That would then be an entirely different situation?

It's mp3 quality through an old tiny battery driven DAC...

nation…..thing

we prefer the term "sui generis geopolitical entity" ;)

Having a bunch of answers to very poor questions is not the goal.

If you managed to parse out a good question in there of general interest that has not been answered yet, you can submit it yourself and provide your own answer. That way you are actually adding something valuable to the site.

I agree that it is really hard to contribute in a meaningful way though.

You are claiming that

1. a blockchain would somehow make it easier to detect tampering or make stronger guarantees about the log integrity (I think you are being a bit vague here honestly)

2. That a blockchain is easier to set up than my proposed alternative.

Regarding 1: If the other parties just store the log, you just compare what the company provided with what the peers have stored. Then you see EXACTLY what has changed. I still don't understand what it is you claim a blockchain can do here that just having the peers store a copy of the logs cannot and how it is somehow less brittle.

Regarding 2: it can literally be as simple as serving the log from a webserver (with authentication if you only want the peers to be able to read it) and then have the peers scrape it periodically. Or send an email every night. Yes you need to provision infrastructure and integrate with your logging system. But that is the same for hosting a blockchain based system.

You could do the same by broadcasting your events to all your peers and having each peer save everyone's events.

But this is also a prerequisite to running a blockchain right? This is essentially the mempool. Then you have a layer on top which does more stuff (the actual blockchain part)

Surely implementing only the sending of log event is simpler than also adding all the hashing and consensus stuff(which in practice adds no real utility) on top?

So it is not really private to one business, but shared between a couple handfuls. The consensus of this group is then trusted.

In that case, to write a log entry I would have to publish the log into some mempool shared among the group as it is logged. At this point, each member can just store the log entry and then later verify it of asked. Again, it seems like the entire block chain part of this system is redundant and what is really providing utility is the idea of storing your logs with someone else as you create them so you cannot later claim something didn't happen.

But just to understand the idea of private blockchains better. Would this be some kind of hardcore "code is law" arrangement where each Company is competing on hash power with all the others to prevent them from rewriting the logs to their advantage (and in the best case being able to rewrite the log to their advantage).

Or is there some a priori agreement on what a reasonable amount of hash power is, that you just hope one company doesn't choose to outspent by a factor 100 the day they really need to rewrite the log?

I guess in that case it will be clear to everybody what has happened. But if you choose to act on this common sense version of events instead of the "truth of the blockchain consensus" you are, once again, undermining the entire idea of using a block chain.

How does a private blockchain work? It is my impression that the security of the block chain comes from the difficulty of mining a new block. This in turns depends on having many entities competing for mining the next block because they get some type of financial incentive.

Wouldn't a private block chain just essentially be like git? In git I can easily rewrite the entire history of my "log" by just rehashing everything. It is just git rebase. For anybody to verify I had not done this, they would always need the newest commit/log entry. So until the time I choose to publish a log entry, I am free to rewrite it and everything after it. Which is exactly the same as if I didn't use a blockchain.

It just seems like the blockchain solution depends on publishing log entries to a third party as they happen, but once you do that, the problem is already solved and you don't need a blockchain.

But I might not properly understand how private blockchains work?

Any system which publishes the log to third parties as they are written would do that.

Then sign and send the audit log in realtime to the authority which A provided their logs to. Same effect no blockchain.

You could also encrypt and publish it. But realistically there is always going to be some entity actually responsible for enacting the consequences for non-compliance and they are the only entity that really ever needs to check these logs.

I am not sure I understand what the incentives to "mine" this blockchain would be. Without a certain block difficulty, which requires many miners, it will be trivial to rewrite the entire chain.

I fail to see what blockchain can provide in the realm of audit logging?

Fundamentally, you need to trust the systems which are logging events to log the correct events at the correct time. How does blockchain change this?

The most water-like thing I am allowed by your very contrived rules. Maybe water with two slices of cucumber.