Adding Cryptographic Audit Trails to FIX Without Touching Your Trading Engine
The article discusses the problem of proving the integrity of trading system logs, and presents a 'sidecar' solution that adds cryptographic proof to trading events without modifying the core FIX engine.
Why it matters
This solution addresses a critical problem in the financial industry by providing cryptographic proof of trading event integrity, which is essential for regulatory compliance and auditing.
Key Points
- 1Traditional logging falls short as it does not provide proof of log integrity, completeness, or timestamp accuracy
- 2The 'sidecar' solution asynchronously collects event copies, hashes and chains them, and signs the data for non-repudiation
- 3The solution provides cryptographic proof of trading events without impacting the core FIX engine
Details
The article highlights the limitations of traditional logging in trading systems, where there is no cryptographic proof that logs have not been modified, deleted, or have complete sequence. It then presents a 'sidecar' solution that runs in parallel to the trading system's FIX engine. This sidecar process asynchronously receives copies of trading events, hashes each event, chains the hashes to provide tamper detection, and signs the data using Ed25519 for non-repudiation. The solution anchors batches of events in Merkle trees for efficient verification, all without touching the core FIX engine.
No comments yet
Be the first to comment