Skip to main content

How verification works

Every PDF produced by Doc E Sign can be verified by anyone, at any time, using only the PDF itself. No Doc E Sign account is required. No internet connection is required. Doc E Sign does not need to exist.

This page explains the verification model in plain terms. It is written for lawyers, counterparties, and judges — not developers. If you want the step-by-step verification algorithm with code examples, see Manual verification.

What is inside every signed PDF

When Doc E Sign produces a signed PDF, it appends an audit page to the document. The audit page contains three things:

A document fingerprint (called the "Original document fingerprint" on the audit page). This is a unique mathematical summary — a SHA-256 hash — of the original document exactly as the sender uploaded it. It proves that the document sent for signature is identical to what the sender submitted. If even a single character in the document had been different, the fingerprint would be completely different.

A signing chain fingerprint (called the "Signing chain fingerprint" on the audit page). This is a unique mathematical summary of the entire signing process: the original document, every event in the signing process (when the link was opened, when the signer consented, when the signature was submitted), and the contents of the completed signed PDF. It proves that the signed document and its event history are unaltered and complete.

A signed event log. A chronological list of every event in the signing process, each with a timestamp and a tamper-evident value. The log includes: when the envelope was created, when the signing invitation was sent, when the signing link was opened, when consent was given, when the signature was submitted, and when the document was completed and sealed.

What each fingerprint proves

The Original document fingerprint proves that the document the signer signed is exactly the document the sender submitted — nothing was swapped or altered between upload and signing.

The Signing chain fingerprint proves three things simultaneously:

  1. The signed PDF in your hands is the exact document that was sealed when signing completed — it has not been altered since.
  2. Every event in the event log happened in the order recorded, with the data recorded — no event has been added, removed, or changed.
  3. The event log and the signed PDF are linked: you cannot swap the PDF for a different one and claim the event log still applies to it.

Both fingerprints are computed using SHA-256, a one-way mathematical function. It is computationally infeasible to produce a document that matches a given fingerprint but has different content.

What verification requires

Verification requires only the signed PDF. The audit page contains everything needed to re-run the verification calculation independently.

You do not need:

  • A Doc E Sign account
  • An internet connection
  • Access to Doc E Sign's servers or database
  • Doc E Sign to continue operating

Doc E Sign also provides an online verification page at doc-e-sign.com/verify, where you can paste the Signing chain fingerprint and receive a confirmation with signing context (date, document title). Online verification is a convenience — it does not add to what the PDF already proves.

What verification does not prove

Verification proves document integrity and event-chain completeness. It does not prove:

  • The identity of the signer beyond what was collected. At Phase 1, Doc E Sign collects the signer's email address. The audit page includes the email address used. It does not independently verify that the person who signed is who they claim to be — it verifies that the signing process was completed by whoever had access to the email address at the time.
  • That the signer read the document. The event log records that the document was displayed and that the signer consented to the signing process. It does not record reading time or comprehension.
  • Legal enforceability in your jurisdiction. Electronic signatures are legally recognised in most jurisdictions (eIDAS in the EU, ESIGN and UETA in the US, and equivalent legislation elsewhere), but the specific legal weight depends on the jurisdiction and the nature of the document. Seek legal advice for documents where enforceability is in question.

For the technically inclined

The Signing chain fingerprint is not a direct hash of the signed PDF. It is the final value in a SHA-256 hash chain computed across the complete signing process. Each step in the chain incorporates the previous step's value, so altering any event — or the order of events — produces a completely different final value.

The full algorithm, field definitions, and reference implementations in JavaScript, Python, and shell are at Manual verification.