σ CertiSigma Swiss trust layer

Public verification · Privacy by design

Cryptographic proof
for digital evidence

CertiSigma seals SHA-256 digests with three independent layers of proof — ECDSA signature, qualified TSA timestamp and Bitcoin anchoring. Prove that a file existed and was not modified, without ever uploading its content.

Verify a hashDeveloper docsOpen console

Public verification sends only the SHA-256 hash. Original content stays on your device — no upload, no tracking.

Trust model

Three independent layers of proof

Every attestation is sealed in stages. Each stage is signed by a different entity, so removing or compromising one layer does not invalidate the others.

T0 Immediate · synchronous Stage 1 / 3

ECDSA P-256 signature

A server-side ECDSA signature is issued the moment your SHA-256 digest is registered with CertiSigma.

  • Latency: Synchronous (milliseconds)
  • Witness: CertiSigma signing key
  • Verifier: API & SDK
T1 Sealed within ~1 minute Stage 2 / 3

Qualified TSA timestamp

Your attestation is included in a Merkle batch and timestamped by a qualified Time Stamping Authority under eIDAS.

  • Latency: Next minute-aligned sealing window
  • Witness: Sectigo Qualified TSA
  • Verifier: RFC 3161 + TSA cert chain
T2 Anchored within hours Stage 3 / 3

Bitcoin / OpenTimestamps anchor

The same digest is anchored into the Bitcoin blockchain through the OpenTimestamps protocol, witnessed by proof-of-work.

  • Latency: Hours (OTS calendar + Bitcoin confirmation)
  • Witness: Bitcoin proof-of-work
  • Verifier: OpenTimestamps + any Bitcoin node

What CertiSigma proves — and what it does not

CertiSigma proves that a SHA-256 digest was attested at a given time and sealed by independent witnesses. It does not prove authorship, ownership, copyright, novelty or the truth of the underlying content. Pick the cryptographic layer that matches the legal or forensic claim you need to make, and never imply more than the layer can support.

For developers

Built for developers

Drop CertiSigma into any pipeline with first-party API, SDKs and bulk tooling. All resources live under developers.certisigma.ch.

All developer resources →
API REST · OpenAPI

OpenAPI reference. Single hash, batched verify, scan, share tokens, webhook delivery.

Open API docs →
SDKs Python · JavaScript

Type-safe Python and JavaScript clients. Sync and async, file and string helpers, evidence bundle.

Open SDKs docs →
Census Bulk · Forensic

Bulk attestation, derived lists and forensic scanning at large scale, with HMAC-derived listing.

Open Census docs →

Ecosystem

Real products built on CertiSigma proofs

CertiSigma is the underlying trust layer. Here is one of the consumer products that runs on top of it.

ExistBefore

Consumer product

Prove that digital evidence existed before a reference date. ExistBefore turns CertiSigma verification into a forensic-friendly UX for end users.

Visit ExistBefore
© 2026 CertiSigma · Cryptographic evidence infrastructure No tracking · No cookies · No uploaded content
T0

Immediate · synchronous

ECDSA P-256 signature

T0 is the on-call cryptographic receipt. It is created the moment your SHA-256 digest is registered, before any external sealing happens.

Cryptographic primitive
ECDSA over NIST P-256 with SHA-256 message digest (FIPS 186-4).
Signed payload
Your SHA-256 digest plus server metadata: attestation id, UTC timestamp, format version.
Signer
A CertiSigma signing key whose public counterpart is published via the API for offline verification.
What it proves
That the digest was registered with CertiSigma at the recorded UTC time, signed by a key under CertiSigma control.
How to verify
Fetch the evidence bundle via the API and re-check the ECDSA signature locally with the published public key.
Limit
Trust depends on the integrity of the CertiSigma signing key. T1 and T2 add witnesses outside CertiSigma.
T1

Sealed within ~1 minute

Qualified TSA timestamp

T1 binds your attestation to a third-party qualified timestamp under eIDAS, witnessed by an authority outside CertiSigma.

Cryptographic primitive
SHA-256 Merkle tree over the batch, RFC 3161 timestamp token over the Merkle root.
Sealing cadence
Periodic, currently aligned to the next minute boundary; attestations are sealed in batches.
Witness
Sectigo Qualified Time Stamping Authority — eIDAS qualified, publicly trusted certificate chain.
What it proves
The Merkle root containing your attestation existed before the TSA timestamp, attested by a qualified third party.
How to verify
The evidence bundle returns the Merkle inclusion path plus the RFC 3161 token. Verify with any compliant verifier and the TSA root certificate.
Limit
Trust extends to the TSA qualification chain. T2 adds an independent witness with no shared trust assumption.
T2

Anchored within hours

Bitcoin / OpenTimestamps anchor

T2 lifts your attestation onto a public blockchain witness, completely independent of CertiSigma and any qualified authority.

Cryptographic primitive
SHA-256 commitment folded into the OpenTimestamps calendar and ultimately included in a Bitcoin block header.
Anchor
The Bitcoin blockchain via the OpenTimestamps protocol; the OTS proof is attached to the evidence bundle once confirmed.
What it proves
The attestation existed before a specific Bitcoin block was mined — verifiable with no trust in CertiSigma or any TSA.
How to verify
Run `ots verify` from the OpenTimestamps client against any Bitcoin node, or use any third-party OTS verifier.
Independence
No shared trust assumption with T0 or T1. Compromising CertiSigma keys or the TSA does not invalidate this layer.
Limit
T2 proves existence at anchor time, not the precise registration time. Combine with T0 / T1 for sub-minute timing.