Verify SignForge-signed documents offline. No account needed, no internet needed for cryptographic verification.
Most e-signature platforms lock your proof inside their ecosystem. If the vendor disappears, your proof disappears. SignForge takes a different approach: every signed document contains a complete, self-verifying cryptographic proof bundle using open standards.
This package lets anyone verify a SignForge-signed document -- developers, auditors, legal teams, or even AI agents -- without needing a SignForge account or any internet connection.
"Don't trust us. Verify yourself." -- SignForge Trust Architecture
Every SignForge-signed document contains a cryptographic proof bundle. This package verifies:
- W3C Verifiable Credential -- ECDSA P-256 DataIntegrityProof (ecdsa-jcs-2019)
- JAdES JWS -- EU-standard ES256 compact signature (ETSI TS 119 182)
- Merkle transparency proof -- RFC 6962 inclusion proof against a signed tree head
- RFC 3161 timestamp -- DigiCert TSA timestamp presence
- Signer identity credentials -- per-signer W3C VCs
- DID:web platform identity -- DID document snapshot
pip install signforge-verifyFor PDF verification (optional):
pip install signforge-verify[pdf]1 dependency: cryptography (widely used, well-maintained).
PyMuPDF is optional -- only needed to extract proof from PDFs.
from signforge_verify import verify
# Verify a signed PDF
result = verify("document-signed.pdf")
print(result["valid"]) # True
# Verify a .proof.html file
result = verify("document.proof.html")
print(result["checks"]["vc_signature"]["status"]) # "pass"# Verify a signed PDF
signforge-verify document-signed.pdf
# Verify a proof document
signforge-verify document.proof.html
# JSON output (for scripting / CI pipelines)
signforge-verify document-signed.pdf --jsonExample output:
============================================================
SignForge Proof Verifier
============================================================
File: document-signed.pdf
Format: v1.0
✓ Vc Signature: ECDSA P-256 DataIntegrityProof verified
✓ Jades Jws: ES256 JAdES JWS verified
✓ Merkle Proof: Merkle inclusion verified (tree size: 23)
• Timestamp: RFC 3161 timestamp from DigiCert at 2026-04-15T11:56:56Z
✓ Signer Identities: 1 signer identity VC(s) verified
• Did Snapshot: DID document captured at 2026-04-15T11:56:56Z
✅ DOCUMENT VERIFIED
============================================================
Run all verification checks on a signed PDF or .proof.html file.
Returns a dict with:
valid(bool) -- overall verification resultchecks(dict) -- individual check resultsfile(str) -- input file pathformatVersion(str) -- proof format version
Extract the proof bundle from a signed PDF. Requires PyMuPDF.
Extract the proof bundle from a .proof.html file.
Verify a W3C VC DataIntegrityProof signature.
Verify a JAdES compact JWS (ES256).
Verify a Merkle inclusion proof (RFC 6962).
SignForge embeds a W3C Verifiable Credential and supporting cryptographic proofs inside every signed document. This verifier:
- Extracts the proof bundle from the document
- Imports the embedded ECDSA P-256 public key (JWK format)
- Verifies the VC signature using JCS canonicalization (RFC 8785)
- Verifies the JAdES JWS signature
- Verifies Merkle inclusion against the transparency log tree head
- Reports timestamp and identity credential status
All verification happens locally -- no network requests, no SignForge servers involved.
Learn more:
- Verification Architecture -- technical deep-dive for developers
- Proof Format Specification v1.0 -- full bundle schema reference
- Online Verifier -- verify documents in your browser
- Developers -- integrate document verification into your app or CI pipeline
- Legal & Compliance -- independently audit e-signature validity
- AI Agents -- let ChatGPT or Claude verify documents via tool use
- Archival -- confirm document integrity years after signing, even if SignForge no longer exists
- SignForge -- Free e-signature platform. Sign documents in seconds.
- SignForge Verify (online) -- Verify documents in your browser
- @signforge/verify (npm) -- JavaScript/TypeScript verification package
- Sign PDF Online Free -- Sign PDFs without creating an account
MIT