Apostillum Technical Brief
A blind notary that cryptographically seals digital records at the moment of creation, on the user's device, before they are transmitted, stored, or read.
Zero-knowledge architecture
Apostillum encrypts all content client-side before any data leaves the user's device. The platform stores "a locked box whose combination it was never given." It cannot read, alter, or delete sealed records. This is a technical fact, not a policy.
Record-level encryption keys are generated and stored exclusively on the user's machine. No key material is ever transmitted to Apostillum's servers. For long-term WORM archival, a separate archive key is split via Shamir Secret Sharing (3-of-5) into five shares, all generated and downloaded on the user's device. The user controls all shares and decides how to distribute them — retaining all five for sole control, or distributing shares to trusted parties for institutional governance. Apostillum never sees, stores, or transmits any key share. Verification of record integrity requires zero keys — hashes are anchored on public blockchains. Keys are only needed to access the original plaintext from the WORM archive. Even under subpoena, Apostillum cannot produce the plaintext content of any sealed record.
The architecture is designed so that even its creator cannot compromise a single record. That is not a feature. That is the product.
Eight-step cryptographic seal
Every AI interaction passes through an eight-step pipeline that creates a tamper-evident, independently verifiable record.
Three independent witnesses
A cryptographic fingerprint of each sealed record is submitted simultaneously to three timestamp authorities that have never shared infrastructure, governance, or failure modes.
Anyone can independently verify a sealed record against all three witnesses using the public verification portal at app.apostillum.com/verify. No login required.
Algorithms and standards
| Function | Algorithm | Standard |
|---|---|---|
| Symmetric encryption | XChaCha20-Poly1305 (256-bit) | draft-irtf-cfrg-xchacha |
| Digital signatures | Ed25519 (256-bit) | RFC 8032 |
| Content hashing | SHA-256 + SHA-3-256 (256-bit) | FIPS 180-4 / FIPS 202 |
| Database encryption | AES-256 | FIPS 197 |
Comprehensive capture coverage
Apostillum captures AI interactions across all major platforms and interfaces, requiring no changes to the user's workflow.
| Platform | Interfaces |
|---|---|
| Claude | Browser, desktop, and terminal interfaces |
| ChatGPT | Browser and desktop interfaces |
The capture layer is resident but idle until a recognised AI session begins. The sealed record is created at the moment the session ends, not after an upload.
Designed for courtroom scrutiny
Every sealed record can be exported as a court-ready PDF structured for Federal Rules of Evidence Rule 902(14) — self-authenticating evidence that may not require live testimony to be admitted. The export includes everything an opposing party or judge needs to independently verify the record's authenticity, integrity, and chain of custody, including a plain-English glossary written for a judge who has never heard the word blockchain.
In August 2026, EU AI Act Article 12 enforcement begins, requiring automatic recording of events over the lifetime of high-risk AI systems with minimum six-month retention. Fines for non-compliance reach €35 million or 7% of global turnover.
Write once. Read many. Delete never.
Every sealed record is written to WORM (Write Once, Read Many) storage provided by Amazon Web Services (AWS) — the world’s largest cloud infrastructure platform, operating across dozens of data centers on six continents. The storage uses Amazon S3 Object Lock in Compliance mode. Once written, a record cannot be altered or deleted by anyone — not by Apostillum, not by Amazon Web Services, not by a court order directed at the platform. The storage infrastructure physically prevents deletion before the retention period expires.
This is not a policy decision. It is an infrastructure constraint enforced at the storage layer by Amazon Web Services. Even with root-level administrative credentials, a WORM-locked object in Compliance mode cannot be deleted or overwritten during its retention period.
| Property | Detail |
|---|---|
| Storage | Amazon Web Services S3 Object Lock (Compliance mode) |
| Retention | Minimum 20 years per record |
| Deletion | Physically impossible during retention |
| Override | No override — not even Amazon Web Services root account |
| What survives | Company shutdown, acquisition, bankruptcy |
Anyone can verify. No account is needed, and none is created.
The public verification portal at app.apostillum.com/verify allows any party — opposing counsel, a judge, an auditor, a regulator — to independently verify a sealed record against the Hedera blockchain. Enter a seal hash or sequence number, and the portal confirms the timestamp, integrity, and chain of custody without requiring an Apostillum account.
Because timestamps live on public blockchains and encrypted records are stored on the user's device, proof remains independently verifiable for a minimum of twenty years, regardless of any party's continued existence.
The architecture is documented for opposing counsel, auditors, and regulators. It is not a pitch.