Skip to content

Event Verification

EventSourcingDB can sign every event it stores, giving each one a cryptographic hash and signature. EventSourcingKit can verify these as it reads events, so you can prove that an event's contents are intact and that they genuinely came from your store.

What Can Be Verified

Every Event exposes two flags that tell you what was checked:

  • IsHashVerified – the event's hash was recomputed and matched, proving its contents are unchanged.
  • IsSignatureVerified – the event's signature was checked against a public key, proving its authenticity. A verified signature also implies a verified hash.

By default, both flags are false, because verification is opt-in.

Choosing a Policy

You enable verification with the EventVerificationPolicy option, which has three levels:

  • None – no verification. This is the default, and both flags stay false.
  • VerifyHashOnly – every event's hash is verified as it is read.
  • VerifySignature – every event's hash and signature are verified.

When the policy is VerifySignature, you also set PublicKeyFilePath to a PEM-encoded Ed25519 public key – the counterpart to the signing key EventSourcingDB uses. Verification then runs automatically on every event you read or observe, and a failed check throws rather than returning an unverified event.

{
  "EventSourcingKit": {
    "Source": "https://library.eventsourcingkit.net",
    "EventVerificationPolicy": "VerifySignature",
    "PublicKeyFilePath": "./public-key.pem"
  }
}

Verification needs a signing store

Signatures only exist if EventSourcingDB was started with a signing key. If you enable VerifySignature against a store that does not sign its events, verification cannot succeed. See the EventSourcingDB documentation for how signing works.

For More Information