The Auditing Portal is the off-chain review and disclosure surface for Arcane. It indexes registered contracts, stores raw and interpreted audit data, enforces access, manages disclosure cases, generates reports, and records activity logs. The portal is separate from the user transaction path. It is used after an approved support, compliance, or audit workflow needs scoped access to private transaction records.

Auditing Portal components

Auditing Portal components

Runtime responsibilities

AreaImplementationResponsibility
Backend runtimeNestJS, TypeORM, scheduled jobsModule graph, API routes, scanner ticks, interpretation batches
Registrychain, contracts, assets, applicationsDefines which contracts are scanned and how contracts map to organizations and applications
ScannerScannerModule, chain scanner servicesReads registered chain data and writes raw audit rows plus scan checkpoints
InterpretationAuditInterpretationRunnerServiceDecrypts raw audit rows and writes normalized audit_interpretation rows
Identity and accessAuthModule, WorkosAuthModule, MagicAuthModule, guardsMaps authenticated users to organizations, applications, permission buckets, and route scope
Disclosure workflowCasesModule, DisclosureRequestModuleRequest creation, approval and close decisions, approved cases, assignments, access windows
ReportsReportsModuleReport generation, listing, download, and report metadata
Activity logAuditorsLogModuleActivity staging, persistence, list, export
UIReact and ViteOrganization owner and application workspaces

Access model

The portal is organized around:
  • Organizations.
  • Applications.
  • Cases.
  • Assignments.
  • Permission buckets.
  • Access windows.
Portal access does not make every private transaction broadly visible.

Documentation

Disclosure requests

Request scoped access for a review case.

Case review

Review approved case transactions.

Reports

Generate reports and review activity logs.

Permissions and access

Understand portal identity and route enforcement.

Disclosure, cases, and reports

See the disclosure lifecycle, case storage, reports, and activity logs.

Data model

Review core PostgreSQL tables and relationships.

Indexing and interpretation

Understand scanner checkpoints, raw audit rows, and interpretation batches.

Audit UI

Review organization and application workspace routes.