Legally binding signatures, backed by a tamper-evident record.
Formable e-signatures are built for enforceability under the U.S. ESIGN Act and UETA. Every signature is captured with explicit consent and intent, then sealed into an append-only audit trail that proves who signed what, when, and from where.
Enforceable under the ESIGN Act and UETA
Federal and state law treat a compliant electronic signature as the legal equivalent of a handwritten one. Formable captures the elements courts look for: consent to do business electronically, clear intent to sign, attribution of the signature to the signer, and a retained, reproducible record of the signed document.
Consent to electronic records
Before signing, every signer affirmatively agrees to our Consent to Electronic Records and Signatures, which discloses their right to paper copies, the right to withdraw consent, and the hardware and software needed to access records.
Captured intent to sign
A signer cannot complete a signature without both adopting a signature and acknowledging that their electronic signature is the legal equivalent of a handwritten one, and that they intend to be legally bound.
Retained, reproducible records
Completed documents are retained with their full signing history and can be downloaded as a single PDF with the audit trail appended, satisfying the record-retention requirements of ESIGN and UETA.
A signing record that proves it has not been altered
Every meaningful event in a document's life is recorded the moment it happens. Those records are chained together with cryptographic hashes and written to immutable storage, so any tampering becomes mathematically detectable.
SHA-256 hash chain
Each audit entry stores a SHA-256 hash of the document plus a hash linking it to the previous entry. The chain is validated on every write and locked once the envelope completes, so a single altered record breaks the chain.
Append-only by design
Audit records live in a dedicated table where update and delete permissions are revoked at the database level. Entries can be added, never edited or removed.
Immutable WORM storage
When a document completes, a snapshot of its audit chain is written to write-once-read-many storage using S3 Object Lock in compliance mode with multi-year retention. Not even an administrator can overwrite it.
Certificate of completion
Completed documents include audit-trail pages listing every event, the actor's name and email, UTC timestamps, and the originating IP address, so the proof travels with the document itself.
Protected at every layer, from redline to signature
Documents are encrypted in transit and at rest, and access is gated by authentication, scoped permissions, and links that expire.
Encryption in transit and at rest
Documents move over TLS and are stored in private cloud storage, never in public buckets. Files are served through short-lived, signed URLs rather than permanent public links.
Authenticated access
The platform is protected by Firebase authentication and short-lived JWT sessions, while API access is gated by per-client OAuth credentials scoped to a single organization.
Expiring share links
Links to sign, redline, or edit a document are time-limited and reject access once they expire, so a forwarded link cannot be used indefinitely.
Password-protected sharing
Sensitive shares can be locked behind a password that is never stored in plaintext, only as a salted scrypt hash verified in constant time.
Signed event webhooks
Outbound webhooks for signing and redlining events are signed with HMAC-SHA256 so your systems can verify each payload genuinely came from Formable.
IP and timestamp capture
Viewing and signing events record the actor's IP address and a precise UTC timestamp, attributing each action in the audit trail to a specific party and moment.
Sign with confidence that it will hold up.
Send your first document in minutes and download a completed copy with the full audit trail attached.
