Hallvard Olaisen
Co-founder
Three decades operating regulated systems. COO at Signicat 2013–2020; CTO and now R&D Director at House of Control. ISO 27001 and ISAE 3402 audited environments, eIDAS, GDPR, Schrems II.
About
An evidence layer for digital records.
Sigill.ai is API-first infrastructure for proving what existed, when it existed, and who stood behind it — using open cryptographic standards rather than proprietary schemes. Built by engineers with long backgrounds in identity, qualified trust services, and regulated SaaS.
Origin
2020. A timestamping hub.
The idea behind Sigill.ai first surfaced in 2020 — at the napkin level, not yet code. It grew out of years spent around identity, trust services, regulated SaaS, and systems where auditability had to survive real scrutiny. The problem stayed with us: trusted evidence existed, but it was still too difficult for ordinary software teams to integrate correctly.
The original goal was narrow: make trusted timestamping easier to consume through an API, and less tied to any single provider.
The idea became code on 11 April 2023 — a working prototype that proved developers could create verifiable timestamp evidence without learning the entire trust-service stack first. It was never publicly disclosed.
The problem was real. The timing was not. Covid, day jobs, operational responsibilities, and other priorities pushed the project to the side. The need did not disappear; it just waited.
What changed
AI and the regulatory tailwind.
By the time the idea was revisited, the question had widened. It was no longer only "how do we prove when this document existed" — it had become "how do we prove what an automated system did, with what data, and when", and "how do we make that evidence survive outside the system that produced it."
The regulatory picture pointed in the same direction. The EU AI Act, NIS2, DORA, and the updated eIDAS framework all raised the bar on integrity, traceability, and auditability — for documents, for API calls, for AI workflows, for software releases, and for decisions made by systems rather than people.
Sigill.ai was revitalised in 2026 with that broader brief: not only PDFs, not only signatures, not only traditional compliance archives — but a general-purpose evidence layer that fits the way modern systems actually generate records.
What it is today
An API-first evidence layer.
Today, Sigill.ai combines cryptographic timestamping (RFC 3161, routed to independent Timestamp Authorities), document sealing (PAdES for PDFs, CAdES for everything else), long-term validation, and independent verification — in one developer-facing platform.
Sigill.ai is not a Trust Service Provider. It is a hub that routes to one. Every qualified timestamp is issued by a TSA listed on the EU LOTL. Standard timestamps are issued by external Timestamp Authorities. Every seal is bound to a certificate issued by an external Certificate Authority. The cryptographic trust rests on those external authorities — and every proof we produce can be verified independently, with standard tools, without Sigill in the loop. The technical details are documented in our Trust Center.
Three audiences are explicitly in scope: AI and agent systems where model output needs to be anchored to evidence before disputes; regulated platforms that have to defend records against scrutiny; and software supply chains where build outputs need a cryptographic anchor that outlasts the CI run.
Founders
Two engineers, with operating history.
Sigill.ai is built by two engineers who first worked together at Signicat — a Norwegian electronic-identity provider supervised under eIDAS — and have since spent years operating regulated systems at Accenture, House of Control (Visma), and elsewhere. Full role history and background are available on the founders page.
Where to go next