https://github.com/inferadb/ledger
InferaDB Ledger — distributed database purpose-built for authorization.
https://github.com/inferadb/ledger
access-control audit-log authorization blockchain cryptography database distributed-systems fine-grained-access-control grpc immutable-ledger inferadb permissions rebac rust storage zanzibar
Last synced: 17 days ago
JSON representation
InferaDB Ledger — distributed database purpose-built for authorization.
- Host: GitHub
- URL: https://github.com/inferadb/ledger
- Owner: inferadb
- License: apache-2.0
- Created: 2026-01-09T03:24:51.000Z (3 months ago)
- Default Branch: main
- Last Pushed: 2026-03-06T02:59:59.000Z (26 days ago)
- Last Synced: 2026-03-06T07:36:17.634Z (26 days ago)
- Topics: access-control, audit-log, authorization, blockchain, cryptography, database, distributed-systems, fine-grained-access-control, grpc, immutable-ledger, inferadb, permissions, rebac, rust, storage, zanzibar
- Language: Rust
- Homepage: https://inferadb.com
- Size: 4.7 MB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE-APACHE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: .github/CODEOWNERS
- Security: SECURITY.md
- Agents: AGENTS.md
Awesome Lists containing this project
README
InferaDB Ledger
Blockchain storage for cryptographically verifiable authorization.
> [!IMPORTANT]
> Under active development. Not production-ready.
**[InferaDB](https://inferadb.com) Ledger is a distributed database purpose-built for authorization.** Every permission change is committed to an append-only blockchain, replicated via Raft consensus, and independently verifiable by clients through Merkle proofs — giving you a tamper-proof record of who had access to what, when. Ledger is the storage layer behind [InferaDB Engine](https://github.com/inferadb/engine) and [InferaDB Control](https://github.com/inferadb/control).
- [Features](#features)
- [Quick Start](#quick-start)
- [Configuration](#configuration)
- [Development](#development)
- [Documentation](#documentation)
- [Community](#community)
- [License](#license)
## Features
- **Tamper-Proof Authorization History** — Every permission change is committed to a per-vault blockchain. Not even database administrators can retroactively alter who had access to what, when.
- **Client-Side Proof Verification** — Clients receive Merkle proofs with every read and can verify authorization decisions independently, without trusting the server.
- **Data Residency** — Pin authorization data to geographic regions. Nodes only join Raft groups for their assigned region, keeping data within jurisdictional boundaries.
- **Tenant Isolation** — Per-organization, per-vault security boundaries. Each vault maintains its own blockchain — one tenant's data can never leak into another's.
- **Immediate Consistency** — Raft consensus ensures permission changes are visible cluster-wide before the write returns. No stale reads on authorization decisions.
- **Sub-Millisecond Reads** — B+ tree indexes serve lookups without touching the Merkle layer. Cryptographic verification adds no overhead to the hot path.
## Quick Start
**Development or single-server deployment:**
```bash
inferadb-ledger --data /var/lib/ledger --single
```
**Production cluster (run on each of 3 nodes):**
```bash
inferadb-ledger --data /var/lib/ledger --cluster 3 --peers ledger.example.com
```
For clusters, `--peers` tells each node how to find the others. Pass one of:
- **DNS domain** (e.g., `ledger.example.com`) — looks up A records
- **File path** (e.g., `/var/lib/ledger/peers.json`) — reads addresses from JSON
See the [deployment guide](docs/operations/deployment.md) for multi-node setup, Kubernetes, adding/removing nodes, backup, and recovery.
## Configuration
| CLI | Purpose | Default |
| ----------- | ------------------------------------------------------------------------------------------------------ | ----------------- |
| `--listen` | Bind address for gRPC API | `127.0.0.1:50051` |
| `--data` | Persistent [storage](docs/internals/storage.md#directory-layout) (logs, state, snapshots) | _(ephemeral)_ |
| `--single` | Development or single-server deployment ([details](docs/operations/deployment.md#single-node-cluster)) | |
| `--join` | Add this server to an existing cluster ([details](docs/operations/deployment.md#adding-a-node)) | |
| `--cluster` | Start a new N-node cluster ([details](docs/operations/deployment.md#multi-node-cluster-3-nodes)) | `3` |
| `--peers` | How to [find other nodes](docs/operations/deployment.md#discovery-options): DNS domain or file path | _(disabled)_ |
| `--region` | Geographic [region](docs/operations/deployment.md) for data residency (`us-east-va`, `ie-east-dublin`) | `global` |
See [Configuration Reference](docs/operations/deployment.md#configuration-reference) for environment variables and all options including metrics, batching, and tuning.
## Contributing
### Prerequisites
- Rust 1.92+
- [mise](https://mise.jdx.dev/) for synchronized development tooling
- [just](https://github.com/casey/just) for convenient development commands
### Build and Test
```bash
git clone https://github.com/inferadb/ledger.git
cd ledger
# Install development tools
mise trust && mise install
# Build
just build
# Run tests
just test
```
## Documentation
- [Technical White Paper](WHITEPAPER.md) — Start here to understand how Ledger works, see benchmark results, and evaluate whether it fits your use case
- [Technical Design Document](DESIGN.md) — Authoritative specification for contributors; explains the reasoning behind architectural decisions
## Community
Join us on [Discord](https://discord.gg/inferadb) for questions and discussions.
## License
Dual-licensed under [MIT](LICENSE-MIT) or [Apache 2.0](LICENSE-APACHE).