Security overview for Signelio
4 min read
Updated Apr 14, 2026
Signelio combines encrypted transport, controlled asset delivery, append-only audit events, and generated completion artifacts to support signing workflows. It is important to describe those controls accurately rather than as if every future enterprise feature is already live.
Before you begin
A need to explain Signelio security accurately
Awareness of whether the audience is operational, legal, or technical
A willingness to distinguish current features from planned features
Understand the current evidence model
Document events form an append-only audit chain using previousHash and eventHash.
Completed packages generate signed PDF, manifest, and certificate artifacts for downstream review.
Understand delivery protections
Private originals and evidence artifacts stay behind authenticated delivery, while cache-safe preview assets use explicit CDN controls when they are safe to cache.
Public signing links use random tokens with hashed storage rather than storing raw tokens.
Avoid overstating the trust model
The current implementation uses vendor encryption plus app-layer evidence controls.
It should not be described as hardware-backed digital sealing or trust-service notarization until those controls are actually live.
Pro Tips
When describing security externally, prefer specific current controls over generic claims.
Pair security explanations with artifact and audit explanations when stakeholders ask for trust evidence.
Use the compliance settings and legal pages for policy-level follow-up.
Was this article helpful?
Use this as a quick signal while the public knowledge base is static.