> ## Documentation Index
> Fetch the complete documentation index at: https://docs.alforse.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Evidence Trail

> Invoice and receipt evidence, plus the operation log behind every sensitive action.

Alforse treats file traceability as a commercial requirement, not a convenience. Two views cover
it:

## Evidence gallery

`GET /audit/evidence` lists invoice and receipt evidence (filterable by kind — `invoice`,
`proof`, or `all` — and by subject company), backed by the same files uploaded through the
[Files API](/api-reference/files)'s presign → upload → confirm flow. Every download is
authorized and scan-policy checked server-side, not just hidden in the UI.

## Operation log

`GET /audit/operations` lists audit events: contract create/edit/delete/import/export, field
definition changes, workflow transitions/approvals/returns/unlocks, payment and invoice changes,
file upload/download/delete, and permission/member changes. Each event is typed (see the
`OpType` values in [Audit](/api-reference/audit)) and searchable.

<Note>
  Reading the full operation log requires the `admin` module permission; reading evidence only
  requires `contract_view`. See [Roles & Permissions](/concepts/roles-and-permissions).
</Note>
