The next development chapter for SIGit will be the creation of an NPM module to allow others to build SIGits into their tools and applications
As part of this we will be ripping out NDK and replacing with AppleSauce
We are also planning to encapsulate all the logic into State Machines - this will significantly improve stability, usability, and maintainability.
We'd like to thank all of the donors who have supported us so far!
Last month we scored a podium finish at the Baltic Honeybadger 2025 Hackathon for nostr:nprofile1qqsxhugzf33nvzfmvvkm9k3pkedyf37c9qcy2na56atrfw3grctpeyqpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7cl24cn, sponsored by nostr:nprofile1qqs8p3ywfd92w7zvjgy7wrpylz8t30hy3z5dc5al4070l9y8qr8rejcppemhxue69uhkummn9ekx7mp03njxlh and with funds distributed through nostr:nprofile1qqstdhxam7rxw5586xjwscsdj24fqhp93kzsh7xvjg7nnhc7mlh9aecpzemhxw309ahx7um5wghxgetvda6x26eww34j7qg7waehxw309ajx2a3wdehhxarjwpkxz7t8wfhh2mny9e3k7mf0qythwumn8ghj76mgv968yafwwp6kscmgduhx6ef0naj908
Why do you need SIGit? It's simple... legacy providers like docusign store all your files centrally, unencrypted and at risk of being hacked. And to top it off they are advertising the use of AI to scan documents. All this leaves users of centralised contract signing platforms at risk of nefarious actions, of privacy being eroded and of a hostile change in regulatory or government policy leaving you unable to protect your business relationships.
Try us out today at sigit.io
And a huge congrats to the other winners! BlindBit Suite, Receipt Cash and Git Futz
Wrong. If you read the legislation on digital signatures, the key must be something the "user can control"
Most solutions use SMS and email, neither of which produces a a signature, and neither of which are under the control of the user
We believe 99% of digital signing solutions are not compliant
We understand your point though, that corporates have more trust in the perceived "legal value" of the cert authorities
We plan to address this point more eloquently as we build out
Indeed, they already do
They don't hide it, they sell it!!
https://www.docusign.com/products/platform/ai
This is impossible in SIGit. A named counterparty has to export an unencrypted version, for it to be used in other tools.
Did you know that almost every commercial document signing solution makes your agreement available to third parties?
With records in a database that can be easily modified?
With SIGit, your documents are encrypted in the browser, and are only accessible to named counterparties.
We use Blossom for data storage, Nostr for secure identity and metadata signing, and OTS for timestamping on Bitcoin.
SIGit is available now, and we'd love your feedback!
On-boarding to nostr:nprofile1qqs8p3ywfd92w7zvjgy7wrpylz8t30hy3z5dc5al4070l9y8qr8rejcpzpmhxue69uhkummnw3ezumt0d5hszrnhwden5te0dehhxtnvdakz7qgawaehxw309ahx7um5wghxy6t5vdhkjmn9wgh8xmmrd9skctc0reyhh today, to which we will receive our prize from a podium hackathon finish at #BH2025
Love the fact that a project is created as part of an OP_RETURN code in an actual bitcoin UTXO
The prize wil be released to us in tranches, if we don't claim, it's time locked and returnable to the investor
Our access key is literally our 12 words
Smooth!!!
https://hub.angor.io/project/angor1q4heck5tf6svq7x8jp5twak329xtv9805xppvq5
Our fundraiser is here: https://geyser.fund/project/sigit
We are participating in the HoneyBadger Hackathon, sponsored by Angor!
Below is our first ever demo video
#BH2025
v2.0.7 is now available - this fixes some issues using the offline flow, and makes it possible to verify an unencrypted SIGit from the homepage, without signing in
Nostr works great without internet, or relays π
All counterparty signatures, plus the creation of the SIGit itself, are timestamped (OTS) on the Bitcoin blockchain
Irrefutable proof that an agreement was signed on a particular date
SIGit v2.0.6 is now released!
A SIGit is composed of multiple regular files (e.g. original files, template.json), unpublished nostr events (e.g. signed create and sign events) and published nostr events (e.g. notification gift wraps, app data).
For performance and reliability, all these files are zipped, encrypted, and loaded to blossom.
For even better performance, to avoid downloading the zip and fetching / processing nostr events each time - the underlying files are also cached in the local browser file cache, the IndexedDB - files repository.
Each time SIGit needs one of these building blocks it first checks the local cache. On cache miss, we check the original decrypted source in cache. If we can't find that, then we download the zip from blossom and decrypt the contents.
Finally, if the blossom zip is missing on the blossom server(s), we fetch the original app data (30078) event and re-process (and publish) all the source events again.
