Verify a signed PDF

Drop a PDF signed with AttachKit's hardware-key flow. We'll extract the embedded proof block, re-run the HMAC timestamp check against our server, and surface every WebAuthn field so you can inspect it yourself or hand it to an auditor.

Verification is fully client-side — your PDF stays in your browser except for the timestamp check (which only sends the hash + signature, never the document).

Don't want to trust this page — or need to verify offline? Get the standalone verifier — one HTML file that confirms a signed PDF is unaltered with no network and no AttachKit server. Save it; it keeps working forever.

Building a site? You can embed this verifier with a 4-line snippet so your visitors confirm a signed PDF inline — it runs entirely in their browser, with no callback to us.