A roadmap following [the statement made by henrus, 17/01/2022](https://docs.google.com/document/d/1fmKlvO21RIcz0422nArQjerTaxhOsp0_nhPVM1yBIVs) - Nick

# A roadmap following [the statement made by henrus, 17/01/2022](https://docs.google.com/document/d/1fmKlvO21RIcz0422nArQjerTaxhOsp0_nhPVM1yBIVs) - Nick ## Mod audit log ### Storage of the audit log `/case <case#>` should be a command for viewing any case in the audit log achieved by filtering The audit log should be securely kept and updated to where mods, admins or even devs are unable to realistically edit a previous log. Warns, Bans, Mutes or other types of punishments should be kept on an audit log aswell as Warn revokes or unmutes which should all contain a case#, reason, moderator responsible and the previous action hash. This log should be acsessible to all staff members at all times so long as the database is online. The audit log should be kept updated in a discord channel so that it is readable and acsessible. The security of the audit log should depend on a blockchain (i swear im not an nft bro) where new changes can be made such as punishments or the revoking of punishments but previous actions cannot be deleted or altered in any way. This can be done with hashes relying on previous hashes making an edit impossible without a rewrite of all actions ever taken since the audit log was implemented. This is the best way to prevent admin abuse by anyone at all. This can be implemented with the use of the "crypto" library (built into node) which provides common hashing functions such as sha256, a class for actions that contains case#, mod responsible, user affected and a hash of the previous action, where necissary, revokement of punishment should also include the case# of the original punishment. ### Backups To improve reliability, a private repo backup of the audit log should be kept on github which will backup nightly. Github shows any edits to a repository and therefore tampering with previous backups is easily detected. ### Notes & Profile `/notes <@userID>` is a suggested command which will be logged on the audit log aswell as on the users file containing an array of previous notes. This profile can be retrieved with `/profile <@userID>` or checking the audit log by filtering the user affected field. ## Result A secure way of storing an audit log which can build trust amongst staff and prevent abuse.