// CASE STUDY

Sigil

Built to prove if it's real.

IndustryProvenance infrastructure · Web3
Year2025
Scope
  • Smart contracts (4-of-6 multisig)
  • Blockchain API
  • Backend platform
  • iOS + Android capture apps
  • Web portal & admin
// THE PROBLEM

AI can fabricate a photograph, a contract, a scene — and make it indistinguishable from real. The market's response: authenticate after the fact. Sign it, hash it, hope the buyer takes your word for it. A signature on a fake is still a fake. The only moment that matters is capture.

They wrote the spec. We made it exist.

// STRATEGIC MOVE

We shipped the chain whole — capture to verification, governed by four of six.

Mobile apps captured under a tamper-evident flow, a regulator-friendly backend handled identity, payment, and GDPR, a blockchain-API tier pinned metadata to Pinata IPFS and brokered every on-chain call, and the smart-contract surface anchored each record under a four-of-six multisig — no single key could move the platform. The web portal and admin dashboard sat on top, both consuming the same API contracts the partner integrations would later consume. Every layer was built against the BRS as the acceptance test, audited end-to-end before mainnet.

Stamped at capture.
Not after the fact.

9:41
PHOTOVIDEO
READY · BLOCK 62 184 207 · 4 OF 6 ONLINE
9:41
Sigil
SIGNING…
ƒ/2.0 · ISO 200
SIGNERS
Signed
Captured · Device-signed · Block pending
DEVICEiPhone 15 Pro
LOCATIONMilano · 14:08:22 UTC
BLOCK62 184 207
NETWORKPolygon mainnet
SIGNERS4 of 6
View proof →
9:41
Back
Sigil
VERIFIED
2026
Verified
Signed at capture · publicly verifiable
DEVICE
iPhone 15 Pro
Captured 14 May 2026 · 14:08:22 UTC
BLOCKCHAIN RECORD
Polygon mainnet
Block 62 184 207 · 198 confirmations
9:41
Sigil
Gallery
342 records · 342 verified
All
Signed
Pending
Flagged
SIGNED
001023 · 14:08
SIGNED
001019 · 14:02
SIGNED
001017 · 13:54
SIGNED
001014 · 13:48
SIGNED
001011 · 13:41
SIGNED
001008 · 13:33
// SIGNED-AT-CAPTURE · POLYGON MAINNET

Capture stamped,
verified on chain.

Five product surfaces. One contract. Governed by four of six.

Audited · 0 critical findings
sigil.app/verify/0x7b6408…4492 LIVE
VERIFIED// LATEST RECORD
BLOCK
62 184 207
METHOD
mint(address,uint256,string)
FROM
0x9c…fA4e · signer 3
EVENT
NFTMinted(to, tokenId, uri)
TOKEN URI
ipfs://bafy…pjwm
// FLOW · CAPTURE → HASH → IPFS → ON-CHAIN → VERIFY

One chain. Five steps. Public.

  1. // 01CapturePhone · deviceExpo CameraView
  2. // 02HashBackend · Node 22SHA-256 + sig
  3. // 03IPFSPinata pinContent-addressed
  4. // 04On-chainPolygon mainnetmint(...) · 4 of 6
  5. // 05VerifyPublic APIAnyone · no auth
End-to-end verify in a single GET request
sigil.app/gallery
Sigil
SIGIL — GALLERY/VERIFIED ARCHIVE
AllSignedPendingFlagged
342 records · 342 verified · live
SIGNED001023
DEVICE
iPhone 15 Pro · IT
CAPTURED
14:08:22 UTC
BLOCK
22 481 003
SIGNED001019
DEVICE
Leica M11-P · UA
CAPTURED
14:02:11 UTC
BLOCK
22 480 998
SIGNED001017
DEVICE
Sony A7R V · UK
CAPTURED
13:54:46 UTC
BLOCK
22 480 986
SIGNED001014
DEVICE
Pixel 9 Pro · US
CAPTURED
13:48:02 UTC
BLOCK
22 480 971
SIGNED001011
DEVICE
Hasselblad X2D · DE
CAPTURED
13:41:18 UTC
BLOCK
22 480 952
SIGNED001008
DEVICE
Canon R5 · FR
CAPTURED
13:33:55 UTC
BLOCK
22 480 931
SHOWING 6 OF 342 · PAGE 1 / 57
12357

Permanent. By design.

// OUTCOME

Live on Polygon mainnet · 0 critical findings

Polygon
Mainnet live · contract deployed and verified
4 of 6
Multisig approvals required for any change
>95%
Smart-contract test coverage at audit sign-off
0
Critical findings · Slither · Mythril · independent audit

Live in production. Still building together.

Sometimes things fail.We plan for that.

Book a discovery call
// CREDITS
  • Lead ArchitectMirko Vanzo
  • EngagementMaintenance · production release · BRS conformance audit
  • Year2025
// STACK
  • Solidity 0.8 · Hardhat · OpenZeppelin AccessManager
  • TypeScript · Node 22 · Express 5
  • MongoDB · Mongoose
  • Ethers.js · viem · Wagmi · RainbowKit
  • Next.js · React 19
  • Expo · React Native (iOS + Android)
  • Pinata IPFS · Polygon
  • Stripe · OAuth · 2FA · GDPR endpoints
// NEXTClearvaultWhere the numbers can't disagree.