Product

StørmVault: chain-of-custody evidence plane

Ingests decision artefacts and evidence pointers, then outputs sealed, queryable evidence chains for audit.

Not a SIEM or data lake; it is a chain-of-custody evidence plane.

Request demo View architecture
Role in the pipeline

Role in the pipeline

StørmVault is the evidence plane for Størm Engine. It stores a canonical evidence record set and seals it for chain-of-custody.

Evidence record set includes:

Canonical events and normalized envelopes.
Decision objects with policy references and rationale.
Provenance references for feature schemas and model/policy versions.
Enforcement receipts and execution telemetry.
Graph deltas and reachability context.
Optional immutable anchoring for long-horizon integrity requirements.
Request demo View architecture
sealed audit vault
How to think about StørmVault

Evidence chain, not a log store.

StørmVault captures decision-grade records with provenance.

Sealing makes records tamper-evident and durable.

Queries operate on indexed views, not mutable evidence.

evidence mental model
Contracts & guarantees

Canonical evidence contracts.

  • Canonical events and decision objects with provenance.
  • Feature schema references and model/policy versions.
  • Graph deltas, reachability context, and enforcement receipts.
  • Sealed records with optional immutable anchoring.
  • Configurable retention and compartment boundaries.
evidence contracts

How it works

Three steps from artefact capture to audit verification.

Collect artefacts

Ingest decision objects, event envelopes, and provenance pointers.

Seal and attest

Apply seals and optional anchoring for tamper-evidence.

Retrieve and verify

Provide queryable views and verification proofs for audit.

Interfaces

Interfaces

  • Inputs: decision objects, model/policy versions, event envelopes, enforcement acknowledgements.
  • Outputs: sealed evidence chain, attestations, retrieval proofs.
  • Contracts: retention, immutability, and access control boundaries.
stormvault interfaces

Sealed vs queryable

A plain-language immutability boundary for evidence handling.

Sealed

Immutable evidence records with seals, timestamps, and provenance that cannot be altered.

Queryable

Indexed views and exports derived from sealed records without mutating evidence.

Capabilities

Canonical storage, sealed integrity, immutability boundaries, and retention posture.

Canonical storage

Evidence-grade record set

Stores the chain from event to enforcement with versioned context and provenance references. So what: decisions are reconstructable.

Sealing posture

Tamper-evident integrity

Records are sealed with PQC-aligned signatures and optional immutable anchoring for long-horizon assurance. So what: evidence remains tamper-evident over time.

Retention & compartmentalisation

Trust-domain partitions and retention

Retention windows and trust-domain partitions govern access to sealed records; export and attestation workflows produce evidence bundles without altering evidence. So what: evidence stays controlled across domains and time.

retention and compartmentalisation
Retrieval

Evidence bundles and extracts

Provides audit bundles and investigation-ready extracts without altering sealed records. So what: investigations do not compromise evidence integrity.

Audit outcomes

Evidence results designed for review and replay.

Tamper-evidence

Seals expose any modification attempts across the evidence chain.

Reproducibility

Canonical inputs and provenance enable deterministic replay of decisions.

Regulator-ready chain

Evidence bundles and attestations provide end-to-end chain-of-custody.

What auditors get

Compact outputs for verification and review.

  • Sealed decision objects with rationale.
  • Provenance for model, policy, and schema versions.
  • Enforcement receipts and execution outcomes.
  • Graph deltas and reachability context.
  • Retrieval proofs and attestations.

What StørmVault will not allow

Hard boundaries for evidence integrity.

Unsealed records

Records without seals or provenance metadata are rejected.

Mutable evidence

Sealed evidence cannot be altered after capture.

Unbounded retention

Retention windows and compartment boundaries are enforced.

Works with

Decisioning, enforcement, governance, and trust continuity.

StørmDecision

Writes decision objects and rationale to StørmVault.

StørmControl

Writes enforcement receipts and telemetry.

StørmOps

Governs retention, access, and audit exports.

StørmTrust

Provides sealing keys and artefact integrity checks.

FAQ

Common questions about evidence handling.

Is StørmVault a SIEM?

No. It is a chain-of-custody evidence plane, not an alerting or analytics hub.

What does optional immutable anchoring mean?

Sealed records can be anchored to external immutability services for long-horizon assurance, when required.

Can evidence be exported without mutation?

Yes. Evidence bundles and attestations are generated from sealed records without altering them.

Request a StørmVault demo.

Review evidence contracts, retention posture, and immutability boundaries.

Request demo View architecture