One narrow claim, proven completely.
EventChain does one thing well. It proves who attested to what, when, in which sequence, and whether the record changed afterward. That narrower claim is what makes it operationally useful.
Who attested to what, when, in which sequence, and whether it changed.
It does not certify that every source claim is factually true. It does not replace contracts, audits, calibration, or governance. It anchors itself in reality by making the cryptographic proof layer independent while leaving business trust where it belongs.
Built from boring, auditable primitives.
EventChain centralises proof generation in the Hub and distributes cheap verification to authorised holders. The components are deliberately boring primitives. Nothing requires a custom codec, a binary envelope, or a vendor SDK to parse or validate.
JSONL
Append-only event log. Human-readable, diff-friendly, trivially archived.
SHA-256
Hash-chains each event to the last. Any edit breaks the chain visibly.
WebAuthn passkeys
Binds every attestation to a real, hardware-backed signer identity.
HTTP webhooks
Distributes events to the parties entitled to hold them.
OpenTimestamps
Anchors the chain to public time daily. No blockchain to operate.
Open verifier
Confirms any append-only file, including one a different Hub produced.
A verifier built from the specification can confirm any append-only file, whether past, present, or produced by a different Hub implementation. The open-source reference verifier performs three checks.
01
Hash continuity
across the full chain
02
Signature validity
against registered public keys
03
Temporal anchor
confirmation against public time
One system generates proof at speed. Many parties keep the ability to verify.
Records that outlive the company that made them.
Digital Product Passport regulations require that product records stay verifiable beyond the existence of any single manufacturer, platform, or vendor. EU regulation 2024/1781 makes this explicit: lifecycle data must remain accessible, interoperable, and verifiable by external parties over the product lifetime. The same record is what IOGP JIP33 and CFIHOS ask for at handover.
A proprietary proof format fails both requirements. It ties long-lived products to short-lived companies and forces every verifier to license tooling. EventChain is built for that mandate. Every component is a published standard with multiple independent implementations, and the open verifier ships with the protocol.
Honest about the boundary.
- A blockchain
- A consortium ledger
- A substitute for ERP audit trails when one organisation controls the entire lifecycle
It will not detect a plausible-looking false entry signed by an authorised actor, calibration drift on a sensor, or a contract clause that never got enforced. Those failure modes need process controls, audit culture, and physical safeguards. EventChain is honest about that boundary.
Read the full specification.
The whitepaper covers the provenance problem, enterprise use cases, the technical mechanism, the economic model, verification boundaries, and the deployment path.
Whitepaper · v1.0
EventChain: zero-trust provenance for enterprise data
Problem, mechanism, economic model, verification boundaries, and deployment path, in full.
Authored by Raam Roche, CTO at Helionics · Published 1 May 2026
Pairs with