Skip to content
AttachKit
Help center

How to verify a signed PDF with AttachKit

Step-by-step guide to checking an AttachKit-signed PDF in your browser, reading the verdict banner, and re-verifying from a link, offline, or in bulk.

Last updated

Check whether a PDF signed with AttachKit is authentic — and whether it has changed since signing — without installing anything or creating an account.

Before you start

  • Verification runs in your browser. The PDF never leaves your device, with one narrow exception: the optional timestamp check sends only the timestamp, the document hash, and the timestamp signature to AttachKit's server — never the document itself.
  • The verifier reads the proof block AttachKit embeds when a document is signed. A PDF signed elsewhere reports Not signed with AttachKit — that doesn't mean it's forged, only that there's no AttachKit proof to check.
  • Verifying is free for anyone, no sign-in required. The verifiable hardware-key proof itself is created during signing with the passkey flow in Sign — a Max feature (during the private beta, everything is free).
  • Password-protected PDFs can't be opened by the verifier. Remove the password first with Unlock.
  • Files dropped on the page are capped at 100 MB.

Steps

  1. Open Verify.
  2. Drag your signed PDF onto the drop zone, or click it to pick a file. No signed PDF handy? Click Try with a sample.
  3. Wait while the page shows Verifying… — large files can take a few seconds.
  4. Read the verdict banner at the top of the results. It's the plain-language answer; everything below it is detail for auditors.
  5. Inspect the detail rows you care about (see below). Every cryptographic check except the timestamp re-check runs locally in your browser.
  6. Click Verify another PDF to reset and check the next file.

What the verdict banner means

BannerMeaning
Valid signature — contents unalteredThe signature checks out and the file's bytes still match what was signed.
Valid signatureConfirms who signed and when. Older (v1) proofs don't re-hash the page content, so this alone doesn't prove the visible content is unchanged — see the content-binding row below it.
Signed, but not fully confirmedA proof block is present, but the checks were skipped rather than passed or failed, so nothing could be cryptographically confirmed — read the detail rows below it.
Invalid — this didn't verifyThe signature didn't check out. The document may have been altered after signing.
Not signed with AttachKitNo AttachKit proof block was found in this PDF.

Detail rows you may see

  • Audit page metadata — the original filename, when it was signed (with timezone), and how many signature placements were made.
  • Timestamp signature — AttachKit's server re-computes an HMAC-SHA256 over the timestamp plus document hash and compares it to the embedded signature. Only the timestamp, hash, and signature are sent — never the document.
  • RFC 3161 timestamp: token present — an independent timestamp-authority token you can re-verify yourself with openssl ts -verify; the row shows the exact commands, so you never have to trust AttachKit for the time claim.
  • WebAuthn signature — the passkey signature is verified in your browser against the public key embedded in the PDF. The row surfaces the document SHA-256, credential ID, and the origin where signing happened.
  • Content unaltered since signing — on newer (v2) proofs, the verifier re-hashes the file locally and compares it to the hash folded into the signed challenge.
  • Countersigners and threshold — witness and co-signer signatures, plus whether an N-of-M signing policy was met.
  • Quantum-resistant integrity — optional ML-DSA-65 and SLH-DSA post-quantum signatures over the same document hash, also verified locally.
  • Edit history — when present, a signed version chain rendered as a timeline, with a warning if the chain isn't bound to this document's signature.

Other ways to verify

  • From a link/verify?u= followed by an http(s) PDF URL fetches and verifies it automatically (the host must allow cross-origin requests; remote files are capped at 50 MB). This is what "Verified" badge links use.
  • Offline — download the standalone verifier, a single HTML file that confirms a signed PDF is unaltered with no network and no AttachKit server. Save it; it keeps working even if AttachKit shuts down.
  • On your own siteembed the verifier with a short snippet; it runs entirely in your visitors' browsers, with no callback to AttachKit.
  • Many files at once — use Bulk verify to run the same checks across a whole set of PDFs and export the results.

Result

You get a one-line verdict plus an auditable breakdown of every check. A green Valid signature — contents unaltered means the document was signed by the passkey shown, at the recorded time, and its bytes haven't changed since. Because the proof travels inside the PDF, anyone you forward the file to can repeat the same verification for free.

Related

  • Sign a PDF — create signatures, including the hardware-key proof this page verifies.
  • Unlock a PDF — remove a password so the verifier can open the file.
  • Bulk verify — verify many signed PDFs at once.

Open the tool →

Related

Was this helpful?

Still stuck? Contact support →