Attestation and Auditing: How to Create Tamper-Proof Logs of AI Actions for the EU AI Act

Under the newly active EU AI Act compliance standards, high-risk AI applications (such as automated credit checks, autonomous hiring platforms, and automated pricing engines) are legally required to maintain structured, trace-verifiable logs of their execution pathways. In the event of an investigation, an organization must be able to prove exactly what prompts were received, what parameters the AI parsed, and why a specific action was triggered. To meet this standard, logs must be made tamper-proof.

The Challenge of Standard System Logging

In standard microservice setups, logs are written to simple text files or pushed to log collectors like Splunk or Elasticsearch. However, these systems are vulnerable to modification. A compromised system account or malicious insider can easily delete or modify logging streams, erasing proof of a compliance violation or security incident.

True auditability requires establishing a cryptographically chained, append-only log format where each entry is anchored to the hash of the preceding block, guaranteeing that history cannot be rewritten.

Implementing the Verifiable Audit Ledger

A verifiable logging engine hashes the prompt input, validation status, and final system output into a block, signs it with a hardware enclave key, and chains it to the previous record's hash signature. This creates a validation ledger similar to a hash-tree (Merkle tree).

import hashlib

class AuditLedger:
    def __init__(self):
        self.blockchain = []
        self.last_hash = "0" * 64

    def commit_audit_log(self, prompt: str, action: str, outcome: str) -> str:
        # 1. Structure the log payload
        payload = f"{prompt}|{action}|{outcome}|{self.last_hash}"
        
        # 2. Hash the block content
        block_hash = hashlib.sha256(payload.encode()).hexdigest()
        
        # 3. Append to local audit chain
        self.blockchain.append({
            "hash": block_hash,
            "data": payload
        })
        
        self.last_hash = block_hash
        return block_hash

Key Features of Regulatory-Grade Logs

• Cryptographic Chaining: Each log hash contains the hash of the previous log entry, making it impossible to insert or delete a record without breaking the entire chain's signature.
• Hardware attestation: Logs are signed inside a Trusted Execution Environment (TEE) using keys that never touch standard host memory, preventing key forgery.
• Immutable Storage: Archive logs in write-once-read-many (WORM) storage environments, such as AWS S3 Object Lock in compliance mode, ensuring logs cannot be deleted during a set retention period.

A Compliance Shield for AI Development

By implementing a verifiable audit ledger, developers satisfy the strict auditability requirements of the EU AI Act and GDPR. It gives compliance officers and regulators tamper-proof proof of operational alignment, ensuring enterprise AI remains responsible and transparent.