Now in public beta

Tamper-proof audit trails for developers

Q: What is a hash chain and how does it prevent tampering?

Each event's hash is computed from its payload, the previous event's hash, and its timestamp using SHA-256. If anyone modifies a single event — even a database admin — the hash won't match, and the entire chain from that point forward becomes invalid. It's the same principle behind blockchain, without the blockchain overhead.

Q: How do you detect if someone tampers with an event?

Call the /verify endpoint for any event. SealTrail recomputes the hash from the stored payload and compares it to the stored hash. If they don't match, the event was modified. You can also verify the entire chain to pinpoint exactly where tampering occurred.

Q: Where is my data stored?

All data is stored on Neon Postgres in the London (EU) region. We never transfer your data outside the EU. Your audit events are encrypted at rest and in transit.

Q: Do you have SDKs?

Not yet — SealTrail is a simple REST API that works with any HTTP client in any language. TypeScript and Python SDKs are on our roadmap. In the meantime, a single fetch() call is all you need.

Q: Is SealTrail SOC2 / ISO 27001 compliant?

SealTrail's architecture — cryptographic hash chains, immutable event logs, and verification endpoints — aligns with what SOC2 and ISO 27001 auditors look for. We're pursuing formal certification as we grow. In the meantime, our audit-ready design helps you demonstrate log integrity to your own compliance team.

Q: What happens if I exceed my monthly event quota?

We charge $0.50 per 1,000 events over your plan's limit. No service interruption — your events keep flowing. You can monitor usage in real-time from the dashboard and upgrade your plan at any time.

Add cryptographically verifiable audit logging to your app in 5 minutes. Simple REST API. SHA-256 hash chain. Zero infrastructure to manage.

Get Started Free View Docs

log-event.ts

const res = await fetch("https://api.sealtrail.dev/v1/events", {
  method: "POST",
  headers: {
    "Authorization": "Bearer stl_live_...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    actor: "user_123",
    action: "invoice.approved",
    resource: "inv_456",
    context: { ip: "192.168.1.1", amount: 1500 },
  }),
});

const { data } = await res.json();
console.log(data.hash);             // "sha256:a1b2c3..."
console.log(data.chain.position);   // 48291

SHA-256 Hash Chain

Audit-Ready Logs

< 5ms Latency

London EU Data

Stop building audit logs from scratch

The typical DIY audit trail takes weeks to build and proves nothing. SealTrail takes 5 minutes.

Before — DIY Audit Logs

Write INSERT INTO audit_log for every action

No proof of integrity — anyone with DB access can edit logs

Build pagination, filtering, search from scratch

Compliance audit? Good luck proving logs weren't altered

Maintain it forever — schema changes, indexes, backups

Re-build for every new project

2-4 weeks of dev time, zero proof of integrity

After — SealTrail API

POST /v1/events Single API call to log any event

SHA-256 hash chain — tamper = instant detection

Built-in cursor pagination, filters, and search

Verification endpoint — prove integrity to any auditor

We handle storage, scaling, and retention

Done. Ship it.

5 minutes to production audit trail

Code that proves itself

Log events, query your audit trail, and verify chain integrity — all with simple HTTP calls. No SDK required.

log.ts

// Log an audit event — single POST, instant hash chain
const res = await fetch("https://api.sealtrail.dev/v1/events", {
  method: "POST",
  headers: {
    "Authorization": "Bearer stl_live_...",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    actor: "user_123",
    action: "invoice.approved",
    resource: "inv_456",
    context: {
      ip: "192.168.1.1",
      amount: 1500,
      approver_role: "finance_manager",
    },
  }),
});

const { data } = await res.json();
// {
//   id: "evt_abc",
//   hash: "sha256:a1b2c3...",
//   previousHash: "sha256:x9y8z7...",
//   chain: { id: "chn_default", name: "default", position: 48291 },
//   timestamp: "2026-03-07T14:32:00Z"
// }

Everything you need for production audit trails

Built by developers who needed verifiable audit logs and couldn't find a simple solution.

SHA-256 Hash Chain

Every event is cryptographically chained to the previous one. Modify a single row and the entire chain breaks — tamper detection is instant.

Chain Partitioning

Independent chains per resource type. Invoices, users, and payments each get their own chain — parallel writes, no bottlenecks.

Simple REST API

Five endpoints. JSON in, JSON out. Log an event with a single POST. No SDKs required, though they're nice to have.

Cursor Pagination

Efficient cursor-based pagination for querying millions of events. Filter by actor, action, resource, or time range.

Usage-Based Billing

Pay for what you use. Start free with 5K events/month. Scale to millions with transparent per-event pricing via Stripe.

Developer Dashboard

Visualize your audit trail, search events, verify chain integrity, and manage API keys — all from a single dashboard.

Simple, transparent pricing

Start free. Scale as you grow. No surprise fees.

Free

$0 /month

Get started with audit logging basics.

2,500 events/month
30-day retention
SHA-256 hash chain
Verification API
REST API access
Community support

Start Building

Pro

$29 /month

Scale with confidence in production.

100,000 events/month
1-year retention
Chain partitioning
Priority email support (< 24h)

Get Started Free

Business

$99 /month

For teams needing compliance and exports.

1,000,000 events/month
Unlimited retention
Export CSV/JSON
Compliance reports
Priority support
99.9% uptime SLA

Get Started

$0.50/1K events overage.

Frequently asked questions

Everything you need to know about SealTrail.

What is a hash chain and how does it prevent tampering?

Each event's hash is computed from its payload, the previous event's hash, and its timestamp using SHA-256. If anyone modifies a single event — even a database admin — the hash won't match, and the entire chain from that point forward becomes invalid. It's the same principle behind blockchain, without the blockchain overhead.

How do you detect if someone tampers with an event?

Call the /verify endpoint for any event. SealTrail recomputes the hash from the stored payload and compares it to the stored hash. If they don't match, the event was modified. You can also verify the entire chain to pinpoint exactly where tampering occurred.

Where is my data stored?

All data is stored on Neon Postgres in the London (EU) region. We never transfer your data outside the EU. Your audit events are encrypted at rest and in transit.

Do you have SDKs?

Not yet — SealTrail is a simple REST API that works with any HTTP client in any language. TypeScript and Python SDKs are on our roadmap. In the meantime, a single fetch() call is all you need.

Is SealTrail SOC2 / ISO 27001 compliant?

SealTrail's architecture — cryptographic hash chains, immutable event logs, and verification endpoints — aligns with what SOC2 and ISO 27001 auditors look for. We're pursuing formal certification as we grow. In the meantime, our audit-ready design helps you demonstrate log integrity to your own compliance team.

What happens if I exceed my monthly event quota?

We charge $0.50 per 1,000 events over your plan's limit. No service interruption — your events keep flowing. You can monitor usage in real-time from the dashboard and upgrade your plan at any time.

Ready to add tamper-proof audit trails?

Start logging verifiable events in 5 minutes. Free tier included. No credit card required.

Get Started Free Read the Docs

2,500 events/month free. SHA-256 hash chain. EU data residency.