Document Integrity Chain, Audit Certificates & PDF Signing Reliability

This release strengthens document trust with an end-to-end integrity chain and enhanced audit certificates, resolves PDF signing reliability issues, and deploys multi-region infrastructure for improved availability.

Propper Sign Enhancements

Document Integrity Chain

• End-to-End Document Verification. Propper Sign now computes SHA-256 hashes for every uploaded document and verifies them at agreement completion, establishing a tamper-evident chain from upload through signing. This provides cryptographic proof that documents have not been altered during the signing workflow.

Audit Certificate Improvements

• Restructured Audit Certificates. The audit certificate PDF has been overhauled with clearly defined sections: Agreement Details, Record Tracking, Document Integrity, Recipient Timeline, and Reissuance History. Originator fields are validated and annotation events are properly filtered for a cleaner, more comprehensive audit trail.
• Document & Audit Regeneration. Administrators can now regenerate signed documents and audit certificates with reason tracking. All regeneration events are logged to the audit trail with full reissuance history.

Email Delivery

• Cancellable Bulk Email Notifications. Agreement email notifications now use batch sending, allowing pending emails to be cancelled when an agreement is voided, recalled, or deleted — preventing recipients from receiving notifications for agreements that are no longer active.

Reliability & Fixes

• PDF Signing Reliability. Resolved intermittent errors that could occur when downloading signed PDFs, particularly for documents with non-ASCII filenames. The signing service now accurately reports whether a PDF was cryptographically signed or served as an unsigned fallback.
• Adobe Acrobat Compatibility. Fixed an issue where signed PDFs were missing the AcroForm dictionary and SigFlags, causing Adobe Acrobat to not recognize or display the signature panel when opening downloaded documents.
• Recipient Access Code Security. Access codes for template recipients are now properly hashed, email notification settings save correctly in templates, and settings are replicated accurately when creating agreements from templates.
• Template Recipient Validation. The template wizard now requires a role name for each recipient, preventing incomplete templates that could cause issues during agreement creation.
• Webhook Recipient Handling. Fixed recipient deduplication in webhook processing to use the correct compound unique key, preventing duplicate recipient entries.

Security

• Dependency Security Patches. Updated Hono to 4.12.12 (CVE-2026-39409) and Vite to 7.3.2 (CVE-2026-39364, CVE-2026-39363) to address known vulnerabilities.

Platform

• Multi-Region High Availability. Deployed warm standby services, cross-region database replicas, and EU-region workers with dedicated document storage and evidence signing keys. These infrastructure investments provide lower latency for European users and faster failover in the event of regional disruptions.

See these improvements in action. Book a demo to learn how Propper Sign streamlines your agreement workflows, or start your free trial to get started today.