Transparency Log

Every document signed through SignForge is recorded in a public, append-only Merkle tree. This log provides cryptographic proof of existence and ordering — tamper-evident and independently verifiable.

Total Entries

...

Latest Entry

...

Current Root

...

Look Up an Entry

Search by document SHA-256 hash or entry ID to verify inclusion in the log.

How It Works

1

Document Signed

When all signers complete an envelope, SignForge computes a SHA-256 hash of the final signed PDF.

2

Appended to Log

The document hash is appended to the Merkle Mountain Range (MMR) tree. A Merkle proof and Signed Tree Head are generated.

3

Independently Verifiable

Anyone can verify a document's inclusion using the hash, proof, and public key — no SignForge account needed.

Trust Model

SignForge issues W3C Verifiable Credential 2.0 signing receipts — open-standard, machine-readable proofs embedded in every signed PDF. These receipts use did:key identifiers (derived from public key bytes), meaning they can be verified offline without depending on any domain or server.

The transparency log uses a Merkle Mountain Range data structure with Signed Tree Heads (STH) — each checkpoint is signed by a separate log key, preventing self-referential proofs.

Public keys are available at /.well-known/did.json and embedded in every signed PDF as signforge_keys.json.