Reporting and audit access
Use DALP's indexed read APIs, dashboard exports, transaction references, webhook delivery records, and audit-access boundaries for reporting and data retrieval.
You answer reporting and audit questions from DALP indexed read APIs, dashboard exports, transaction references, and webhook delivery records. The platform does not replace statutory books, reserve attestations, custody records, bank ledgers, or regulatory filings.
DALP indexes EVM events and transaction receipts into read models. Authenticated callers query those models through read-only routes, export visible dashboard tables, and retain webhook delivery evidence. Organisation-scoped API keys let your integration pull the indexed tokenization dataset programmatically; you provision separate credentials for auditors or regulators who need the same surfaces.
This page maps common reporting questions to those surfaces. For scope boundaries and unsupported capabilities, see Access and audit boundaries and What DALP does not provide.
Reporting access modes
| Mode | DALP surface | Typical datasets | Export or delivery format |
|---|---|---|---|
| Online (interactive) | Dashboard tables and live read APIs | Current holders, filtered token or user events, actions, transaction status | Visible table rows via CSV or JSON export; JSON API responses for the queried page |
| On-demand (pull) | Paginated read APIs, webhook replays, and dashboard exports | Holder register, event history for a date range, user events, actions, webhook delivery and chain-of-custody records | JSON from API routes; CSV or JSON from dashboard export; replay payloads from webhook routes |
| Batch (push or scheduled pull) | Webhook subscriptions and your own scheduled API jobs | Event streams your integration subscribes to; full extracts your jobs page through holder, event, and action routes | Webhook HTTP deliveries with delivery-attempt records; JSON files your scheduler writes from API pagination |
DALP does not ship a built-in regulatory reporting scheduler or a separate auditor portal. Batch reporting is either webhook push into your systems or scheduled pulls you operate against the read APIs.
What DALP can answer
| Reporting question | Start here | Use it for |
|---|---|---|
| Who currently holds this token? | GET /api/token/{tokenAddress}/holders | Current holder balances, available balance, frozen balance, and last indexed balance update. |
| What changed this token's state? | GET /api/token/{tokenAddress}/events or GET /api/v2/tokens/{tokenAddress}/events | Event history filtered by event name, sender, transaction hash, wallet, date range, pagination, and sorting. |
| Which actions are pending or executed for an asset? | GET /api/token/{tokenAddress}/actions | Time-bound on-chain and off-chain actions such as yield claims, maturity approvals, XvP actions, KYC update actions, and multisig approvals. |
| What did this authenticated user do or receive? | GET /api/v2/users/me/events | User-scoped on-chain event history for transfers, approvals, and role changes. |
| What transaction backs an operation? | Transaction status and token events | Match the operation status, on-chain transaction hash, block number, and event payload before closing a reconciliation item. |
| Can dashboard data leave the platform? | Dashboard table export | Dapp tables that use the shared export component can download visible table rows as CSV or JSON. |
| Can webhook evidence be audited? | Webhook delivery and chain-of-custody routes | Delivery attempts, replays by block range or event id, and event chain-of-custody proof where webhook events are used downstream. |
Token-level reporting surfaces
Current holder register
Use the holder endpoint when the report needs the current indexed register for one token.
curl -X GET "https://your-platform.example.com/api/token/0xTOKEN_ADDRESS/holders" \
-H "X-Api-Key: sm_dalp_xxxxxxxxxxxxxxxx"The response groups balances under token.balances. For each holder, compare value, available, frozen, isFrozen, and lastUpdatedAt with your internal ledger. Frozen balances and whole-address freeze state should be reviewed separately from the total balance.
For a point-in-time question, use historical-balance routes only when the token has the historical-balances feature attached. Those routes include list, balance-at-block, and holders-at-block reads for the feature.
Event history
Use token events when the report needs the activity trail behind balances, supply, compliance decisions, or feature state.
curl -X GET "https://your-platform.example.com/api/token/0xTOKEN_ADDRESS/events?eventNames=TransferCompleted&eventNames=MintCompleted&eventNames=BurnCompleted" \
-H "X-Api-Key: sm_dalp_xxxxxxxxxxxxxxxx"Event responses include eventName, transactionHash, blockNumber, blockTimestamp, emitter.id, sender.id, and event-specific values. The paginated token-events route adds JSON:API pagination, sorting, and faceted filters for token-event tables.
