← All posts
·Sigill team

Sigill is now public

Proof only works if it exists before it is questioned. We are making Sigill's independent cryptographic evidence layer public today.

announcementlaunchpublic

Sigill is now public

Your digital records will be challenged. Not all of them. Not every day. But the records that matter most are often questioned later, when the original system is no longer enough.

An approval may need to be explained. A release artifact may need to be proven unchanged. An AI-generated output may need to be traced back to what existed when it was produced.

Most systems already keep logs. But logs usually belong to the same system being questioned. If a system can produce a record, edit it, and control the log that describes it, the evidence is still tied to the system itself.

Sigill adds independent cryptographic evidence next to those systems. It can show what existed, when it existed, who or what issued it, and whether the original record has changed since. We are making it public today.

Evidence before the question arrives

The core idea is simple: proof only works if it exists before it is questioned.

When a digital record matters, Sigill creates evidence around it at the time it is produced, received, processed, or shared. That evidence can later show what existed, when, and whether the original file, payload, output, event, or artifact still matches the proof created for it.

Sigill is not meant to replace the systems where work already happens. Business platforms, AI services, integration layers, storage systems, CI/CD pipelines, and operational tools keep doing what they already do. Sigill sits beside them as an evidence layer. The system of record keeps producing the business output. Sigill creates independent proof around selected records and makes it verifiable later.

Beyond ordinary logs

A log helps explain what a system believes happened. Cryptographic evidence can prove that a specific record existed at a specific point in time and still matches the proof created for it. Those solve different problems.

Logs are important. We use them ourselves, for operations, debugging, monitoring, and incident response. But they are usually internal. They often depend on access to the original system, may be retained for a limited time, and can sometimes be changed by the same organization that produced the original record. That does not make logs useless. It means logs and evidence are not the same thing.

Why this matters now

More business-critical work is becoming automated. AI systems are moving from experiments into real workflows. Software delivery is faster and more distributed. Companies exchange more data through APIs. Internal systems increasingly make recommendations, trigger actions, and produce outputs that humans later rely on.

At the same time, expectations around auditability, traceability, and control keep rising. In that environment, "the system says so" is not always good enough. The question becomes whether a record can be verified outside the system that produced it. For some records, the answer needs to be yes.

Built on external trust, not private claims

Sigill is built around open standards and existing trust infrastructure. Where it uses timestamp authorities, certificates, or other external trust services, the cryptographic trust comes from those authorities. Sigill's job is to make that trust practical to use from ordinary software.

That distinction matters to us. We do not want Sigill to become another black box. The point is the opposite. Evidence should be inspectable, portable, and verifiable. A customer, partner, auditor, or an external party should be able to check what was proven, when, and whether the original record still matches. Sigill helps create, route, preserve, and verify that proof. Understanding what happened should not require blind trust in Sigill.

Where we are starting

We are starting with practical use cases where evidence can be added without redesigning an entire platform:

  • Timestamping files, hashes, payloads, and system events
  • Creating evidence for AI prompts, responses, and generated outputs
  • Verifying that a file or payload matches previously created evidence
  • Adding proof to CI/CD pipelines and release artifacts
  • Supporting long-term validation for records that may need to be checked years later

The use cases differ, but the need is the same. Some records become important later. When they do, the proof should already exist.

Who we are

Sigill AS was founded by Hallvard Olaisen and Raymond Pettersen.

We have both spent years building and operating business-critical software, cloud platforms, and security-sensitive systems where reliability, traceability, and trust matter in practice. Sigill comes from that background: a practical engineering response to a problem we expect more teams to face as software, automation, and AI become more deeply embedded in business workflows.

The original idea started several years ago. A first prototype was built in 2023. In 2026 we brought the work back, established Sigill AS, and began building it with the focus it deserves.

What comes next

We are still early, but the direction is clear. We want Sigill to be a focused evidence layer for modern digital systems: practical for developers, understandable for businesses, careful about trust claims, and useful wherever proof matters.

Digital records are easy to create. They should also be possible to prove.

If you are working with AI evidence, API-driven audit trails, release verification, or long-term proof for business-critical records, we would like to hear from you. Get in touch at contact@sigill.ai.

More from the blog