Skip to main content

Sealing and verifying a Scrive document

Scrive uses a unique method for tamper-proofing every signed document, which further allows you to independently verify its integrity in the future.

To ensure the integrity of every document, Scrive seals it with a digital signature in partnership with our supplier Guardtime. Guardtime uses a method called Keyless Signature Infrastructure (KSI), which uses blockchain technology. Once a document has been sealed with KSI, you can verify its integrity immediately, a year later, even decades later.

Scroll down to continue

Sealing of Scrive documents

As soon as all the signatories have electronically signed a document, Scrive creates a unique, digital fingerprint of the file containing: the document, the Evidence Package, and any attachments. To generate this fingerprint, a mathematical function is applied to produce a value known as a "cryptographic hash".

Guardtime organises the hash values of multiple documents into a structure known as a Merkle tree. The combined hash values of all the documents in the Merkle tree are used to compute a single hash value which is assigned to the root of the tree - the top level hash.

The important concept is that the top level hash is the root of the tree. It is mathematically linked to all the other hashes in the tree in such a way that you can verify your document’s integrity as long as you have:

  • the sealed document

  • access to the top level hash and trust in its validity

Verifying a Scrive document

For up to 40 days after your document is sealed, regardless of where you store it, you need to verify it with Guardtime, or with Scrive using our online verification tool at However, if you store your document in the Scrive E-archive during this period, afterwards you will also be able to verify it 100% independently of Scrive and Guardtime (even if you move it to another storage method). Here’s how it works:

On a periodic basis, Guardtime publishes the top level hash in Financial Times, which meets the legal standard of “widely witnessed media”. Loosely speaking, the hash has been entered into the public record, so you can trust its validity (no one can change it).

At the time of publication, Guardtime re-seals all Scrive documents that were sealed during the current period and stored in the Scrive E-archive. This happens up to 40 days after the first sealing, and the second seal contains the information you need to independently verify your document. Scrive refers to this step as “extending the document”. Once your document has been extended, you no longer need to store it in the E-archive in order to independently verify it.

If you don’t store your document in the Scrive E-archive, it will not be extended, i.e., it will not be sealed a second time. This means you will always need to verify it through Guardtime or Scrive. Its integrity will be just as secure, but the seal won’t contain the information necessary to independently verify it.

Note that Guardtime is regarded as a trusted authority by partners including Boeing, Lockheed Martin, Ericsson, DARPA and the US federal government. See for more information.