Use transactionHash when your ledger stores the submitted hash. Use senderAddress for the submitting wallet. Use walletAddress when you want events where a wallet was sender or recipient. Do not treat event amounts as formatted token values until you have applied the token decimals.
Actions and corporate-operation evidence
Use token actions for time-bound tasks that need operational review, such as maturity or yield approvals, XvP approvals and execution, KYC update actions, and multisig approvals. Action rows include the action type, status, activation time, optional expiry, execution time, and executor where applicable.
curl -X GET "https://your-platform.example.com/api/token/0xTOKEN_ADDRESS/actions" \
-H "X-Api-Key: sm_dalp_xxxxxxxxxxxxxxxx"Use actions to answer whether an operation is pending, upcoming, executed, or expired. Use token events and transaction status to confirm the on-chain result after execution.
Dashboard exports
DALP dashboard tables can expose an export dropdown when they use the shared table export component. The CSV export downloads the visible table row model with Excel-compatible encoding and respects per-column export settings. The JSON export downloads the row data, with an optional table-specific transform when a table needs export-ready JSON.
Use dashboard exports for working files and review packs. Treat them as exports of the current visible table state, not as a signed regulatory filing or a substitute for the underlying API and on-chain evidence.
Webhook audit evidence
When downstream systems consume DALP events through webhooks, keep the delivery evidence with the report. The webhook API supports reading delivery attempts for an endpoint, retrying a delivery, replaying historical webhook events by block range or event id, and reading chain-of-custody proof for a webhook event.
| Need | Endpoint |
|---|---|
| List webhook endpoints | GET /api/v2/webhooks |
| List delivery attempts | GET /api/v2/webhooks/{id}/deliveries |
| Read one delivery attempt | GET /api/v2/webhooks/{id}/deliveries/{deliveryId} |
| Replay historical webhook events | POST /api/v2/webhooks/{id}/replays |
| Read event chain of custody | GET /api/v2/webhooks/events/{evtId}/chain-of-custody |
Use webhook evidence to prove what DALP attempted to deliver to your integration. The receiving system still owns its own ingestion logs, transformations, and filing records.
Access and audit boundaries
DALP separates reporting data from operating authority. Read APIs are authenticated and scoped by the caller's organisation, system, user, participant, and route permissions. API keys are organisation-scoped; create separate keys per organisation and environment when you run independent extraction jobs or hand credentials to audit firms.
Asset-level operating authority remains separate from dashboard membership or report access. For organisation and system scope details, see Organisation and system scope.
Global-admin operations have a structured audit-log path for successful calls and denied calls. That audit stream records the user, route, success or denial reason, timing, and cache context where present. It is an operator audit surface, not a tenant-export API.
What DALP does not provide
| Topic | Boundary |
|---|---|
| Statutory or bank ledger of record | DALP supplies indexed platform and on-chain evidence. You reconcile it with bank ledgers, custody records, reserve attestations, and filings. |
| Signed regulatory filing packages | Dashboard exports and API JSON are working files, not certified filings. |
| Vendor-operated manual report runs | Read APIs and exports run under credentials you control. DALP does not operate scheduled regulatory report generation on your behalf. |
| Cross-organisation data joins in one call | API keys resolve one organisation context. Combine extracts in your reporting warehouse when you span organisations. |
| Tenant export of global-admin audit logs | The global-admin audit stream is for operator review, not a customer reporting API. |
Recommended reporting workflow
- Start with the holder register for the token.
- Pull token events for the reporting period, filtered by event names, wallet, sender, or transaction hash.
- Match each ledger entry to a transaction hash, block timestamp, event name, and amount after decimal conversion.
- Review actions for pending, expired, or executed operational tasks that explain expected changes.
- Export relevant dashboard tables when reviewers need spreadsheet or JSON working files.
- Attach webhook delivery or chain-of-custody evidence when an external system relies on pushed DALP events.
- Reconcile DALP evidence with bank ledgers, custody records, reserve attestations, and statutory books before final reporting.
Related pages
- Reconcile balances for a step-by-step balance reconciliation workflow.
- Token events for event filters, facets, and table behaviour.
- Token holders and transfers for holder and transfer API details.
- Data availability for the difference between indexed read models and on-chain execution truth.
- Events catalogue for webhook event subscriptions and payload references.