Skip to content

Integrity Evidence

Integrity evidence records paired source and destination hashes for files transferred by an integrity-enabled live run. It is intended to give operators reviewable transfer evidence without implying a legal or regulatory guarantee that is stronger than the configured verification path.

When to use it

Use integrity evidence when you need an operator-facing report that shows:

  • source hash and destination hash
  • primary hash algorithm
  • source and destination provenance
  • verification mode
  • verification status
  • verified timestamp when verification ran

The report is not a standalone certification. The strength of the evidence depends on the selected mode, provider behavior, and whether the runner ran a post-copy verification pass.

Job configuration

The job configuration page exposes an Integrity Evidence Report section with these modes:

  • off: do not collect integrity evidence.
  • hash_evidence: collect paired hashes without a separate post-copy comparison pass. This is the lowest-cost evidence mode.
  • verified_hash_match: collect paired hashes and run a post-copy hash comparison over the transferred file set.
  • strict_download_verify: collect paired hashes and run a post-copy verification that re-reads transferred data. This is the highest-cost mode.

The primary algorithm is Secure Hash Algorithm 256 (SHA-256). Supplementary provider-native hashes such as Message Digest 5 (MD5), Secure Hash Algorithm 1 (SHA-1), QuickXorHash, or DropboxHash can be retained when available, but they do not replace the primary hash.

Run detail

Run detail shows integrity evidence separately from the operational files list. The Integrity Evidence Report card summarizes the mode, reconciliation result, status counts, and a preview of evidence rows.

The preview includes source and destination primary hashes, provenance, verification status, verification mode, verified timestamp, and runner notes. Large runs only show the first rows in the User Interface (UI); download the Comma-Separated Values (CSV) file or Excel report for the complete evidence set.

Exports

The dedicated CSV export includes:

  • run identifier
  • job name
  • relative path
  • source path and destination path
  • source and destination Storage Repository identifiers
  • primary algorithm
  • source and destination primary hashes
  • source and destination provenance
  • verification mode
  • verification status
  • verified timestamp
  • notes
  • source hash map and destination hash map

The Excel report includes the same evidence in a dedicated Integrity Evidence worksheet when evidence rows exist.

Reading statuses

  • not_checked: evidence was collected, but no post-copy verification status was reported for the row.
  • match: source and destination evidence matched under the selected verification path.
  • mismatch: source and destination evidence did not match.
  • source_missing: verification could not find the source path.
  • destination_missing: verification could not find the destination path.
  • error: verification or evidence collection reported an error for the row.

For verification modes, mismatch, missing-file, and error statuses can cause the run to fail even when the transfer command completed. This prevents incomplete evidence from being presented as a successful verified transfer.