Skip to content

135 On-Chain Audit Log for Group Events#162

Open
Chigybillionz wants to merge 1 commit into
Lumina-eX:mainfrom
Chigybillionz:onchain-audit
Open

135 On-Chain Audit Log for Group Events#162
Chigybillionz wants to merge 1 commit into
Lumina-eX:mainfrom
Chigybillionz:onchain-audit

Conversation

@Chigybillionz
Copy link
Copy Markdown

@Chigybillionz Chigybillionz commented May 28, 2026

Close #135

Summary of the issue

Group creation and membership changes were not consistently recorded as immutable on-chain audit events. Existing Stellar integration anchored some group metadata, but there was no audit-event table, no event-to-transaction hash mapping, and no endpoint/UI for users or admins to inspect group history.

Root cause

The codebase lacked a reusable audit logging layer. Membership flows wrote only to Supabase (room_members, removal votes), while group creation stored blockchain metadata directly on the room record. This left no normalized audit trail for group lifecycle events.

Solution implemented

Implemented a Stellar-backed audit logging system for group events. Each audit event is persisted in Supabase, submitted to Stellar with a compact memo containing event metadata, then updated with the resulting transaction hash or failure state.

Key changes made

  • Added group_audit_events migration with RLS, indexes, event status, metadata hash, Stellar memo, and transaction hash fields.
  • Added recordGroupAuditEvent helper for DB-first audit recording and Stellar submission.
  • Added Stellar audit transaction submission using compact memos.
  • Logged group creation, member joins, member leaves, and vote-triggered removals.
  • Added GET /api/groups/[id]/audit with pagination and filtering.
  • Added a chat Audit dialog to view event history and explorer links.
  • Added voluntary leave support via DELETE /api/rooms/[roomId]/members.

Trade-offs / considerations

  • Group creation now creates a dedicated audit transaction in addition to the existing metadata anchoring transaction.
  • If Stellar submission fails or config is missing, the audit event remains queryable with failed status and an error message.
  • The Stellar memo is intentionally compact because Stellar text memos are limited to 28 bytes; full metadata remains in Supabase with a hash.

Testing steps

  1. Apply scripts/012_group_audit_events.sql.
  2. Configure Stellar env vars.
  3. Create a group and confirm an audit event appears with a transaction hash.
  4. Join a group and confirm member_joined appears.
  5. Leave via DELETE /api/rooms/:roomId/members and confirm member_left.
  6. Trigger vote removal and confirm member_removed.
  7. Open chat, click Audit, and verify the audit trail renders with explorer links.
  8. Run npm run lint.

@drips-wave
Copy link
Copy Markdown

drips-wave Bot commented May 28, 2026

@Chigybillionz Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@SudiptaPaul-31
Copy link
Copy Markdown
Collaborator

SudiptaPaul-31 commented May 29, 2026

@Chigybillionz resolve all the merge conflicts

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

On-Chain Audit Log for Group Events

2 participants

@Chigybillionz @SudiptaPaul-31