Your digital records
will be challenged.
What's your evidence?

Independent cryptographic proof of what happened, when it happened, who issued it, and whether it has changed.

Create evidence →Verify a file

No credit card required.

The question that arrives later
"Can you prove what happened, when it happened, who issued it, and that the record has not changed since?"
Evidence verified
2026-03-04 · 09:14:32 UTC
Subjectmodel-output-turn-2847.json
Record hash3f4a9c…d82b1e
IssuerAcme AS · advanced electronic seal
Anchored byIndependent TSA · RFC 3161
Record integrity✓ Unaltered
openssl ts -verify — no Sigill.ai account required
Who it's for

For systems where records must withstand scrutiny.

AI & agent systems
AI evidence · audit readiness

Turn AI activity into durable cryptographic evidence — hashes of full inputs, outputs, and tool context, with sequence integrity and independent time anchors before anyone disputes the record. Bodies stay with you; Sigill keeps only the hash and the chain.

Regulated platforms
regulated SaaS · records

Add externally verifiable evidence to approvals, submissions, exports, and customer-facing records without building trust-service infrastructure yourself.

Software supply chain
CI/CD · supply chain

Timestamp build artefacts, SBOMs, manifests, and release bundles. Systems further down the chain can reject files without verified evidence — and you can prove the artefact in production is exactly what the build produced.

Trust authorities, clearly separated

Proof of when. Proof of who.

Sigill.ai is not the trust anchor — the independent authorities we connect you to are. We route your systems to external TSAs for proof of time, and apply advanced electronic seals (AdES) with your organisation's own certificate for proof of organisational origin. One integration for you; standard evidence that anyone can verify without us.

RFC 3161 Timestamp

Proof of when

Cryptographically binds a file's SHA-512 hash to a specific moment in time, signed by a trusted Timestamp Authority. Produces a standard .tsr token verifiable with OpenSSL — independent of any platform, including ours.

  • Signed by an external TSA — not self-claimed
  • Hash computed locally — file never leaves your device
  • Verifiable with openssl ts -verify
  • Multiple TSAs available; automatic failover
Advanced Electronic Seal (AdES)

Proof of who

Signs a document with your organisation's own X.509 certificate — bring your own certificate (BYOC). Recipients verify origin and integrity directly — no account, no portal, no Sigill.ai required.

  • Your organisation's certificate — BYOC, no Sigill-issued keys
  • PAdES for PDFs, CAdES for any other file type
  • Both formats are ETSI standards used in eIDAS-compatible validation
  • Verifiable in Adobe Acrobat, OpenSSL, and standard validators
  • Can carry a qualified RFC 3161 timestamp where entitled — qualified electronic seals (QES) are on the 2026 roadmap
A sealed document should also be timestamped — the seal proves origin; the timestamp proves when the seal was applied. Sigill.ai makes both happen in a single request.
When does this matter?

Proof only works if it exists before it's questioned.

Compliance audits

Auditors ask when data was created, processed, or approved — and who authorised it. Timestamps answer the when; advanced seals answer the who. Both operate independently of your own systems.

AI

Prove what your model said, and when

Hash and timestamp the full input the model saw and the output it produced. Months later, prove what was asked, what context the model had, and what it answered — to a regulator, an auditor, or a counterparty disputing the record.

Working pattern: timestamped Claude agent →

Software supply chain

Stamp every build artefact at CI time. A year later you can prove the artefact in production is exactly what the build produced — without trusting your own logs.

GitHub Actions: stamp every release →
What you actually get

Evidence infrastructure via API.

RFC 3161 timestamps (standard and qualified, where entitled) and PAdES/CAdES advanced electronic seals, accessible programmatically. Open standards. For platforms that produce evidence automatically — no manual handling required.

Create evidence →Read API docs
Built for systems, not just people
Your platform, CI pipeline, or AI agent calls one endpoint and gets back a standard token or sealed file — no manual handling required.
Independent trust authorities, one integration
Sigill.ai does not ask customers to trust our clock. Each timestamp is issued by an external RFC 3161 timestamp authority. Use tsaSlug=auto for Sigill-managed standard timestamping with internal failover, or address a verified BYOT authority you've configured when policy requires a customer-managed endpoint.
Verifiable organisational origin
An advanced electronic seal applied with your organisation's own certificate binds the record to the entity that issued it. That is different from a self-signed file or a portal audit trail controlled by the same vendor being questioned.
Open standards, no lock-in
Timestamps are standard .tsr files verifiable with OpenSSL. Sealed PDFs conform to PAdES (ETSI EN 319 142-1) and non-PDF files to CAdES (ETSI EN 319 122-1) — both ETSI standards used in eIDAS-compatible validation. Neither format requires Sigill.ai for verification — ever.
EU-hosted, Norway-builtEU · Norway
Data stays in the EU. For DORA, NIS2, and eIDAS buyers, jurisdictional clarity is a purchase criterion, not a footnote. Sigill.ai is infrastructure built in Trondheim and hosted in European data centres.
Built for developers

One POST. Standard output. OpenSSL, PAdES and CAdES compatible.

One endpoint for timestamps, one for seals. Both produce open-standard outputs — .tsr tokens, PAdES PDFs, and CAdES detached signatures — verifiable with commodity tooling, no proprietary formats, no lock-in. Works with your CI pipeline, your agent, your platform.

API docs →AI agent example →CI/CD example →
Timestamp a document or system event
HASH=$(sha256sum document.pdf | awk '{print $1}')
curl -X POST https://api.sigill.ai/tsa/stamp-hash \
  -H "Authorization: Bearer <key>" \
  -d "{\"tsaSlug\":\"auto\",\"hashHex\":\"$HASH\",\"label\":\"doc-2026-001\"}"
Seal a file with your organisation's own certificate
curl -X POST https://api.sigill.ai/seal \
  -H "Authorization: Bearer <key>" \
  -d '{"documentBase64":"<b64_pdf>"}'
Verify — without Sigill.ai
openssl ts -verify \
  -in output.tsr \
  -data model-output.json \
  -CAfile tsa-ca-bundle.pem
# Verification: OK
Get in touch

Technical intro,
or a platform partnership?

We're a small team in Trondheim building independent proof infrastructure. Whether you're evaluating Sigill.ai for a platform or want a technical walkthrough — reach out.

Platform partnershipsTechnical intro
click to reveal email