SEAL — Sealed Evidence, Anchored to a Ledger.
The open standard for proving any file is real. One sealed artifact, one way to check it, verifiable by anyone, forever. Seal with any conforming tool; anyone can verify it with any other.
A PAdES signature over every byte, chaining to a published root.
The proof travels inside the file — everything needed to verify is right there.
The file's fingerprint, timestamped the moment it existed.
Written to Bitcoin — a public clock no one owns.
Two independent parts — a seal (integrity + which certificate issued it) and an anchor (when it existed) — plus one convention for referencing a proof (/d/<sha256>). Everything needed to verify travels with the proof itself.
Open to verify. Open to implement. Impossible to lock up.
Verification stands on the published root, public standards, a public transparency log, and a public ledger — everything a verifier needs travels with the proof.
Any tool may seal or verify to the standard — free and open to everyone. A standard PAdES/X.509 validator plus the stock OpenTimestamps client is enough.
SEAL proves a document is unaltered and existed by a date. That’s the guarantee — complete, and permanent. Who sealed it is attribution by channel, and the standard is precise about the difference.
Two checks, both independent of us
02:68:6D:EE:20:67:31:C4:59:C1:7A:9F:58:36:7B:0B:0B:BA:5D:24:C6:85:D8:6D:1F:74:49:86:2D:C0:FE:BE · root of trust.otsproof against the public Bitcoin ledger with the stock client — no Let’s Seal server involved:ots verify sealed.pdf.ots
Never a “pass” from a valid-but-untrusted seal. The anchor then adds independent proof of when it existed.
A published standard, open to everyone
SEAL is a published, versioned standard for a document proof: a PAdES/X.509 signature over the whole file, an OpenTimestamps anchor on Bitcoin, pinned to a public root. One self-contained artifact, one way to check it — the way the OpenAPI Specification or a sitemap is a standard anyone can implement without asking permission.
Let’s Seal is the project and the free network; SEALis the open standard it publishes. Seal a document through Let’s Seal and it conforms to SEAL — and so does anything anyone else builds to it.
Reference implementation: a standalone verifier (spec/verify.py) and the Apache-2.0 signing service. Verifying a SEAL proof needs a standard PAdES validator plus ots verify — that is the entire dependency list.