PHPackages sudan-open-source-community/chronicle-x - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. sudan-open-source-community/chronicle-x ActiveProject[Security](/categories/security) sudan-open-source-community/chronicle-x ======================================= Public hash chain powered by Slim Framework, Sapient, and Blakechain v1.1.3(7y ago)051MITPHPPHP ^7 Since Jun 27Pushed 7y ago1 watchersCompare [ Source](https://github.com/SudanOpenSourceCommunity/chronicleX)[ Packagist](https://packagist.org/packages/sudan-open-source-community/chronicle-x)[ Docs](http://github.com/paragonie/chronicle)[ RSS](/packages/sudan-open-source-community-chronicle-x/feed)WikiDiscussions master Synced today READMEChangelogDependencies (13)Versions (16)Used By (0) [![](https://camo.githubusercontent.com/dc054f07560a947add485a3ae120472cb17bd3e0b97fa4e6e8a5fed400293f44/68747470733a2f2f70617261676f6e69652e636f6d2f7374617469632f696d616765732f6368726f6e69636c652d6c6f676f2e737667)](https://camo.githubusercontent.com/dc054f07560a947add485a3ae120472cb17bd3e0b97fa4e6e8a5fed400293f44/68747470733a2f2f70617261676f6e69652e636f6d2f7374617469632f696d616765732f6368726f6e69636c652d6c6f676f2e737667) ChronicleX ==================================================================================================================================================================================================================================================================================================================================================================================================================================================== [](#-chroniclex) [![Build Status](https://camo.githubusercontent.com/d43ffca4147845e14cff5f821ade8203b2b47ab836c64eccc0139ad8e302cadc/68747470733a2f2f7472617669732d63692e6f72672f537564616e4f70656e536f75726365436f6d6d756e6974792f6368726f6e69636c65582e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/SudanOpenSourceCommunity/chronicleX)[![Latest Stable Version](https://camo.githubusercontent.com/e6cf5380aa2262f07c90814a87222a33936ef232bb428687fd06c8a477ec46c0/68747470733a2f2f706f7365722e707567782e6f72672f737564616e2d6f70656e2d736f757263652d636f6d6d756e6974792f6368726f6e69636c652d782f762f737461626c65)](https://packagist.org/packages/sudan-open-source-community/chronicle-x)[![Total Downloads](https://camo.githubusercontent.com/dfca0d5f45a385f2b891b3513283e140c2ba4e4237acfff07dd5a52c22943ac0/68747470733a2f2f706f7365722e707567782e6f72672f737564616e2d6f70656e2d736f757263652d636f6d6d756e6974792f6368726f6e69636c652d782f646f776e6c6f616473)](https://packagist.org/packages/sudan-open-source-community/chronicle-x)[![Latest Unstable Version](https://camo.githubusercontent.com/56b7e517a4e871586c07e7aaf97b64c70a333ee6ff27ba0764e324fe61724d14/68747470733a2f2f706f7365722e707567782e6f72672f737564616e2d6f70656e2d736f757263652d636f6d6d756e6974792f6368726f6e69636c652d782f762f756e737461626c65)](https://packagist.org/packages/sudan-open-source-community/chronicle-x)[![License](https://camo.githubusercontent.com/a775692a8ea3b4c4c738108aa7c3b504041ec19c09b018ce1789981fff7b5651/68747470733a2f2f706f7365722e707567782e6f72672f737564616e2d6f70656e2d736f757263652d636f6d6d756e6974792f6368726f6e69636c652d782f6c6963656e7365)](https://packagist.org/packages/sudan-open-source-community/chronicle-x)[![FOSSA Status](https://camo.githubusercontent.com/028b707449f4fc8a630ada808be7a100ac1aa26c379b67da7bc2096e96773e67/68747470733a2f2f6170702e666f7373612e696f2f6170692f70726f6a656374732f6769742532426769746875622e636f6d253246537564616e4f70656e536f75726365436f6d6d756e6974792532466368726f6e69636c65582e7376673f747970653d736869656c64)](https://app.fossa.io/projects/git%2Bgithub.com%2FSudanOpenSourceCommunity%2FchronicleX?ref=badge_shield) **Chronicle** is a self-hostable microservice, built with [Slim Framework](https://www.slimframework.com), which enables authorized users to commit arbitrary data to an immutable, append-only public ledger. Chronicle is superior to "blockchain" solutions for most real-world technical problems that don't involve proofs-of-work or Byzantine fault tolerance. More precisely, Chronicle is a self-hostable microservice exposing an append-only, cryptographically-secure hash chain data structure that accepts arbitrary data from authorized clients through an HTTP API, secured by [Sapient](https://github.com/paragonie/sapient), that