Sealing and verifying a Scrive document

Scrive uses a unique method for tamper-proofing every signed document, which further allows you to independently verify its integrity in the future.

To ensure the integrity of every document, Scrive seals it with a digital signature in partnership with our supplier Guardtime. Guardtime uses a method called Keyless Signature Infrastructure (KSI), which uses blockchain technology. Once a document has been sealed with KSI, you can verify its integrity immediately, a year later, or even decades later.

Scroll down to continue

Sealing of Scrive documents

As soon as all the signatories have electronically signed a document, Scrive creates a unique, digital fingerprint of the file containing: the document, the Evidence Package, and any attachments. To generate this fingerprint, a mathematical function is applied to produce a value known as a "cryptographic hash".

Guardtime organises the hash values of multiple documents into a structure known as a Merkle tree. The combined hash values of all the documents in the Merkle tree are used to compute a single hash value which is assigned to the root of the tree - the top level hash.

Note that diagrams of Merkle trees may depict the root of the tree at the top or the bottom. The important concept is that the top level hash is the root of the tree. It is mathematically linked to all the other hashes in the tree in such a way that you can verify your document’s integrity as long as you have:

  • the sealed document

  • access to the top level hash and trust in its validity

Verifying a Scrive document

In order to verify the signature of a document signed through Scrive, you will need to either verify it directly through Guardtime or the Scrive verification tool. This can be done for up to 40 days after the document was sealed. However, if you store your documents in the Scrive E-archive during this 40 day period, afterwards you will also be able to verify it 100% independently of Scrive and Guardtime (even if you move the document to another storage method).

How it works:

On a periodic basis, Guardtime publishes the top level hash in the Financial Times, which meets the legal standard of “widely witnessed media”. Simply put, the hash has been entered into the public record, so you can trust its validity (no one can change it).

At the time of publication, Guardtime re-seals all Scrive documents that were sealed during the current period and stored in the Scrive E-archive. This happens up to 40 days after the first sealing, and the second seal contains the information you need to independently verify your document. Scrive refers to this step as “extending the document”. Once your document has been extended, you no longer need to store it in the E-archive in order to independently verify it.

Verification only requires the sealed document and access to the hash published in the Financial Times. The process would be as follows:

  • Re-compute the hash of the document

  • Re-create the Merkle tree using the information in the seal.

  • Compare the top level hash to the hash published in Financial Times.

If you have not stored your document in the Scrive E-archive, it will not be extended, i.e., it will not be sealed a second time. This means you will always need to verify it through Guardtime or Scrive. Its integrity will be just as secure, but the seal will not contain the information necessary to independently verify it.

Did you find this guide helpful?