Trust is not a feature.

It is an obligation.

NON-NEGOTIABLE

No deleted history

NON-NEGOTIABLE

No hidden changes

NON-NEGOTIABLE

No orphan transactions

NON-NEGOTIABLE

No trust without evidence

PRINCIPLE 1

Record Integrity

Historical records are immutable. Past data cannot be edited or deleted. Corrections are recorded as new, linked documents. All changes are append-only.

This guarantees a complete and preserved historical record.

PRINCIPLE 2

Document-Centric Truth

Documents are the atomic unit of truth. For every document:

Unique identifier is assigned

Every document receives an immutable ID at creation. This ID never changes and serves as the permanent reference point.

Version history is preserved

All document versions are retained. No version can be overwritten or deleted. The entire evolution is traceable.

Authoring actor is recorded

Every document records who created it. This attribution is immutable and cannot be changed after creation.

Timestamps are mandatory

Creation time, modification time, and all state transitions are recorded with precision timestamps.

No action exists outside a document context.

PRINCIPLE 3

Event Traceability

All actions produce immutable events. Each event records:

  • Timestamp
  • Actor
  • Related document
  • Action type

    • Event logs are append-only and cannot be altered.

    PRINCIPLE 4

    Authority and Accountability

    Every action is performed by an identifiable actor. Anonymous or system-generated actions are prohibited unless explicitly justified and logged.

    When an action is performed:

  • The actor is authenticated
  • The actor's authority is verified
  • The action is logged with full context
  • The result is recorded immutably

    • No one can act without leaving evidence.

    THE GUARANTEE

    When you need to prove what happened,
    you will have immutable evidence.

    Not screenshots.
    Not explanations.
    Proof.

    How we enforce this

    ARCHITECTURAL

    PMFA architecture prevents deletion and hidden changes at the database level. It's not a policy — it's structural impossibility.

    OPERATIONAL

    Every system operation creates an audit trail. Database triggers, application-level logging, and event sourcing work together.

    VERIFIABLE

    Anyone with access can verify the complete history. Inspectors, auditors, and courts can trace every action back to its origin.

    Evidence-first deep dives

    Why Oracle systems fail

    Root causes that audits and outages keep exposing.

    Read pillar →

    Why workshop software fails inspections

    Where traceability breaks in real production.

    Read pillar →

    Why APIs are not systems of record

    Evidence beats integration in regulated environments.

    Read pillar →

    Related Resources

    Evidence Model → Compliance Statement → Security Principles →

    Evidence, not promises.