Skip to content

Audit Trail

Introduction to STRATO Audit Trail

The Audit Trail allows a user to view a historical record of the smart contract states. State changes that come from transactions made on the smart contract are stored in a postgres database as they occur. This means that for each state update, the contract itself is updated along with a contract history table in the postgres database. This allows users to query hisorical state of a contract using the Cirrus API or the blockapps-rest rest.search method.

Enable Audit Trail for the Contract

By default, the audit trail and contract history will default to false, meaning that no audit trail or contract history will be provided. Audit trail can be enabled in the same way you select a VM. It can be done through the metadata on the API call when uploading the contract, or, it can be passed in the options parameter when using blockapps-rest.

When using the API directly:

curl -X POST "https://<your_ip_address>/bloc/v2.2/users/<your_username>/<your_user_address>/contract" -H "accept: application/json;charset=utf-8" -H "Content-Type: application/json;charset=utf-8" -d "{\"password\":\"<yourPassword>\",\"contract\":\"<your_contract_name>\",\"src\":\"<your_contract>\",\"metadata\":{\"history\":\"<your_contract_name>\"}}"

When using blockapps-rest:

  // read Solidity source
  const simpleStorageSrc = fsUtil.get("SimpleStorage.sol");

  const contractArgs = {
    name: 'SimpleStorage',
    source: simpleStorageSrc,
    args: {}, // Any constructor args would go here. We dont have any.
  }

  const auditOptions = {
    ...options,
    history: ["SimpleStorage"]
  }

  // Use the STRATO identity to upload our contract
  const contract = await rest.createContract (stratoUser, contractArgs, auditOptions)

Enable history using the API:

curl -X POST \
  -H "authorization: Bearer <token>" \
  --data '{
    "txs": [
        {
          "payload": {
            "contract": "SimpleStorage",
            "src": "<contract-src>",
            "args": {},
            "metadata": {
              "history": "SimpleStorage"
            }
          },
          "type": "CONTRACT"
        }
      ],
      "txParams": {
        "gasLimit": 32100000000,
        "gasPrice": 1
      }
    }' \
  "http://<strato_host_address>/strato/v2.3/transaction?resolve=true"

Notes:

  1. The history option accepts comma separated values. So if you are uploading mutiple contracts and would like all of them to be tracked, you can provide a comma separated list of contract names to the history option.

Query for the Audit Trail

You can query for the history of any contract by appending [email protected] when querying Cirrus either via the API or the blockapps-rest rest.search method.

To query for history for the SimpleStorage contract directly via the API:

curl -X GET -H "authorization: Bearer <token>" https://<strato-ip-or-dns>/cirrus/search/[email protected]

To query using rest.search:

const searchResults = await rest.search(
    stratoUser,
    { name: "[email protected]" },
    queryOptions
  );

The equivalent API call is:

curl -X GET
  -H "authorization: Bearer <token>" \
  http://<strato_host_address>/cirrus/search/[email protected]

The result of this call when there exists a SimpleStorage contract, with the history feature enabled, on which the set method has been called, will look something like this:

[ { address: 'ced84a520c30d8acada095e11b221f9ac8ec1a7d',
    chainId: '',
    block_hash:
     '690354e7113e9207528c1c26973c22fc3f2c27565985010c013102298cb7364c',
    block_timestamp: '2020-05-07 18:19:25 UTC',
    block_number: '27',
    transaction_hash:
     '468d7fbe69619de064c1ddd6160a89e6fb9455996ea17eb58310723117d7dc60',
    transaction_sender: 'cae004d5d1feb7f2a28f408cfd722799c12f08f5',
    transaction_function_name: '',
    storedData: 0 },
  { address: 'ced84a520c30d8acada095e11b221f9ac8ec1a7d',
    chainId: '',
    block_hash:
     '61e782f6375dd4033ef082293fd16b3dad11ed68bc4c2c8d4e694fcdf38ece66',
    block_timestamp: '2020-05-11 20:37:28 UTC',
    block_number: '28',
    transaction_hash:
     'b189620677f384f1f3aef7405e454bb2df43d744e17fc18212e0ec639f460b4b',
    transaction_sender: 'cae004d5d1feb7f2a28f408cfd722799c12f08f5',
    transaction_function_name: '',
    storedData: 10 } ]