Security Brief

How Microsign Protects Your Agreements

Document v1.0 · January 2026

If there's ever a dispute, you have proof.

Every signature creates a cryptographic fingerprint of exactly what was agreed, when it was agreed, and who agreed to it. The record cannot be altered without detection.

§1 What We Protect

1.1The exact text of your agreement. When you sign, we compute a SHA-256 hash of the document content. The same text always produces the same fingerprint. Change a single character, and the fingerprint is completely different.
1.2Who signed and when. Each signer gets their own record binding them to a specific revision at a specific timestamp. If two parties signed different versions, the hashes will differ.
1.3Your complete revision history. Earlier versions are preserved, not overwritten. The record shows what changed and when, with every amendment requiring explicit acknowledgment.

§2 How Verification Works

Doubt what was signed? Verify it yourself.

Every commitment has a public verification endpoint. Query it to retrieve the content, signatures, and cryptographic hashes. Recompute the hash yourself using our documented format. If it matches, the content is untouched.

# Get verification data for any commitment
GET /api/v2/verify/{shortCode}

# Response includes:
"signatures": [{
  "content_hash": "7f3a9b2c4d5e...",
  "signed_at": "2026-01-25T...",
  "algorithm": "sha256"
}]

The math is public. The verification is yours to run.

§3 What Happens In A Dispute

Most disputes never reach a courtroom. They end when both parties have an unambiguous record of what was agreed.

If someone claims they agreed to different terms, the hash says otherwise. If content was altered after signing, the hash says otherwise. The cryptographic fingerprint makes denial expensive. Not impossible. Expensive.

You can export a PDF with all signatures and hashes embedded. You can query the API independently. You can provide either to a mediator, lawyer, or judge as evidence of what was actually agreed.

§4 What We Don't Claim

Honesty requires saying what we are not:

  • Not a legal contract. Microsign creates evidence of agreement, not a legally binding contract. Courts decide enforceability. We ensure both parties can prove what was agreed.
  • Not blockchain. Records are stored in a database, not a distributed ledger. No merkle trees, no cryptographic chaining between records. Each signature stands alone.
  • Not impossible to tamper. A database administrator with full access could theoretically modify both content and hash. What we prevent is silent, undetectable modification by normal means.
  • Not a substitute for lawyers. For high-stakes agreements, consult legal counsel. We create clarity, not legal protection.

MICROSIGN SECURITY BRIEF · V1.0

Architecture, not promises.

Record Your First Agreement →