Site Glossary

The process of reading and validating command-line options and parameters (e.g., -o output.csv). Good argument parsing provides help text, defaults, type checks, and consistent user experience.

An ordered collection of values, accessed by position (index). Lists/arrays are used to store multiple related items such as log entries, IP addresses, filenames, or transaction hashes.

Specialized hardware designed for a specific task, commonly used to mine Proof-of-Work cryptocurrencies efficiently.

A digital unit of value recorded on a blockchain, including coins, tokens, and NFTs.

Asymmetric encryption uses a public/private key pair. The public key can be shared, while the private key must remain secret. Asymmetric cryptography enables secure key exchange and digital signatures but is generally slower than symmetric encryption.

The process of linking on‑chain activity (addresses/transactions) to real‑world persons, organizations, or services using corroborated evidence.

A chronological sequence of records showing who did what and when within a system. In digital investigations, audit trails may include admin actions, file access, message edits/deletes, permission changes, and data export events.

Authenticated Encryption provides both confidentiality and integrity in a single operation, ensuring ciphertext cannot be altered without detection. Modern best practice is to use AEAD modes such as AES-GCM or ChaCha20-Poly1305.

The process of proving identity to access a system or service (passwords, biometrics, tokens, multi-factor). Authentication artifacts—login logs, tokens, device trust records—can help prove account control or link a user to specific actions.

The process of showing that evidence is what it purports to be. In digital investigations, authentication can involve hashes, provider certifications, metadata consistency, device context, witness testimony, and explanation of collection and analysis methods.