Quickstart
TokenForensics is a Next.js 16 application on a Prisma 7 + Neon Postgres
substrate, with Auth.js for sign-in and a hash-chained TokenAuditEvent
ledger at its core.
Run it locally
pnpm install
pnpm dev
# http://localhost:3000
The documentation site you are reading is served by the same app at
/docs. The investigator workbench is at /app (it requires sign-in).
The commands you'll use
| Command | What it does |
|---|---|
pnpm dev | Start the dev server |
pnpm build | Production build |
pnpm lint / pnpm exec tsc --noEmit | Lint and type-check |
pnpm test | Vitest unit tests |
pnpm test:e2e | Playwright end-to-end tests |
pnpm video:render:all | Render every Remotion walkthrough |
The one rule before you write code
The substrate is append-only
Every forensic-relevant action is written through one function —
appendAuditEvent in src/lib/ledger.ts. Never UPDATE or DELETE a
row in TokenAuditEvent, and never write to it any other way. The hash
chain is the chain-of-custody; bypassing the append path corrupts the
property the entire product is built on.
Where to go next
- Introduction — the forensic model and how these docs are organized.
- Forensic ledger substrate — the hash-chained ledger everything folds over.
- Pillar 1 — Tamper-evident capture — the next capability pillar.
Last updated