The part of Sigilbase that works without Sigilbase.
Every claim this product makes comes down to one file: a standalone, open-source verifier that checks an evidence bundle with no network, no account, and no code from us. It ships inside every bundle, so whoever holds the evidence holds the means to check it. This page is what "open verifier" on the homepage actually means.
No event in the exported range differs by one byte from what was sealed. Every fingerprint is recomputed from the raw data in the bundle, not read from a summary.
Within the exported range nothing was removed, inserted or reordered. Sequence numbers are dense, the chain closes, and every sealed range rebuilds to the root that was signed.
Checkpoints chain to each other, so a sealed period cannot be quietly dropped, and every seal carries a valid Ed25519 signature from a listed public key.
$ unzip evidence-bundle.zip
manifest.json events/ checkpoints/ verify.php
$ php verify.php ./evidence-bundle
hash chain ......... ok
merkle roots ....... ok
signatures ......... ok
PASS: every check held
$ curl https://sigilbase.io/api/v1/keys
# compare against manifest.json: anchors the bundle
# to our identity, not merely to itself
Independence is the point.
The verifier is a single PHP file with no dependencies: no package manager, no autoloading, no imports from the Sigilbase application. It intentionally reimplements every calculation rather than sharing code with the system it checks. It runs anywhere PHP 8.1 or newer runs.
The source is short enough to read in a sitting, and the bundle format specification is published so your own specialists, or any third party, can write an independent verifier from scratch. If ours had a convenient bug, a reimplementation would catch it.
Every evidence bundle carries its own copy of the verifier, the public signing keys, and every proof it needs. An auditor with the file has everything; Sigilbase being unreachable, or gone, changes nothing.
What a PASS does not mean.
Tamper-evidence starts at ingestion, not before. What the verifier proves, it proves absolutely; these four things sit outside it, and we say so plainly.
It does not prove events were true when written. A false statement is sealed just as faithfully as a true one.
It does not prove the exported range is the whole story, only that the range in the bundle is intact.
It does not cover the minutes between an event arriving and its checkpoint being sealed. The seal's timestamp shows when rigidity began.
It does not identify people. The actor field is whatever the writing system claimed it was.
The full statement of guarantees and limits, written for auditors, is at how verification works.
Join the waitlist
Building now. Early access for teams whose evidence must stand on its own.
Could not save your email. Try again or write to hello@sigilbase.io.
No spam, one email when it opens.