E-Signatures
Cryptographic Audit Trail
Understanding the cryptographic audit trail and signature verification process in Zelosify.
Audit Trail Components
Every signature transaction generates a comprehensive audit trail:
| Event | Recorded Data |
|---|---|
| Document Created | Timestamp, creator, document hash |
| Invitation Sent | Timestamp, recipient email, delivery confirmation |
| Document Viewed | Timestamp, viewer IP address, user agent |
| Fields Completed | Timestamp, field values entered |
| Signature Applied | Timestamp, signer IP, signature method (draw/type/upload) |
| Document Completed | Timestamp, final document hash, all signer data |
| Reminder Sent | Timestamp, recipient |
| Document Voided | Timestamp, reason, who voided |
| Document Declined | Timestamp, decliner, reason |
Accessing the Audit Trail
- Open any completed (or in-progress) signature request
- Click the "Audit Trail" tab
- View the complete chronological event log
- Download as PDF (for internal records and verification logs)
Certificate of Completion
Generated automatically when all parties sign. Contains:
- Document title and unique transaction ID
- All signer details (name, email, signing timestamp, IP address)
- Signing method for each signer
- Document integrity hash (SHA-256)
- Ephemeral cryptographic certificate signatures for tamper-detection
Tamper Evidence
- Documents are hashed (SHA-256) at the time of sending
- Final signed document is hashed again
- Any modification after signing would invalidate the hash
- The certificate proves the signed document hasn't been altered
Usage and Internal Verification
- Cryptographic Soundness: The system ensures integrity and attribution using standard SHA-256 document hashing and audit logging.
- Internal Governance: This audit trail is designed for internal organizational accountability, vendor SOW approvals, and workflow verification.
- Legal and External Claims Disclaimer: The system does not maintain third-party certificate authority checks or qualified electronic signature certifications under frameworks like eIDAS (EU) or formal state licensing. For legally binding external contracts requiring certified verification, use your corporate authorized third-party e-signature services.