A cryptographically verifiable, privacy-preserving audit trail engineered for edge functions, micro-services, and autonomous AI agents. Write from any system, read client-side, without trusting the server.
The Build vs Buy Math
Building a compliant log engine takes months of database planning, KMS setup, and frontend design. Maintaining it is an everlasting task. Failing an audit takes seconds.
Writing millions of high-frequency audit events directly to your core PostgreSQL/MySQL database chokes application API performance and triggers disk limit alarms.
Ingest events asynchronously via Cloudflare edge isolates in sub-5ms. Volidator stores the hot data in a light, optimized D1 ledger and archives historical records to R2, keeping your core database completely unaffected.
Storing raw user emails, customer names, system prompts, or IP addresses in cleartext database logs makes your logging infrastructure an instant liability for SOC 2, GDPR, and HIPAA.
Volidator SDK executes zero-knowledge encryption (AES-256-GCM) and blind hashing locally on your server before dispatch. Volidator's network and databases only hold ciphertext; raw PII never leaks.
Frontend teams spend weeks coding paginated tables, search bars, filters, export systems, and secure read-only portals for external CPAs and B2B customers.
Generate scoped, cryptographically signed Embed Tokens in one backend call. Mount the complete, pre-built, interactive audit log table in an iframe. Client-side browser decryption keeps it zero-trust.
Live Audit Trail
Every login, data export, role change, and deletion, captured automatically. Filter by user, action type, or date. Flag anomalous events for compliance review.
How the Privacy Guarantee Works
This is client-side encryption with server-blind storage, not a marketing claim. Your encryption key never reaches our servers. A full database breach exposes only ciphertext. There is nothing readable to steal.
AES-256-GCM encryption runs on your server. HMAC-SHA-256 blind indexes are computed for actor and action. Plaintext never leaves your process.
The encrypted payload hits a Cloudflare Worker at the edge. Your API key is validated via a 3-layer pipeline. A 202 is returned before any write completes.
Cloudflare D1 stores only HMAC blind indexes and AES-256-GCM ciphertext. No plaintext column. No PII column. This is called server-blind storage, our database cannot leak what it never held.
Your customers' browsers receive ciphertext and decrypt locally via WebCrypto. The AES key travels only in the URL hash fragment, architecturally invisible to any server.
Ingestion Flow
SDK Guide
@volidator/node is a zero-dependency TypeScript package. Works anywhere Node 18+ runs: Express, Fastify, Next.js API routes, Lambda, Workers.
Package
@volidator/nodeZero dependencies
Node.js ≥ 18
TypeScript native
ESM + CJS
# Install via your package manager npm install @volidator/node # or pnpm pnpm add @volidator/node # or yarn yarn add @volidator/node
VOLIDATOR_API_KEYrequiredval_live_<20-hex><6-crc32>
Bearer token for the Ingestion Worker. Structurally validated via CRC32 checksum before any crypto or I/O.
VOLIDATOR_ENCRYPTION_KEYrequiredany string (min 32 chars)
Symmetric AES-256-GCM key. Derived via SHA-256. Also passed as the URL hash fragment for browser-side decryption. Never stored by Volidator.
VOLIDATOR_PROJECT_IDoptionalprj_live_<hex>
Required only for generateEmbedToken(). Embedded in the HS256 JWT as the pid claim.
VOLIDATOR_CLIENT_SECREToptionalany secret string
Required only for generateEmbedToken(). Used to sign and verify HS256 JWTs for the embeddable widget.
npm i @volidator/nodeZero-dependency TypeScript package. Works on Node 18+, Edge, Lambda, and Workers.
new VolidatorClient({ apiKey, encryptionKey })One-time setup. Your encryption key never leaves your server.
redactKeys: ['actor', 'metadata.email']List any fields that contain PII or PHI. Volidator scrubs them before encryption, no AI needed.
await volidator.log({ actor, action, target })One call. Encrypted at source, stored in Cloudflare D1, dispatched to your SIEM.
<iframe src={embedUrl} />Drop a scoped, decrypting audit widget into your UI. Your customers see their own logs.
import { VolidatorClient } from "@volidator/node"; const volidator = new VolidatorClient({ apiKey: process.env.VOLIDATOR_API_KEY!, encryptionKey: process.env.VOLIDATOR_ENCRYPTION_KEY!, redactKeys: ["actor", "metadata.email"], // optional PII scrubbing }); // That's it, call this anywhere in your app: await volidator.log({ actor: req.user.id, // e.g. "usr_alice" action: "EXPORT_DATA", target: "report_2026_Q2.pdf", req, // auto-extracts IP, user-agent, geo });
Every log event you emit is automatically structured for SOC 2, HIPAA, and ISO 27001 evidence. Give your auditor a 7-day access room. No raw logs leave your perimeter.
Zero-Knowledge Storage
Every call to volidator.log() stores a tamper-evident, cryptographically sealed record with a verifiable HMAC chain. This satisfies SOC 2 CC6.1, HIPAA §164.312, and ISO 27001 Annex A.12 audit controls, out of the box.
Zero raw logs leave your perimeter. Auditors see decrypted logs in their browser, not on our servers.
Auditor Access
Generate a scoped, time-limited access link for your CPA or auditor. The AES decryption key travels only in the URL hash fragment, architecturally invisible to our servers. Audit sessions expire automatically after 7 days.
SIEM Integration
Every audit event is dispatched to a Cloudflare Queue and forwarded to Datadog or Splunk in real-time. HMAC-signed payloads. Non-blocking ingestion. Your SIEM gets the full encrypted metadata, your privacy model stays intact.
Datadog
Logs API v2
Splunk
HEC Endpoint
Custom
Webhook + HMAC
Standards Volidator Audit Logs Are Structured For
CC6.1 - CC9.2 controls
§164.312 audit controls
Annex A.9 + A.12 controls
Electronic records & audit
Capabilities
HMAC-SHA-256 per-project blind indexes let you filter logs by actor or action server-side with zero decryption required. Fast queries, zero exposure.
Every event gets a random 12-byte IV. GCM authentication tags prevent tampering. Layout: [IV 12B][Ciphertext][Auth Tag 16B].
The AES key lives only in the URL hash fragment, which browsers never send in HTTP requests. This makes keys invisible to our servers.
Log system prompts, reasoning steps, tool calls, and model tokens under client-side E2EE. Fulfill compliance auditing needs for LLM autonomy safely.
Every ingested log dispatches to a Cloudflare Queue for Datadog or Splunk. Batched writes, max_concurrency=1, DLQ for partial failures. Zero data loss.
Generate secure guest access tokens valid for up to 7 days. Isolates the decryption keyring strictly to the auditor's browser URL hash fragment.
Drop a branded audit trail widget into your app with one <iframe> tag. Customers see their own decrypted logs with zero server overhead.
Integrate Volidator into Next.js, Cloudflare Workers, Python, Go, Rust, or installed client gateways. Edge-native scale for any tech stack.
Pricing
Start free. Scale as you grow. No credit card required. Paid plans require an active subscription to maintain log retention (cancelled/unpaid accounts enter a 14-day soft-delete grace period before compliance history is pruned).
Starter
Side projects and prototypes.
Pro
Production SaaS applications.
Scale
Mid-market SaaS scaling up.
Enterprise
High-throughput with custom SLAs.
Give them a cryptographically verifiable audit trail and a 7-day auditor room link their CPA can read. No plaintext on our servers. No integration headache.