The same proof you see here, programmable.

ExistBefore is the public showcase of the CertiSigma API. The hash you generate in your browser is attested by the same pipeline you can call directly from your code: T0 ECDSA in milliseconds, T1 qualified timestamp under eIDAS Art. 41 within ~1 hour, T2 Bitcoin anchoring within 24–48 hours.

Read the docs Talk to sales

No card required. The free tier gives you one attestation every few minutes from your IP — the same rate ExistBefore enforces here.

Three tiers, one pipeline.

Tier	Free (this site)	Developer API key	Enterprise contract
Cost	€0	Pay-as-you-go	Volume contract
Rate limit	~1/min per IP	Configurable	SLA-backed
T0 ECDSA	Yes	Yes	Yes
T1 eIDAS TSA	Yes (~1h)	Yes (~1h)	Yes, with SLA
T2 Bitcoin	Yes (~24–48h)	Yes (~24–48h)	Yes, with SLA
Webhooks	—	Yes	Yes
Dedicated keys	—	Yes	Yes (per env)
Custom SLAs	—	—	Yes
Sign-up	Use the free site	Self-serve key	Contact sales

See API reference

What the API actually does.

Three endpoints cover the full pipeline. The body is always a JSON object, the response is always JSON, and the API key lives in the Authorization header — never in a URL.

POST /attest      # body: { "hash_hex": "<64-char hex>" }
POST /verify      # body: { "hash_hex": "<64-char hex>" }   (public, no key)
GET  /attestation/{id}/status     # T0/T1/T2 progression
GET  /attestation/{id}/evidence   # raw signed payload + Merkle inclusion proof
GET  /keys/{id}                   # signing public key (JWK)

SDKs available for Python, JavaScript / Node, Go and PHP. The Census CLI wraps the same endpoints for shell pipelines.

Try the same pipeline interactively — your file never leaves your browser, only the SHA-256 hash transits via the proxy.

Why this stack matters.

Cryptographically independent verification. The signed payload, signature, and public key let any third party — including auditors and courts — reproduce the proof without trusting CertiSigma.
Legal value (T1). Qualified timestamps from accredited TSAs carry full legal force under eIDAS Art. 41 (Regulation EU 910/2014).
Decentralized permanence (T2). Bitcoin anchoring through OpenTimestamps survives the disappearance of any single operator — including CertiSigma itself.
Privacy by construction. The API only sees a 32-byte SHA-256. No content, no metadata, no PII.
Same pipeline, same proof. Whatever you generate from your own code is bit-identical in semantics to what ExistBefore produces.

Talk to sales Open the docs

FAQ

Is the free tier really free? Yes — ExistBefore is operated by CertiSigma as the public funnel for the API. There is no card, no account, no tracker.

Where does the API key live? On your servers. The CertiSigma key is server-side only; client browsers never see it. The same model is used by ExistBefore here (proxy-injected key).

Can I migrate proofs generated on this site into my account? Yes. Every attestation has a public ID and is independently verifiable via POST /verify regardless of which key originally signed it.

Is there a self-hosted option? The signing infrastructure is operated by CertiSigma to keep the trust root small. The verification path is fully open and runs anywhere — your code never depends on CertiSigma being online once you've fetched the public key and the signed payload.