI Act Article 12 | AI logging requirements |
Ready to Experience Tamper-Evidence?
Try the interactive demo and see cryptographic verification in action.
Launch DemoQuestions about the demo or VCP integration?