What we store
Veristiq primarily stores:
- Competition data (IDs, names, draw times, prize info)
- Entry records (internal ticket ID, your external ID, eligibility flags)
- Draw events (seed hash, entry pool hash, winner reference)
- Audit records (signature hash, chain pointers, timestamps)
- Limited operator metadata (operator account, API keys)
We deliberately avoid storing unnecessary personally identifiable information (PII).
Where user references are stored, we encourage operators to use hashed or anonymised references.
Protecting the integrity of the audit chain
To make the audit chain tamper-evident, we:
Hashing
Hash each event using a strong cryptographic function
Linking
Include the previous event’s hash in the new event’s data
Immutability
Prevent normal update/delete operations on audit records
Verification
Run internal integrity checks to detect any inconsistencies
If someone attempted to alter a past event:
This makes quiet rewriting of history extremely difficult to hide.
Who can access what
Operators
Can see their own competitions, entries and audits.
Public
Public audit pages expose only the data necessary to verify fairness — not internal operator data or personal player data.
Admins
Internal admin tools are limited to operational and integrity purposes, not result manipulation.
Veristiq cannot be used to secretly:
- Move a draw forward or backward in time
- Change the winner without leaving a trace
- Silently drop entries from the draw pool