In this release, we improved the stability of the above process.
SIGit v2.0.5 released - fixes an issue where SIGit data (30078) can get caught in a signing loop.
Also renames some of the exported files to use bech 32 npubs instead of hex keys to make them easier to (manually) verify
v2.0.4 is now released - mostly minor refactoring, but we also made each sigit id partially visible so you can tell when signing 30078 requests, which sigit they relate to
sigit ids are a hash of the create event id and the user npub, so it is not possible to correlate events as an outside observer
v2.03 now released with a bunch of improvements to the OTS generation process
Timestamps are generated for the create event and each sign event
Each timestamp has 3 states - pending, upgraded, verified
v2.02 is released - fixes an issue where the last remaining pdf in a draft sigit could not be deleted, and applies some client side logic to handle the case where relays sometimes do not send an EOSE message
v02.01 now released - this disables the broadcast button when verifying unencrypted SIGits without signing in
We now have v2 of https://sigit.io !
It was a complete refactor and breaking change, so if you have sigits from the old version you will need to visit the archive version of the site (in top bar)
We'd now like to invite some intrepid users to try the service whilst we smoothen out the rough edges
You can send us feedback here on Nostr, or get in touch to join our power users community
Are you interested in helping us test SIGit?
Get early acess to new features and help define the feature roadmap?
We'd love to hear from / involve you.
Yes we've been quiet lately - with a big refactor in process
And we just hit commit #1000
Watch this space
SIGit is a PRIVATE and SECURE document signing service. It uses Nostr and Blossom for comms and (encrypted) file storage
The project has progressed at a slow pace due to a shortage of funding, however we do push updates almost every week.
You can try it out right now and let us know your feedback:
Great feedback - yeah that's not working right now but we'll fix it for the MVP!
Here's the issue: https://git.nostrdev.com/sigit/sigit.io/issues/297
Documentation of contract management probably should not rely on nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s or nostr:npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6 goodwill / not nuking their relays.
Yall should consider:
1) funneling customers into paid professional relays like nostr:npub18kzz4lkdtc5n729kvfunxuz287uvu9f64ywhjz43ra482t2y5sks0mx5sz nostr.wine, and agree on a term of data storage, geographical redundancy, server redundancy
2) consider sigit spinning up a contract βkindβ/equivalent relay with characteristics described above
#otherstuff
For some reason we didn't get this notification! For info - we don't rely on (or push) public relays, we use the relays defined by the user (extension / nip-05 / kind 10002) plus the app-relay (sigit relay unless self-hosting and self-adjusted).
SIGit was officially (BETA) released today at the Nostr Hack day in Berlin!
Thanks! Worked like a charm - https://relay.sigit.io
cloudron packaged strfry relay with support for pubkey whitelisting through nostr:npub1ktt8phjnkfmfrsxrgqpztdjuxk3x6psf80xyray0l3c7pyrln49qhkyhz0 chief plugin!
hopefully doesn't take too long to be accepted into the cloudron app store
Is there a guide to getting this into an existing instance? You need to use the CLI presumably? https://github.com/sebdeveloper6952/strfry-cloudron
Can't wait to get rid of GitHub -> nostr:nprofile1qqs83nn04fezvsu89p8xg7axjwye2u67errat3dx2um725fs7qnrqlgprdmhxue69uhkwmr9v9ek7mnpw3hhytnyv4mz7un9d3shjcrepuq
DBs that don't include your signature per row don't make much sense. 
We self host gitea - https://git.nostrdev.com
Available on cloudron
Hopefully someone will build a nostr auth plugin soon
the damus relay now supports NIP-70 protected events:
if you really don't want people syncing your notes to the damus relay, just add a `-` as the first tag.
https://github.com/nostr-protocol/nips/blob/protected-events-tag/70.md
nostril --envelope --content hi --tags '[["-"]]' | nostcat wss://relay.damus.io
["OK","cfd281d9199bfbdfe1b9f19513b8b83211b2b2dbbe58fc80297a52d6d5b846e9",false,"blocked: event marked as protected"]
you can literally follow the readme and be live on nostr.hu in just a few minutes!
SIGit is now available as an nSite
https://npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq.nostr.hu/#/
#soveng
I saw a badass nostr powered business contact form from nostr:npub1d0csynrrxcynkcedktdzrdj6gnras2psg48mf46kxjazs8skrjgq9uzhlq this evening. Businesses could implement it on their websites and get DMs from randomly generated npubs with the contact form data. π
It's super basic.. We'll open source it anyway though, next week, in case anyone would like to use it
We do
We will, if nobody beats us to it
ready
We're literally working on this right now! Also the Lorum Ipsum. Ready in a few hours
Relay Management now available
