Evidence infrastructure for autonomous systems

Make every AI agent action provable.

Durable, independently verifiable evidence of who acted, on whose behalf, under which authority, and when.

For timestamping and hash-based sealing, content stays in your systems and Sigill receives only digests and metadata.

Putting consequential agent actions into production? Become a design partner

Evidence recordSealed
Agentclaims-review-agent
On behalf ofuser u_8821
Authorityclaims:approve <= EUR 50,000
OrganisationNordhavn Forsikring
Actionclaim.approved · EUR 48,200
Time2026-03-04 09:14:32 UTC
Independently verifiable

RFC 3161 · sealed at execution · unaltered

The problem

AI agents now approve claims, move money and ship code. When one of those actions is disputed, an internal log cannot independently prove what happened.

It lives in the same system that produced it, it can be edited after the fact, and it carries no independent proof of who acted, under what authority, or when.

How it works

Use the APIs that exist today. Hash, timestamp, seal, verify.

Sigill exposes focused endpoints for the trust mechanisms: RFC 3161 timestamping, PAdES/CAdES sealing, and verification. You choose the right surface for the record you need to prove.

01

Hash locally

For timestamps and hash-based seals, compute the digest in your system. The payload body does not need to leave your environment.

02

Anchor or seal

Create an independent timestamp, attach a detached CAdES seal, or produce a sealed document using the trust surface that fits the record.

03

Verify independently

Recipients can verify the timestamp, seal, and document integrity with open standards and ordinary validation tooling.

Timestamp a document or system event

POST /tsa/stamp-hash
  hashHex   sha512:b2...f0
  label     agent-output-2847
  tsaSlug   auto
→ RFC 3161 timestamp token

Seal a digest with CAdES

POST /seal/sign-hash
  hashHex        sha256:b2...f0
  certificateId  org-cert-01
  format         cades
→ detached CAdES signature

Verify — without trusting Sigill

openssl ts -verify -in evidence.tsr \
  -digest b2...f0 -CAfile tsa.pem
→ Verification: OK
  no Sigill required

What we prove, precisely

Sigill independently proves that the presented bytes or digest match the evidence created at the time, and that the timestamp or seal validates. It does not prove that the originating application supplied complete or truthful context.

What gets recorded

The actions someone will eventually ask about.

For AI platform teams, Heads of AI, CTOs, CISOs and risk owners responsible for autonomous systems in production.

claims-review-agent

Approved a EUR 48,200 insurance claim

A payout was authorised autonomously. Months later the decision is disputed, and someone has to show the basis and timing.

treasury-agent

Released a EUR 120k supplier payment

Money moved on the agent's authority. Finance needs to prove who sanctioned it, and that the figure was not changed after.

deploy-agent

Merged and shipped to production

A change reached customers with no human in the loop. An incident review needs an untampered trail of what ran.

kyc-agent

Cleared a customer through onboarding

An identity decision was automated. A regulator later asks for the evidence behind it, and when it was made.

Technical foundation

Open cryptographic standards. A portable evidence layer.

The mechanisms beneath Sigill are standard, well-understood primitives — not a black box you take on faith.

RFC 3161

External, independent timestamps from RFC 3161 timestamp authorities. Qualified timestamping is available where your account and policy are entitled.

PAdES / CAdES

Advanced electronic seals over documents and digests using PAdES for PDFs and CAdES for detached signatures.

BYOC

Use your own organisational certificate for customer-issued records, or Sigill's platform certificate for Sigill-issued artefacts.

Open verification

Verify with OpenSSL, Adobe Acrobat, EU DSS and standard validation tooling — not just Sigill.

EU hosted

Built in Norway and hosted in Europe for teams that need jurisdictional clarity.

Qualified roadmap

Qualified electronic seals are on the roadmap. Today Sigill provides advanced electronic seals and does not claim to issue QESeals.

Governance describes the control environment. Sigill makes individual agent actions independently verifiable.

The evidence layer beneath your governance, observability and control stack — not a replacement for it.

Get started

Start producing evidence today.

Create an account and get an API key in minutes — or partner with us on consequential agent actions.

Self-serve

Get started

Create an account, get an API key, and start anchoring evidence with independent timestamps and electronic seals.

Design partner

Become a design partner

For teams putting consequential agent actions into production. We will harden agent evidence with you — in production, with your stack.

Get in touch

Send a message

EU-hosted · independent evidence layer · hash-first APIs