Verifying a Scrive document
KSI-Sealed Documents
If your document is sealed using KSI, initial verification can be performed via Scrive or Guardtime using Scrive’s verification tool at https://scrive.com/verify.
For long-term, fully independent verification, documents must be stored in the Scrive E-archive for approximately 40 days after signing.
Here’s how the process of KSI-based independent verification works:
Public Hash Publication
On a recurring schedule, Guardtime publishes a top-level (root) hash representing all KSI-sealed documents from a specific period. This hash is printed in widely witnessed media, such as the Financial Times, creating a trusted public timestamp that cannot be retroactively altered by any party—including Scrive or Guardtime.Document Extension
Once the root hash is published, Scrive initiates a process called "document extension". All eligible documents stored in the Scrive E-archive during the sealing period are re-sealed with the newly published hash. This embeds the necessary verification data directly into the document.Independent, Long-Term Verification
After extension, the document can be stored anywhere—on a personal hard drive, cloud service, or external storage—and verified independently, without any reliance on Scrive or Guardtime.
If a KSI-sealed document is not stored in the E-archive during the initial 40-day window, it won’t undergo the extension process. While the seal remains secure, independent long-term verification will not be possible; you will always need to verify the document through Scrive or Guardtime.
PKI-Sealed Documents
When a document is sealed using PKI, it receives a digital signature based on cryptographic key pairs (one private, one public). This allows anyone with the public key to independently verify the document’s authenticity and confirm that it hasn’t been altered since signing.
Verification is simple and can be done at any time using widely available tools like Adobe Acrobat Reader or other PDF signature verification software.