ImmuDB is an open-source database that stands out from conventional solutions by guaranteeing the immutability of stored data. While some existing databases offer add-on tools that enable data change tracking, the team at
Codenotary approached the issue from a fundamentally different perspective. Their goal was to develop a database that ensures data immutability at its core, rather than relying on external components or workarounds.
According to Codenotary’s
official publication, the key motivation behind creating the system was the need to address cybersecurity and data integrity. This naturally raises the question: what exactly does immutability mean, and how is it implemented in practice? In reality, the concept is more nuanced - better described by the term tamper-proof database solutions, which more accurately reflects the assurance of data integrity. Rather than offering absolute immutability or non-deletability, ImmuDB tracks every modification and verifies the integrity of that history using a data structure known as a Merkle tree database.
Merkle trees are binary trees where the leaves represent the hashed values of a dataset, and the inner nodes are hashes of their respective child nodes. Essentially, this creates a chain of hashes from each leaf up to the root. If the hash function used is cryptographically secure - meaning it is computationally infeasible to reverse or predict - then any change to a leaf node would alter the parent hash, and ultimately the root hash, exposing any unauthorized modification.
In the case of ImmuDB, this means that whenever a new entry is added - effectively a new leaf in the tree - the root hash remains valid only if all previous entries are unchanged. If someone attempts to alter or remove data without authorization, the updated hash structure will no longer match, and the system will detect the inconsistency.