can be used as a building block for building a cryptographic audit trail similar to [Certificate Transparency](https://www.certificate-transparency.org/). > [Chronicle will make you question the need for blockchain technology](https://paragonie.com/blog/2017/07/chronicle-will-make-you-question-need-for-blockchain-technology). Chronicle was developed by [Paragon Initiative Enterprises](https://paragonie.com)as part of our continued efforts to make the Internet more secure. Fork overview ------------- [](#fork-overview) This fork is made to speed up Chronicle development with tons of features while considere using "[Semantic Versioning](https://semver.org/spec/v2.0.0.html)". So, this fork will maintain the compatibility with [legacy](https://github.com/paragonie/chronicle) Chronicle as much as the development process go. ChronicleX is just the flag and the name of the brance. But, the project will use `Chronicle` as usaual in the [legacy](https://github.com/paragonie/chronicle). These are the following features that will be exists in the ChronicleX: - `chronicle/export` Pagination. - `chronicle/since` Pagination. - `chronicle/replica/export` Pagination. - `chronicle/replica/{replica}/since` Pagination. - Fetch "Public Key" by URL in replica command line. - Fetch "Public Key" by URL in cross-sign command line. - Make replication command to fetch data while its resources is paginated. - `chronicle/replica` Pagination. - Make tests to covers (SQLite, MySQL & PostgreSQL) Databases at once. - Create `chronicle/instances` API to list all instances. - Extend `chronicle/lookup` API to search at currhash, summaryhash, publickey, signature and data. - Create Web Application at `chronicle/explorer` endpoint to explore chronicle instances. - Revise cross-sign functionality. - Revise tests to cover all functionalities. - Create `chronicle/instances` API with option to hide some instances. - Make cross-sign command to fetch data while its resources is paginated. Getting Started with Chronicle (Documentation) ---------------------------------------------- [](#getting-started-with-chronicle-documentation) - [Instructions for Installing Chronicle](docs/01-setup.md) - [How to write (publish) to your Chronicle](docs/02-publish.md) - [How to setup cross-signing to other Chronicles](docs/03-cross-signing.md) - [How to replicate other Chronicles](docs/04-replication.md) - [Concurrent Instances](docs/05-instances.md) - [Internal Developer Documentation](docs/internals) - [Design Philosophy](docs/internals/01-design-philosophy.md) - [SQL Tables](docs/internals/02-sql-tables.md) ### Client-Side Software that Interacts with Chronicle [](#client-side-software-that-interacts-with-chronicle) #### PHP [](#php) - [Herd](https://github.com/paragonie/herd) - PIE - [Quill](https://github.com/paragonie/quill) - PIE - [Monolog-Quill](https://github.com/paragonie/monolog-quill) - PIE - [Chronicle-API](https://github.com/lookyman/chronicle-api) - [Lukáš Unger (@lookyman)](https://github.com/lookyman) What does Chronicle do? ----------------------- [](#what-does-chronicle-do) Chronicle allows trusted clients to send data to be included in an immutable, auditable, cryptographic permanent record. Furthermore, Chronicle has cross-signing and many-to-one replication built-in, which, when used, greatly enhances the auditability and availability of the data written to your local Chronicle instance. What problems do Chronicle solve? --------------------------------- [](#what-problems-do-chronicle-solve) ### Chain of Custody [](#chain-of-custody) If you have sensitive information, you can write metadata about client access times to a private Chronicle in order to have verifiable, tamper-resistant proof that specific records were accessed by specific user accounts at a specific time. ### Proof of Knowledge [](#proof-of-knowledge) By inserting an encrypted message and then revealing the key at a later date, you can provide strong evidence of prior knowledge. ### Userbase Consistency Verification [](#userbase-consistency-verification) For building a [secure code delivery](https://defuse.ca/triangle-of-secure-code-delivery.htm) system, committing some metadata and a SHA256 or BLAKE2 hash of each update file to a publicly verifiable Chronicle allows users to compile a whitelist of known update files to help block trojan horse malware (in the event of a compromised update server). For best results, combine with cryptographic signatures (which may also be registered in the Chronicle) and reproducible builds. ### Auditable Security Event Logging [](#auditable-security-event-logging) Because of Chronicle's cryptographically assured append-only properties, and its use of [modern elliptic curve digital signatures](https://ed25519.cr.yp.to/), Chronicle is a good fit for integrating with SIEM solutions and internal SOCs. How does it work? ----------------- [](#how-does-it-work) All communications are secured with [Sapient](https://github.com/paragonie/sapient). Sapient ensures that all published messages are signed with Ed25519. All messages are committed to a hash chain data structure backed by BLAKE2b, which we call [Blakechain](https://github.com/paragonie/blakechain) for short. There are two hashes for each message: 1. The hash of the current message, whose BLAKE2b key is the previous message's block. This is just called `currhash` internally. 2. The summary hash, which is a BLAKE2b hash of all message hashes to date, concatenated together in order. This is called `summaryhash` internally. The rationale for using the previous message's hash was to add a degree of domain separation in the event that a BLAKE2b collision attack is ever discovered. The keying should reduce the likelihood of any practical attacks, especially if the chain is updated rapidly. License ------- [](#license) [![FOSSA Status](https://camo.githubusercontent.com/3a9b47eda589323858d5f5916eb8bcda160b19edff19ff6e7a198ab1261cab62/68747470733a2f2f6170702e666f7373612e696f2f6170692f70726f6a656374732f6769742532426769746875622e636f6d253246537564616e4f70656e536f75726365436f6d6d756e6974792532466368726f6e69636c65582e7376673f747970653d6c61726765)](https://app.fossa.io/projects/git%2Bgithub.com%2FSudanOpenSourceCommunity%2FchronicleX?ref=badge_large) ### Health Score 30 — LowBetter than 64% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity5 Limited adoption so far Community15 Small or concentrated contributor base Maturity71 Established project with proven stability Bus Factor1 Top contributor holds 59.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~41 days Recently: every ~25 days Total 15 Last Release 2663d ago Major Versions v0.5.1 → v1.0.02017-07-09 ### Community Maintainers ![](https://www.gravatar.com/avatar/a9e5287358c59c776ad8b32d5ff9669f23320d091ff47e466cbb72e46c608b6e?d=identicon)[vzool](/maintainers/vzool) --- Top Contributors [![paragonie-security](https://avatars.githubusercontent.com/u/15914520?v=4)](https://github.com/paragonie-security "paragonie-security (151 commits)")[![vzool](https://avatars.githubusercontent.com/u/4952736?v=4)](https://github.com/vzool "vzool (80 commits)")[![paragonie-scott](https://avatars.githubusercontent.com/u/11591518?v=4)](https://github.com/paragonie-scott "paragonie-scott (18 commits)")[![lookyman](https://avatars.githubusercontent.com/u/3863468?v=4)](https://github.com/lookyman "lookyman (2 commits)")[![pplnevstokes](https://avatars.githubusercontent.com/u/167183882?v=4)](https://github.com/pplnevstokes "pplnevstokes (2 commits)")[![aidantwoods](https://avatars.githubusercontent.com/u/3288888?v=4)](https://github.com/aidantwoods "aidantwoods (1 commits)")[![fossabot](https://avatars.githubusercontent.com/u/29791463?v=4)](https://github.com/fossabot "fossabot (1 commits)") --- Tags securitycryptographyBLAKE2bhashhash-chainBLAKE2append-onlysapientblakechain ### Code Quality TestsPHPUnit Static AnalysisPsalm Type Coverage Yes ### Embed Badge ![Health badge](/badges/sudan-open-source-community-chronicle-x/health.svg) ``` [![Health](https://phpackages.com/badges/sudan-open-source-community-chronicle-x/health.svg)](https://phpackages.com/packages/sudan-open-source-community-chronicle-x) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[paragonie/halite High-level cryptography interface powered by libsodium 1.2k9.4M63](/packages/paragonie-halite)[paragonie/ciphersweet Searchable field-level encryption library for relational databases 4641.2M21](/packages/paragonie-ciphersweet)[rych/phpass PHP Password Library: Easy, secure password management for PHP 248801.7k4](/packages/rych-phpass)[paragonie/blakechain Hash chain using BLAKE2b 242.9k3](/packages/paragonie-blakechain) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)