LivingWill
Help center

The digital vault · 3 min

The Audit Log

What the audit log records, why a tamper-resistant history of sensitive actions protects you, and how to read it.

The audit log is your account's history of sensitive events. It is a quiet feature most people never need to think about, and exactly the feature you will be grateful for the day something looks wrong.

What the audit log is

The audit log is a record of meaningful actions taken in your account: things like sign-ins, changes to who can access content, sharing or revoking access, posthumous claims, and key recovery steps. It is not a record of the content itself. It does not store what your letters say or what is in your documents, because that content is encrypted and we cannot read it. It records that an action happened, when, and the relevant context, not the private contents.

Why it matters

A sensitive system without a history is hard to trust. The audit log gives you three things:

Accountability. If access is granted, changed, or claimed, there is a durable record of it. Important actions do not happen invisibly.

Early warning. If you see an event you do not recognize, like an unexpected sign-in or an access change you did not make, that is your signal to act quickly, secure your account, and investigate.

Protection for your family later. During the posthumous process, the log provides a clear, ordered trail of what was requested and when. That transparency protects honest executors and makes a wrongful claim easier to spot and challenge.

Tamper resistance

A history is only as trustworthy as its resistance to being quietly rewritten. The audit log is designed to be append-only and tamper-resistant, meaning entries are added in order and are not meant to be silently altered or deleted after the fact. The purpose is simple: if someone tried to cover their tracks, the attempt itself should be visible rather than erased.

How to read it

When you open the audit log, you will see entries in time order, newest first. Each entry tells you what happened, when it happened, and helpful context such as the type of action. To use it well:

  • Scan it occasionally, the way you would glance at a bank statement.
  • Focus on access and recovery events: new sign-ins, sharing changes, posthumous claims.
  • If anything is unfamiliar, treat it seriously. Change your passphrase, review who has access, and follow the steps in the security section.

What it cannot tell you

The audit log cannot reveal the contents of your encrypted items, because nothing, including LivingWill, can read them without your keys. It tells you the story of actions, not the story of secrets. That boundary is intentional: enough visibility to keep you safe, never so much that the log itself becomes a way to leak what the encryption protects.

Pair this with sharing during life vs after death and the security section to understand the full picture of who can do what, and how you would know.