The platform

From file to legal certificate

An integrated architecture that turns your data from deletable into protected and court-proven — across four layers.

How it works

The evidence lifecycle

Each step produces a cryptographic proof appended to the custody chain

    01

    Upload & encrypt

    Evidence is uploaded over TLS 1.3 and immediately encrypted with AES-256-GCM via in-Kingdom KMS keys. A SHA-512 fingerprint is computed on receipt.

    02

    Lock & timestamp

    Evidence is locked with Object Lock (Compliance mode) and receives an RFC 3161 trusted timestamp proving its existence at a precise moment.

    03

    Chain of custody

    Every operation — upload, access, export — is recorded in an immutable audit trail, cryptographically signed and sequenced without gaps.

    04

    Court export

    On request, the platform produces a complete forensic package: original file + fingerprint + timestamp + custody chain + independent verification tools.

Capabilities

Everything legal evidence requires

Capabilities designed around Evidence Law and Saudi regulatory requirements

Integrity protection

SHA-512 fingerprint + Object Lock guarantee evidence is untouched since the moment of sealing.

Trusted timestamping

RFC 3161 timestamp authority independently and verifiably proves when evidence existed.

Immutable custody chain

An unalterable audit trail of every operation performed on the evidence.

Tamper detection

Automated periodic integrity sweeps (SHA) detect any tampering attempt instantly.

Long-term preservation

7-year retention enforced at the storage layer — only removed when the term expires.

Court export package

A standard-format forensic bundle any independent party can verify, in Arabic and English.

End-to-end encryption

AES-256-GCM at rest and TLS 1.3 in transit. Keys exist in-Kingdom only.

Multi-tenant

Full isolation between entities with independent access management per organization.

Compliance reporting

Periodic reports ready for regulators (NCA, SAMA, PDPL, MOJ).

Critical feature

The court export package

When a court or authorized party requests evidence, the platform produces a complete tamper-evident package — not just a download, but a forensic-grade bundle.

Any independent party can verify without contacting TraceVault: compute the fingerprint, verify the timestamp signature, and check the custody chain sequence.

Package contents

  • Original file + SHA-512 fingerprint
  • Full metadata and case information
  • Complete, signed custody chain
  • RFC 3161 timestamp and certificate chain
  • Access log for all evidence operations
  • Independent verification tools (verify.sh / verify.py)