Own your signatures.
A batteries-included PDF e-signature SDK you embed in your own product. Render, cryptographically sign, timestamp, verify, and audit — entirely inside your infrastructure. Your certs, your database, your storage. No SaaS in the loop.
The whole pipeline, in your process
One call takes an HTML document to a signed, tamper-evident PDF and an append-only attribution record — no external service ever touches the document.
🔏Real cryptography
PKCS#7 detached signatures under the ETSI.CAdES.detached subfilter, with the ESS signing-certificate-v2 binding. Verification recomputes the document digest and checks the RSA signature — a single altered byte fails.
⏱️Trusted timestamps
Optional RFC-3161 timestamps upgrade a signature to CAdES-T. The package performs no egress — the TSA only ever receives a SHA-256 hash, never your document.
🧩Bring your own stack
Pluggable CertStore / AuditLogStore / storage interfaces. A Supabase reference adapter ships in the box; implement the three interfaces against any database or object store.
🖊️Drop-in signing UI
React components — a draw-to-sign canvas, a consent-gated sign flow, and a signed receipt — with no framework coupling.
🏥Zero PHI egress
Everything runs inside your boundary. Nothing but a hash leaves your servers, so no signing-vendor BAA is needed and the whole thing sits inside your own SOC 2 scope.
📜ESIGN / UETA-oriented
Intent (consent), attribution (append-only audit log — actor, IP, UA, cert fingerprint), and integrity (cryptographic signature + optional timestamp).
Sign a document in a few lines
Compose your HTML, hand it to the orchestrator over your three stores, get back a stored URL, an audit id, and a cert fingerprint.
// one call: render → issue/rotate cert → sign (+timestamp) → store → audit import { signDocument } from "@e-sig/core"; const result = await signDocument({ html, signatureImage, tenantId, subjectName: tenantName, passphrase: process.env.ESIG_CERT_PASSPHRASE, signer: { name, email }, certStore, auditStore, storage, // your adapters pathPrefix: `${tenantId}/${documentId}`, }); // → { signedPdfUrl, auditLogId, certFingerprint, timestamped } const ok = verifyPdfSignature(signedPdf).ok; // true — cryptographically
The per-signature meter, deleted
Every incumbent re-introduces a fee at exactly the moment you embed signing into your product. e-sig doesn't — it runs in your process, on your infrastructure, forever, for free.
| Model | Per-document cost | Runs in your app | Own your certs & data |
|---|---|---|---|
| e-sig | $0 — no meter | Yes (in-process SDK) | Yes |
| DocuSign API | ~$1.88–7.20 / envelope | No (SaaS) | No |
| Dropbox Sign / Anvil | ~$1.50 / doc | No | No |
| DocuSeal (self-hosted) | $0.20 / doc — even on-prem | Beside your app | Its own |
| Documenso | $250/mo embed license → | Beside your app (AGPL) | Its own |
Pricing figures are indicative public rates as of 2026 and vary by plan and volume; check each vendor for current terms.
Open source, self-hosted, yours
The full engine, adapters, and UI are MIT-licensed. Clone it, read every line of the signing path, run it inside your own walls.