Skip to content

Audit Trail

Introduction to STRATO Audit Trail

The Audit Trail allows a user to view a historical record of the smart contract states. State changes that come from transactions made on the smart contract are stored in a postgres database as they occur. This means that for each state update, the contract itself is updated along with a contract history table in the postgres database. This allows users to query the historical state of a contract using the Cirrus API or the blockapps-rest method.

Enable Audit Trail for the Contract

By default, the audit trail and contract history will be set to false, meaning that no audit trail or contract history will be provided. Audit trail can be enabled in the same way you select a VM. It can be done through the metadata on the API call when uploading the contract, or, it can be passed in the options parameter when using blockapps-rest.

When using the API directly:

curl -X POST "https://<your_ip_address>/bloc/v2.2/users/<your_username>/<your_user_address>/contract" -H "accept: application/json;charset=utf-8" -H "Content-Type: application/json;charset=utf-8" -d "{\"password\":\"<yourPassword>\",\"contract\":\"<your_contract_name>\",\"src\":\"<your_contract>\",\"metadata\":{\"history\":\"<your_contract_name>\"}}"

When using blockapps-rest:

  // read Solidity source
  const simpleStorageSrc = fsUtil.get("SimpleStorage.sol");

  const contractArgs = {
    name: 'SimpleStorage',
    source: simpleStorageSrc,
    args: {}, // Any constructor args would go here. We dont have any.

  const auditOptions = {
    history: ["SimpleStorage"]

  // Use the STRATO identity to upload our contract
  const contract = await rest.createContract (stratoUser, contractArgs, auditOptions)

Enable history using the API:

curl -X POST \
  -H "authorization: Bearer <token>" \
  --data '{
    "txs": [
          "payload": {
            "contract": "SimpleStorage",
            "src": "<contract-src>",
            "args": {},
            "metadata": {
              "history": "SimpleStorage"
          "type": "CONTRACT"
      "txParams": {
        "gasLimit": 32100000000,
        "gasPrice": 1
    }' \


  1. The history option accepts comma separated values. So if you are uploading mutiple contracts and would like all of them to be tracked, you can provide a comma separated list of contract names to the history option.

Query for the Audit Trail

You can query for the history of any contract by appending history@ContractName when querying Cirrus either via the API or the blockapps-rest method.

To query for history for the SimpleStorage contract directly via the API:

curl -X GET -H "authorization: Bearer <token>" https://<strato-ip-or-dns>/cirrus/search/history@SimpleStorage

To query using

const searchResults = await
    { name: "history@SimpleStorage" },

The equivalent API call is:

curl -X GET
  -H "authorization: Bearer <token>" \

The result of this call when there exists a SimpleStorage contract, with the history feature enabled, on which the set method has been called, will look something like this:

[ { address: 'ced84a520c30d8acada095e11b221f9ac8ec1a7d',
    chainId: '',
    block_timestamp: '2020-05-07 18:19:25 UTC',
    block_number: '27',
    transaction_sender: 'cae004d5d1feb7f2a28f408cfd722799c12f08f5',
    transaction_function_name: '',
    storedData: 0 },
  { address: 'ced84a520c30d8acada095e11b221f9ac8ec1a7d',
    chainId: '',
    block_timestamp: '2020-05-11 20:37:28 UTC',
    block_number: '28',
    transaction_sender: 'cae004d5d1feb7f2a28f408cfd722799c12f08f5',
    transaction_function_name: '',
    storedData: 10 } ]