Audit trail
Every agreement in Propper Sign generates a complete, tamper-evident audit trail that captures all participant actions with cryptographic proof of integrity. The audit trail is available for all agreements across all account types.
View the audit trail under the agreement's Audit tab, or download it as part of the Completion Certificate.
Tracked events
Sign automatically records every meaningful action that occurs during an agreement's lifecycle. Events are organized into four categories.
| Category | Events tracked |
|---|---|
| Agreement lifecycle | Created, Sent, Delivered, Completed, Voided, Expired, Declined |
| Document | Uploaded, Viewed, Downloaded |
| Recipient | Added, Authenticated, Signed, Declined |
| Security | Authentication attempts, access code failures, session events |
Each event captures:
- Participant identity (name and email)
- UTC timestamp with timezone offset
- IP address
- User agent (browser and operating system)
- Action-specific details (authentication method, signature type, and so on)
Viewing the audit trail
- Navigate to Sign > Agreements.
- Open the agreement you want to inspect.
- Select the Audit tab.
Events are displayed chronologically. You can filter by event type or participant name to focus on a specific action or signer.
Screenshot: Audit events tab showing chronological event list with participant names, timestamps, and IP addresses
Hash-chained integrity
The audit trail uses SHA-256 hash chaining to make tampering immediately detectable. Each event is hashed together with the hash of the event before it, forming a cryptographically linked chain. If any event is altered, deleted, or reordered, the chain breaks and the tampering is detectable.
The hash for each event is computed as:
SHA256(JSON.stringify({ id, type, metadata, prevHash, occurredAt }))
What this guarantees:
- Events cannot be altered after they are created
- Missing or reordered events break the chain
- The integrity of the trail can be independently verified
Audit contents
Per agreement
- Agreement ID, status, and document count
- Sender details, organization, and IP address
- Full lifecycle event sequence (sent → delivered → completed)
- SHA-256 hash per document and a combined package hash
Per recipient
- Name, email, and role (signer, approver, or receives a copy)
- Authentication method and verification result
- View timestamps and IP addresses
- Tag values and signature timestamps
- Electronic signature disclosure acceptance
The audit trail records meet ESIGN Act, UETA, and eIDAS requirements. All timestamps are stored in UTC with timezone offset for accurate legal records.
Related topics
- Completion Certificate — Download the audit certificate as a PDF
- Evidence Collection — Detailed breakdown of data captured for legal proof
- Legal Compliance — Standards and regulations
- Agreement status — Track signing progress