sign-cli web demo

sign-cli · live demo

Sign documents with a CLI you can audit.

A small, scriptable signing service. Sends requests, collects signatures, and links every state change into a tamper-evident hash chain. The whole API surface is below — wired to a live read-only backend.

View on GitHub → Run it locally

Backend was idle — waking it up now. First load takes a few seconds.

01

The signer's inbox

When you send a document with sign request send, every signer gets a tokenized link. The API returns a per-signer view — they only see requests addressed to them.

Below is the call POST /v1/signer/list made against this demo's seed data. Click any row to load it into the next step.

POST /v1/signer/list

No requests in the demo seed.

02

What's inside a request

Each request carries its full state: the original document, every signer with their individual status, and the audit metadata that links it into the hash chain (next step).

The live response from POST /v1/request/show drives the panel. The structured view is rendered from the JSON — same data, two presentations.

POST /v1/request/show

Pick a request from step 01 to inspect it.

Loading snapshot…

Signers

Audit metadata
Audit head

Example: signed PDF with an embedded signature image

SVG signature rasterized at ~300 DPI, stamped onto the page, then sealed with a per-signer PAdES envelope. Tampering with either the image or the text breaks the cryptographic verification.

↓ Download .pdf

03

The audit chain

Every state mutation — request created, signer signed, signer declined — appends an entry to a per-request hash chain. Each entry hashes the previous one, so a single tampered row breaks the chain everywhere downstream.

sign audit scan walks every chain in the database and verifies the linkage. Below it's wired to POST /v1/audit/scan.

POST /v1/audit/scan

No scan yet. Hit "Run audit scan" to verify every chain in the database.

✓ All chains verified broken chain(s) detected

· · 0 broken links

Run it yourself

The demo above is read-only. Locally you get the full thing — send, sign, decline, reissue tokens, export receipts, plus Dropbox Sign and DocuSign provider adapters.

One-line demo (spins up an in-memory database, opens the same UI):

npx sign-cli demo
GitHub repo README + install guide Changelog