PHPackages azaharizaman/nexus-audit - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. azaharizaman/nexus-audit ActiveLibrary[Security](/categories/security) azaharizaman/nexus-audit ======================== Cryptographically-verified, immutable audit engine with hash chains and digital signatures for Nexus ERP v0.1.0-alpha1(1mo ago)021MITPHPPHP ^8.3 Since May 5Pushed 1mo agoCompare [ Source](https://github.com/azaharizaman/nexus-audit)[ Packagist](https://packagist.org/packages/azaharizaman/nexus-audit)[ RSS](/packages/azaharizaman-nexus-audit/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependencies (3)Versions (2)Used By (1) Nexus\\Audit ============ [](#nexusaudit) **Cryptographically-verified, immutable audit engine for compliance and forensic analysis** Overview -------- [](#overview) The `Nexus\Audit` package provides an enterprise-grade, immutable audit trail with cryptographic hash chains and optional digital signatures. This package is the **compliance engine** designed for high-integrity, legally-defensible audit logging where tampering detection and state verification are critical. Key Features ------------ [](#key-features) ✅ **Cryptographic Hash Chains** - Each audit record links to the previous via SHA-256 hashes ✅ **Optional Digital Signatures** - Ed25519 signatures for non-repudiation ✅ **Per-Tenant Isolation** - Separate hash chains and sequences per tenant ✅ **Dual-Mode Logging** - Synchronous for critical events, async for high-volume ✅ **Tamper Detection** - Automatic verification on retrieval ✅ **Sequence Integrity** - Gap detection and monotonic ordering ✅ **Framework-Agnostic** - Pure PHP 8.3+ with zero Laravel dependencies ✅ **Compliance-Ready** - Meets SEC-AUD-0486, SEC-AUD-0490 requirements Core Differences from AuditLogger --------------------------------- [](#core-differences-from-auditlogger) FeatureNexus\\Audit (Engine)Nexus\\AuditLogger (Utility)**Purpose**Immutable, verifiable audit trailUser-friendly search/export/timeline**Immutability**Cryptographic hash chain enforcementAppend-only by convention**Data Storage**Raw, unmasked data for forensicsMasked data for display**Write Mode**Sync (critical) + Async (bulk)Primarily async**Verification**Hash chain + signature verificationNone**Use Case**Compliance, legal, security eventsActivity feeds, debugging, reportingArchitecture ------------ [](#architecture) ### Contracts [](#contracts) - **`AuditEngineInterface`** - Core logging engine with sync/async methods - **`AuditRecordInterface`** - Immutable audit record with hash chain fields - **`AuditStorageInterface`** - Append-only persistence layer - **`AuditVerifierInterface`** - Hash chain and signature verification - **`AuditSequenceManagerInterface`** - Per-tenant sequence management ### Value Objects [](#value-objects) - **`AuditHash`** - Immutable hash result (value + algorithm) - **`AuditSignature`** - Digital signature container - **`SequenceNumber`** - Tenant-scoped sequence tracking - **`AuditLevel`** - Severity levels (Low=1, Medium=2, High=3, Critical=4) - **`RetentionPolicy`** - Compliance-driven retention periods ### Services [](#services) - **`AuditEngine`** - Main orchestrator with hash chain logic - **`HashChainVerifier`** - Integrity verification service - **`AuditSequenceManager`** - Sequence number management - **`RetentionPolicyService`** - Automated purging Installation ------------ [](#installation) ``` composer require azaharizaman/nexus-audit:"*@dev" ``` Usage ----- [](#usage) ### Synchronous Logging (Critical Events) [](#synchronous-logging-critical-events) ``` use Nexus\Audit\Contracts\AuditEngineInterface; use Nexus\Audit\ValueObjects\AuditLevel; $auditEngine = app(AuditEngineInterface::class); // Critical security event - blocks until written with hash chain $recordId = $auditEngine->logSync( tenantId: '01TENANT...', recordType: 'user_role_assigned', description: 'User John Doe assigned role: Administrator', subjectType: 'User', subjectId: '01USER...', causerType: 'User', causerId: '01ADMIN...', properties: ['role_id' => '01ROLE...', 'role_name' => 'Administrator'], level: AuditLevel::Critical ); ``` ### Asynchronous Logging (Bulk Operations) [](#asynchronous-logging-bulk-operations) ``` // Non-critical access log - queued for async processing $auditEngine->logAsync( tenantId: '01TENANT...', recordType: 