CamoSign: Private E-Signing

November 11, 2025

CamoSign is a free, private by design e-signature application that features zero uploads of documents or signatory information.

Legal agreements and sensitive signatory PII are freely updated to the servers of giants like DocuSign and Adobe. There's a better, more private way to electronically sign documents.

CamoSign: Private E-Signing

How our Private E-Signatures Work

The overall user flow is familiar: Prepare, Sign, Finalize.

With CamoSign, these steps occur privately on each user's computer and all information is shared directly amongst the parties.

Prepare



  1. A preparer locally loads the document on the Prepare page, where Signer names, access codes, and signature locations on the document are selected.
  2. Generate Signer Invites is clicked, locally generating per-Signer invite URLs or .csign files (depending on the size of the document), which embed all necessary information and are to be provided to each signer directly (as are access code instructions).


Sign



  1. Each Signer either clicks their URL or navigates to the Sign page to locally load their .csign file.
  2. Signers enter their access code, check the acknowledgment box containing their name, draw their signature, and click Sign.
  3. Upon signature, the latest Ethereum block is polled for timestamp verification, a locally-generated Ethereum address is deterministically derived1 to cryptographically seal the locally generated return URL or .csign file, and the Signer provides this to the Preparer.


Finalize



  1. The Preparer collects all return URLs or .csign files, locally loads them on the Finalize page, and clicks Finalize Document.
  2. The latest Ethereum block is again polled for timestamp verification, and a locally-generated Ethereum address is deterministically derived2 to cryptographically seal the finalized document.
  3. The process is complete, and the document may now be downloaded and distributed to the parties directly.

    The added Signatures Summary page contains:
    1. Finalized document UUID, text and file hashes, EOA address, latest Ethereum block; and
    2. all signer information: name, invite UUID, EOA, access code hash, timestamp and Ethereum block at time of signature, signature image, and confirmation of each cryptographic signature presence

All document loads, signing actions, and document finalization and sealing are performed fully locally: the only external query is polling the latest Ethereum block to provide trusted timestamp verification at the time of each signature and finalization.

CamoSign's servers never see any document nor signature information.

While the P2P privacy of directly sharing URLs or .csign files may feel different at first compared to auto-sent emails by a third party, it may involve fewer overall emails and coordination than the legacy experience of separate emails for signatory direction and signing links.

Enforceability under ESIGN and UETA

CamoSign addresses the core requirements under ESIGN/UETA as follows:3

Intent to E-Sign

  • Signers receive a unique link or .csign file
  • Signer must enter their access code, check a box containing their name,4 draw their signature, and click "Sign"
  • Signer must download and return their signed .csign file to be merged and finalized with any other signers

Attribution

  • Each Signer receives a unique invite (link with encrypted payload or .csign file), protected by an encrypted Access Code.
    • Signer enters their access code, confirms their name with a checkbox, and draws a signature image.
    • The latest block in the Ethereum blockchain is queried as a credibly neutral, trusted timestamp verification and embedded.
    • Upon signature, a deterministic Ethereum EOA is locally generated from the signer's access code, name, and signature timestamp to cryptographically sign (via ECDSA).
  • While no third party is used to verify the Signer's identity or email, the Signer must provide their returned file to be finalized; in practice, finalizers may request it be returned from the same email to which the invite was sent and may use any other verification processes they deem necessary.

Association with the Record

  • The app embeds the finalized document UUIDs, signatures, and signs with a deterministic Ethereum EOA locally generated from the document UUID, license key hash (for premium users, stored locally in their browser), and timestamp.
  • The latest block in the Ethereum blockchain is again queried at finalization as a credibly neutral, trusted timestamp verification and embedded.
  • A signatures summary page is generated with:
    • Finalized document UUID, text and file hashes, EOA address, latest Ethereum block timestamp; and
    • all signer information: name, invite UUID, EOA, access code hash, timestamp and Ethereum block at time of signature, signature image, and confirmation of proper cryptographic signature
  • Document text and file hashes are verified against each signer's returned file, and re-computed and displayed on the Finalize page for optional additional manual verification.

Record Retention

  • Finalized PDF contains unique identifiers, embedded signatures, and summary page.
  • Hashes, EOAs, and signatures are tamper-evident and reproducible with access to the relevant secrets (access code for signers, license key for premium finalizers); timestamps are easily cross-referenced with the relevant Ethereum blocks.

But what about a Certificate Authority-issued signing certificate?

In the U.S. under ESIGN and UETA, there is no express requirement that an electronic signature must be backed by a Certificate Authority (CA)-issued signing certificate to be legally valid. We believe the elements of intent, attribution, association, and retention to be addressed well by CamoSign, but facts, circumstances, and preferences do differ and both statutes and common law precedent are subject to change.

Private Agreements Deserve Private Signatures

CamoSign is free and ready to use, accessible at camosign.io as a progressive web app.

Premium is initially priced at $20/year, designed for CamoSign document finalizers. License keys are automatically hashed to secretly derive the finalized document cryptographic signatures, so only the license holder can recreate the final, authoritative record hash. Future functionalities are currently in development; license holders will automatically access when available, including writing encrypted hashes to Ethereum or an L2 for trust-minimized verification of the authoritative document, and other features based on user feedback and demand.

Please email contact@camotext.ai with any feedback or questions.

Endnotes

  1. Using the signer's name, access code, and timestamp; a private (due to the secret access code) additional way to (1) verify the signature and (2) cryptographically sign the return file.
  2. Using the document UUID, timestamp, and if premium user, license key; a private (due to the secret license key) additional way to (1) verify the finalized document, (2) cryptographically sign the finalized document, and (3) as a future premium feature, submit hashed information to Ethereum or an L2 for private evidence of the authoritative finalized document.
  3. Also reflected on https://camosign.io/compliance. Consult a lawyer to determine whether CamoSign's signatures are a good fit for your facts and circumstances. The EU's eIDAS, for example, has different tiers of e-signature classifications, some of which require qualified processes.
  4. "I, [NAME], acknowledge and agree that by checking this box and electronically signing below, I am providing my electronic signature and intend it to have the same legal effect as my handwritten signature. I confirm that I have read, understood, and agree to the terms of this document in its entirety."