What's in the sealed audit PDF we hand back.
When the completion certificate is produced
The moment the last required signer signs, we generate a sealed completion certificate as a separate PDF (it accompanies the signed contract, not embedded into it). Downloadable from the dashboard, the email, or the public proof URL — for the rest of the document's life.
What's in it
The document hash (SHA-256). Each signer's: name, email, signing time, viewing IPs, the certificate serial that sealed their signature, the RFC 3161 timestamp authority's response, and (when SMS-verified) the masked phone number. Every event between send and completion in chronological order: invited, viewed, started, completed.
How it's sealed
The completion certificate is itself a PAdES-B-T signed PDF, signed with the same letssign.now certificate that seals the contract, plus its own RFC 3161 timestamp. The certificate proves both that the contract was signed AND that the audit log hasn't been altered.
Public verification — /verify
Drop the contract on /verify and we re-hash the bytes, look them up against every document we've issued, and produce the same audit trail anyone can independently confirm. No login. No upload tracking. The proof is the document itself.
Have a question this page didn’t answer? Email sales@letssign.now — our DPA, security overview, and infosec answers are available on request.