'document_viewed', description: 'User viewed document', subjectType: 'Document', subjectId: '01DOC...', properties: ['ip_address' => '192.168.1.1'], level: AuditLevel::Low ); ``` ### Hash Chain Verification [](#hash-chain-verification) ``` use Nexus\Audit\Contracts\AuditVerifierInterface; $verifier = app(AuditVerifierInterface::class); // Verify entire chain for a tenant $isValid = $verifier->verifyChainIntegrity('01TENANT...'); // Detect sequence gaps (potential deletion) $gaps = $verifier->detectSequenceGaps('01TENANT...'); // Verify specific record $record = $auditStorage->findById($recordId); $verifier->verifyRecord($record); // Throws AuditTamperedException if invalid ``` Security Requirements Satisfied ------------------------------- [](#security-requirements-satisfied) - **SEC-AUD-0486** - Immutable audit logs (cryptographically enforced) - **SEC-AUD-0490** - Cryptographic verification (hash chains + signatures) - **SEC-AUD-0487** - Strict tenant isolation (per-tenant hash chains) - **REL-AUD-0301** - Log sequence integrity (monotonic ordering) Integration with Other Packages ------------------------------- [](#integration-with-other-packages) - **Nexus\\Crypto** - SHA-256 hashing and Ed25519 signatures - **Nexus\\AuditLogger** - Presentation layer built on Audit engine - **Nexus\\Identity** - Critical identity events logged via Audit - **Nexus\\Finance** - Financial transactions logged synchronously Documentation ------------- [](#documentation) ### Quick Links [](#quick-links) - **[Getting Started Guide](docs/getting-started.md)** - Quick start guide for new users - **[API Reference](docs/api-reference.md)** - Complete API documentation - **[Integration Guide](docs/integration-guide.md)** - Framework integration examples (Laravel, Symfony) - **[Basic Usage Example](docs/examples/basic-usage.php)** - Simple invoice audit workflow - **[Advanced Usage Example](docs/examples/advanced-usage.php)** - Digital signatures, async logging, retention policies ### Package Documentation [](#package-documentation) - **[Requirements](REQUIREMENTS.md)** - Comprehensive requirements traceability (98 requirements) - **[Implementation Summary](IMPLEMENTATION_SUMMARY.md)** - Implementation progress and metrics - **[Test Suite Summary](TEST_SUITE_SUMMARY.md)** - Test coverage and strategy (77 tests planned) - **[Valuation Matrix](VALUATION_MATRIX.md)** - Package valuation and ROI analysis ($200K valuation) ### Additional Resources [](#additional-resources) - **Architecture:** Cryptographic hash chains with SHA-256, Ed25519 signatures, per-tenant isolation - **Compliance:** SOX, GDPR, HIPAA audit requirements - **Security:** Tamper detection, forensic investigation, non-repudiation License ------- [](#license) MIT License - See LICENSE file for details ### Health Score 35 — LowBetter than 77% of packages Maintenance93 Actively maintained with recent releases Popularity3 Limited adoption so far Community5 Small or concentrated contributor base Maturity34 Early-stage or recently created project How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 36d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/117408?v=4)[Azahari Zaman](/maintainers/azaharizaman)[@azaharizaman](https://github.com/azaharizaman) ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/azaharizaman-nexus-audit/health.svg) ``` [![Health](https://phpackages.com/badges/azaharizaman-nexus-audit/health.svg)](https://phpackages.com/packages/azaharizaman-nexus-audit) ``` ### Alternatives [laravel/framework The Laravel Framework. 34.7k532.1M19.2k](/packages/laravel-framework)[easycorp/easyadmin-bundle Admin generator for Symfony applications 4.3k17.5M370](/packages/easycorp-easyadmin-bundle)[tempest/framework The PHP framework that gets out of your way. 2.2k31.1k11](/packages/tempest-framework)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.4M195](/packages/sulu-sulu)[rcsofttech/audit-trail-bundle Enterprise-grade, high-performance Symfony audit trail bundle. Automatically track Doctrine entity changes with split-phase architecture, multiple transports (HTTP, Queue, Doctrine), and sensitive data masking. 1155.2k](/packages/rcsofttech-audit-trail-bundle)[web-auth/webauthn-lib FIDO2/Webauthn Support For PHP 1237.8M117](/packages/web-auth-webauthn-lib) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)