docimprint
Try live

← All docs

On this pageEvidence bundles

Evidence bundles

Aly Sawft · Founder & Engineer, Sawftware LLC ·

What is in a DocImprint evidence bundle?

manifest.json listing artifact SHA-256 hashes, EIP-191 signature, screenshot PNG, PDF, Markdown, OCR text, and optional Merkle root for citation proofs. Verify free with GET /v1/extract/{id}/verify.

Evidence bundle

Every stored extract produces a verifiable evidence bundle: Markdown, screenshot, OCR text, structured data, a SHA-256 manifest, signature.json (EIP-191 metadata), and optional Base L2 attestation. Complete bundles require a platform signature for valid: true on deep verify. Auditors can verify offline: download the ZIP, recompute manifest.json SHA-256, verify the signature against GET /v1/keys (active and retired keys), and check Merkle citation proofs — without trusting our database.

  • Deep verifyGET /v1/extract/:id/verify re-fetches R2 and recomputes every hash (409 on tamper; unsigned complete bundles fail)
  • Citation proofsPOST .../verify-citation returns Merkle proof[]
  • Version history — pass parent_bundle_id; query GET .../history
  • Legal holdPUT .../hold blocks delete/GC; hold and handoff events are audit-logged (handoffs are application-layer, not cryptographically signed)
  • GET /v1/extract/{id}Free

    Bundle status

    Retrieve manifest and artifact references.

  • GET /v1/extract/{id}/verifyFree

    Verify bundle

    Deep-verify: recompute manifest + artifact SHA-256 from storage; 409 on tamper.

  • POST /v1/extract/{id}/verify-citationFree

    Verify citation

    Merkle inclusion proof for a chunk_id + quoted text.

  • GET /v1/extract/{id}/historyFree

    Version history

    Document version chain via parent_bundle_id / superseded_by.

  • PUT /v1/extract/{id}/holdFree

    Legal hold

    Block retention GC on a bundle (law-firm compliance).

  • GET /v1/extract/{id}/downloadFree

    Download ZIP

    Stream all artifacts as a single archive.

  • POST /v1/extract/{id}/notarize$0.05

    Notarize

    Anchor manifest hash on Base L2.

bashDeep verify (free)
curl https://api.docimprint.com/v1/extract/ev_abc123/verify
# Deep verify (default): re-hashes manifest + artifacts from R2
# Add ?quick=true for status-only check
bashPublished signing keys
curl https://api.docimprint.com/v1/keys
# Returns active and retired secp256k1 keys (key_id, signer_address, retired_at)
# Use with manifest signature + signature.json from the bundle ZIP for offline verify
bashVersion history
curl https://api.docimprint.com/v1/extract/ev_abc123/history
bashNotarize ($0.05)
curl -X POST https://api.docimprint.com/v1/extract/ev_abc123/notarize \
  -H "X-Payment: <eip712-signed-usdc-transfer>"

Bundle output details: Extract guide → Outputs

Related

All docs

Hub

Try live

Playground

Extract guide

Modes