Evidence infrastructure for autonomous systems
Make every AI agent action provable.
Durable, independently verifiable evidence of who acted, on whose behalf, under which authority, and when.
For timestamping and hash-based sealing, content stays in your systems and Sigill receives only digests and metadata.
Putting consequential agent actions into production? Become a design partner
RFC 3161 · sealed at execution · unaltered
The problem
AI agents now approve claims, move money and ship code. When one of those actions is disputed, an internal log cannot independently prove what happened.
It lives in the same system that produced it, it can be edited after the fact, and it carries no independent proof of who acted, under what authority, or when.
How it works
Use the APIs that exist today. Hash, timestamp, seal, verify.
Sigill exposes focused endpoints for the trust mechanisms: RFC 3161 timestamping, PAdES/CAdES sealing, and verification. You choose the right surface for the record you need to prove.
Hash locally
For timestamps and hash-based seals, compute the digest in your system. The payload body does not need to leave your environment.
Anchor or seal
Create an independent timestamp, attach a detached CAdES seal, or produce a sealed document using the trust surface that fits the record.
Verify independently
Recipients can verify the timestamp, seal, and document integrity with open standards and ordinary validation tooling.
Timestamp a document or system event
POST /tsa/stamp-hash
hashHex sha512:b2...f0
label agent-output-2847
tsaSlug auto
→ RFC 3161 timestamp tokenSeal a digest with CAdES
POST /seal/sign-hash
hashHex sha256:b2...f0
certificateId org-cert-01
format cades
→ detached CAdES signatureVerify — without trusting Sigill
openssl ts -verify -in evidence.tsr \
-digest b2...f0 -CAfile tsa.pem
→ Verification: OK
no Sigill requiredWhat we prove, precisely
Sigill independently proves that the presented bytes or digest match the evidence created at the time, and that the timestamp or seal validates. It does not prove that the originating application supplied complete or truthful context.
What gets recorded
The actions someone will eventually ask about.
For AI platform teams, Heads of AI, CTOs, CISOs and risk owners responsible for autonomous systems in production.
Approved a EUR 48,200 insurance claim
A payout was authorised autonomously. Months later the decision is disputed, and someone has to show the basis and timing.
Released a EUR 120k supplier payment
Money moved on the agent's authority. Finance needs to prove who sanctioned it, and that the figure was not changed after.
Merged and shipped to production
A change reached customers with no human in the loop. An incident review needs an untampered trail of what ran.
Cleared a customer through onboarding
An identity decision was automated. A regulator later asks for the evidence behind it, and when it was made.
Technical foundation
Open cryptographic standards. A portable evidence layer.
The mechanisms beneath Sigill are standard, well-understood primitives — not a black box you take on faith.
External, independent timestamps from RFC 3161 timestamp authorities. Qualified timestamping is available where your account and policy are entitled.
Advanced electronic seals over documents and digests using PAdES for PDFs and CAdES for detached signatures.
Use your own organisational certificate for customer-issued records, or Sigill's platform certificate for Sigill-issued artefacts.
Verify with OpenSSL, Adobe Acrobat, EU DSS and standard validation tooling — not just Sigill.
Built in Norway and hosted in Europe for teams that need jurisdictional clarity.
Qualified electronic seals are on the roadmap. Today Sigill provides advanced electronic seals and does not claim to issue QESeals.
Governance describes the control environment. Sigill makes individual agent actions independently verifiable.
The evidence layer beneath your governance, observability and control stack — not a replacement for it.Get started
Start producing evidence today.
Create an account and get an API key in minutes — or partner with us on consequential agent actions.
Self-serve
Get started
Create an account, get an API key, and start anchoring evidence with independent timestamps and electronic seals.
Design partner
Become a design partner
For teams putting consequential agent actions into production. We will harden agent evidence with you — in production, with your stack.
EU-hosted · independent evidence layer · hash-first APIs