Own your signatures.
Verify your vendor.
Every other e-signature vendor asks you to trust them. We ship an MIT-licensed signing SDK, a continuous assurance layer any auditor can inspect, and standards housed at an independent public foundation. If our company disappears tomorrow, your evidence still verifies.
The four layers of the VMV trust stack
Two neutral public-interest institutions on top; two commercial products below. Trust and continuity do not depend on any single company remaining in business.
UUAID Foundation
UUAID + IAASO
DSalvus
e-sig / esig-suite
Why the vendor architecture matters
Every enterprise-buyer conversation eventually hits the same six questions. Nobody else in the e-signature market has our answer to all six.
| What buyers want to know | Incumbents (DocuSign, Adobe, PandaDoc) | VMV stack |
|---|---|---|
| Can I read the signing code? | No — closed source | Yes — MIT on GitHub |
| Can I self-host on my own infra? | No | Yes — free forever |
| Continuous evidence between audits? | No — annual SOC 2 report | Yes — monthly signed Assurance Package |
| Public verifiability of every agent action? | No — vendor-scoped audit log | Yes — Polygon-anchored via UUAID |
| Standards owned by a neutral body? | No — vendor spec | Yes — UUAID Foundation + IAASO |
| Trust survives vendor going away? | No | Yes — Foundation is independent |
| eIDAS Qualified Electronic Signature? | Yes — via QTSPs | Yes — via QTSP partners |
Comparison reflects publicly available offerings as of 2026 and is intended as guidance for procurement conversations, not a marketing claim about named competitors. Check each vendor for current terms.
Every other e-signature vendor asks you to trust them. We ask you to verify us. Every deployment ships with DSalvus continuous assurance, every agent action is anchored to the public UUAID registry, and the standards themselves live at the independent UUAID Foundation. If our company disappears tomorrow, your evidence still verifies.
How enterprises actually buy this
Most Business and Enterprise esig-suite deals include the DSalvus Assurance Package as a bundled add-on ($1,500–$4,000/mo per tenant). It ships as a signed monthly PDF into your compliance drive with everything a SOC 2 or HIPAA auditor needs: control results, runtime posture, agent-action attestations tied to public UUAID identities, evidence manifest with hashes, and dispute-ready envelopes.
For regulated verticals (healthcare, finance, life sciences) we ship the same package with the appropriate compliance overlay — HIPAA BAA, 21 CFR Part 11, PCI DSS — and route qualified signatures via an EU Trusted-List QTSP for eIDAS QES -grade documents.
Common questions
Is the SDK really MIT and staying that way?
Yes. No AGPL relicense, no rug-pulls. The commercial products (DSalvus, Cloud, Business, Enterprise) are how VMVTech makes money — the SDK is not something we can take away.
Does the UUAID Foundation actually exist?
Yes — uuaid.foundation. Constitutional Charter adopted as founding doctrine; formal nonprofit incorporation in attorney review. Registry live at registry.uuaid.org, API at api.uuaid.org, SDK on npm.
What if VMVTech is acquired?
The UUAID Foundation is not a VMVTech asset. Identifier scheme, Trust Registry, and IAASO standards continue independently. Existing esig-suite MIT code continues to work forever. DSalvus commercial obligations transfer to the acquirer.
Can I run this air-gapped?
Yes — Enterprise. On-prem Helm chart + installer. UUAID identity verification degrades to periodic Trusted-List snapshots when no outbound connectivity is available; DSalvus policy kernel is fully local; esig-suite runs standalone.