A blockchain-powered data provenance platform to attach tamper-evident metadata to every record you store.
Track, trace, attest and verify your data for simple, faster governance, audit and compliance.
Simple
REST API
Build immutable evidence ledgers with simple APIs and pipeline integrations that fit the way you work.
Python and no-code YAML integrations also available.
Provenance
Ledger
No need to learn or implement complex blockchain: just connect with your usual ID and a simple API.
Protection and distribution of provenance is handled automatically.
Multi-Party
Transparency
Multi-party access policies across borders solved with separation of duties between tech and business
Complex policies easily defined in a simple JSON document or GUI.
Getting Started with RKVST is Easy
Simply sign up and create your private tenancy through the UI and create your first app registration (auth token). Once done, you can manage RKVST through a series of API calls.
Step 1: Create an Asset
Assets are the primary object type in RKVST. Think of them as a document folder for evidence about a particular thing: no matter whether it’s a physical object or a digital file, if you need to keep evidence about it, you keep it here.
Assets are simple JSON documents and can track and trace any attribute you like: just add them to the list.
Note: You’re not confined to text! You can attest rich evidence and documents on RKVST too!
Assets can be either public, meaning that anyone can view and verify their attestations and lifecycle information, or private, in which case you are in full control of which other RKVST users can see what.
{
"behaviours": [
"RecordEvidence",
"Builtin"
] ,
"attributes": {
"arc_display_name": "My First Asset",
"arc_display_type": "Test Asset",
"custom_field": [
{"value": "Anything you like"},
{"UUID": "e8187ba0-458b-4c58-bd67-5c56cbf4f028"}
]
},
"public": false
}
steps:
- step:
action: CREATE_ASSET
archivist_label: My First Asset
behaviours:
- RecordEvidence
- Builtin
attributes:
arc_display_type: "Test Asset"
custom_field: "Anything you like"
public: "false"
from archivist.archivist import Archivist
rkvst = Archivist("https://app.rkvst.io", (client_id, client_secret))
attrs = {
"arc_display_name": "My First Asset",
"arc_description": "Test Asset",
"custom_field": [
{"value": "Anything you like"},
{"UUID": "e8187ba0-458b-4c58-bd67-5c56cbf4f028"},
],
}
props = {
"public": False,
}
rkvst.assets.create(
props=props,
attrs=attrs,
confirm=True
)Step 2: Create Access Policies
Some supply chain evidence is best shared with the world, while other artifacts need to be distributed more carefully. RKVST features a powerful private-by-default Access Policies system that allows you to publish attestations and evidence to other users of the system based on attributes that you specify.
These policies are set once and then automatically applied by RKVST any time you send data to the platform, so your code doesn’t have to worry about security or publication polices or selective redaction for different recipients: just send the data in and RKVST does the rest.
For business managers there’s also a simple UI for creating access policies, but the full power of RKVST is only available through the API.
{
"display_name": "My First Policy",
"filters": [
{ "or": [ "attributes.arc_display_type=Test Asset" ] }
],
"access_permissions": [
{
"subjects": [],
"user_attributes":[
{
"or": [
"email=abc@xyz.com",
"subject=1234-abcdef-9876"
]
}
]
"behaviours": [
"Attachments",
"Builtin",
"RecordEvidence"
],
"asset_attributes_read": ["*"],
"asset_attributes_write":["color"],
"event_arc_display_type_read":["*"],
"event_arc_display_type_write":["Paint"]
}
]
}
steps:
- step:
action: ACCESS_POLICIES_CREATE
access_policy_label: Access Policy
display_name: My First Policy
filters:
- or:
- "attributes.arc_display_type=acme_display_type"
- or:
- "attributes.ext_vendor_name=acme"
access_permissions:
users:
- "email=abc@xyz.com",
- "subject=1234-abcdef-9876"
behaviours:
- Attachments
- Builtin
- RecordEvidence
asset_attributes_read:
- "*"
asset_attributes_write:
- "color"
event_arc_display_type_read:
- "*",
event_arc_display_type_write:
- "Paint"
from archivist.archivist import Archivist
rkvst = Archivist(
"https://app.rkvst.io", (client_id, client_secret)
)
props = { "display_name": "My First Policy" }
filters = [{"or": [ attributes.arc_display_type=Test Asset ] }]
access_permissions = [{
"subjects": [],
"user_attributes": [{ "or": [
"email=abc@xyz.com",
"subject=1234-abcdef-9876"
]}],
"asset_attributes_read": ["*"],
"asset_attributes_write": ["color"],
"event_arc_display_type_read": ["*"]
"event_arc_display_type_write": ["Paint"],
"behaviours": [
"Attachments",
"Builtin",
"RecordEvidence"
],
}]
access_policy = arch.access_policies.create(
props,
filters,
access_permissions
)
Step 3: Start Attesting Events
This is how you track/journal lifecycle events. An Event is an attestation record of what happened to the Asset at a point in time, and creates a verifiable tamper-evident record of who did what when.
The only way to change an Asset record is by registering an Event, making for complete, detailed traceability and provenance of the evidence in the platform.
Events can also be stand-alone attestations of facts and evidence without modifying the Asset: whatever’s easiest for your use case.
This is the single source of truth, your digital chain of custody for the Asset.
{
"operation": "Record",
"behaviour": "RecordEvidence",
"event_attributes": {
"arc_display_type": "Paint",
"arc_description": "Painted the Asset ready for display",
"paint_consumed": "3.91l"
},
"asset_attributes": {
"color": "Forest Green"
}
}
steps:
- step:
action: ASSETS_CREATE_IF_NOT_EXISTS
archivist_label: My First Asset
selector:
- attributes:
- arc_display_name
- arc_display_type
attributes:
arc_display_name: My First Asset
arc_display_type: Test Asset
- step:
action: CREATE_EVENT
archivist_label: My First Asset
properties:
operation: Record
behaviour: RecordEvidence
attributes:
arc_display_type: Paint
arc_description: Painted the Asset ready for display
paint_consumed: 3.91l
asset_attributes:
color: Forest Green
from archivist.archivist import Archivist
rkvst = Archivist("https://app.rkvst.io", (client_id, client_secret))
asset = self.read_by_signature(attrs={
"arc_display_name": "My First Asset"
})
props = {
"operation": "Record",
"behaviour": "RecordEvidence",
}
attrs = {
"arc_display_type": "Paint",
"arc_description": "Painted the Asset ready for display",
"paint_consumed": "3.91l"
},
asset_attrs = {
"color": "Forest Green"
}
arch.events.create(
asset["identity"],
props=props,
attrs=attrs,
asset_attrs=asset_attrs,
confirm=True
)3 Simple Steps to a Reliable Chain of Custody
Step 2
Create asset and access policies
Step 3
Create events and start making attestations