Group events into a sealed, verifiable proof of an entire process.
A Trace groups independently anchored events into a single auditable sequence. When the process is complete, seal the trace — permanently. The result is a composite cryptographic proof that covers every event from start to seal. Exportable as JSON or PDF. Verifiable by anyone.
Full event content included — not just hashes. Auditors read the process. Engineers verify the math.
Traces are free to create — events within them count against your existing quota.
What a Trace is
A Trace is a named, ordered grouping of anchored events under a single identifier, representing a complete business process from start to seal. It is not a workflow engine. It does not enforce steps, approvals, or sequencing. It groups independently verifiable events into one auditable unit and produces a single exportable proof artifact when sealed.
A human-readable label and optional metadata tie together any number of events into one logical process.
Events within a trace are ordered by ingestion timestamp. The sequence is preserved in the proof bundle and composite hash.
Once sealed, a trace cannot be reopened, modified, or deleted. The seal is itself a cryptographically signed event.
SHA-256 computed over the ordered concatenation of all event hashes. One hash proves the entire sequence is intact.
JSON for programmatic verification. PDF for auditors, lawyers, and executives. Both contain the full cryptographic proof.
Sealed traces are private by default. Enable public access in the dashboard to allow anyone to verify without authentication. Recompute the composite hash from individual events and verify the seal signature.
Open traces stay open indefinitely. There is no timeout, no auto-seal, no forced closure. Your application seals when the process is complete — on your timeline, not ours.
Trace lifecycle
Four steps. No branching, no conditions, no approvals. Your application decides what events to anchor, in what order, and when to seal. Invoance groups, hashes, signs, and exports. That is the entire scope.
Open a trace
Name the process. Attach optional metadata. The trace begins accepting events.
Add events
Anchor events to the trace via trace_id. Each event is independently hashed and signed.
Close permanently
Compute the composite hash. Sign the seal event. The trace is permanently closed.
Proof bundle
Export the complete proof artifact. JSON for machines. PDF for humans. Verifiable by anyone.
Open trace — events accumulating
After creating a trace, Invoance returns a server-generated trace_id. Your application stores it and includes it when anchoring events via the existing event API. Each event is independently hashed, signed, and timestamped. The trace is a grouping reference — your app controls which events belong to it.
Sealed trace — permanently closed
When you seal a trace, Invoance fetches all events in order, computes the composite hash over their hashes, creates a signed seal event, and permanently closes the trace. No more events can be appended. The seal event is the cryptographic commitment to the full sequence.
The composite hash is SHA-256 computed over the ordered concatenation of all individual event hashes. Any missing, reordered, or altered event invalidates the composite hash.
Proof bundle — the exportable artifact
A sealed trace produces a proof bundle — a self-contained artifact that reads top to bottom like a chronological record. The trace header, then each event in order with its full readable payload and cryptographic proof underneath, then the seal with composite hash and verification. An auditor reads the content. An engineer verifies the math. Both use the same document.
Invoance persists the full event payload alongside the content hash. The proof bundle includes the exact data the client sent — not just hashes. This means the bundle is independently verifiable without requesting the original data from anyone.
Machine-readable. Each event includes its full payload, content hash, signature, and public key. The composite hash and seal signature close the bundle. Feed it into automated compliance pipelines or verify programmatically.
For auditors, lawyers, and executives. Readable payloads front and center, cryptographic proof in monospace underneath. Horizontal dividers between events. QR code to the public verification URL. Black and white. Certificate, not a report.
What businesses trace
Any multi-step business process where the complete sequence matters — not just individual events. These are real categories of processes that become provable with traces.
Application received → documents collected → compliance checked → approval recorded → payment authorized → vendor active
Application submitted → credit check → income verified → underwriting decision → terms accepted → funds disbursed
Incident detected → team notified → investigation started → root cause identified → remediation applied → post-mortem published
Scope defined → evidence gathered → controls tested → findings documented → remediation tracked → report finalized
What Trace is not
Trace is a proof layer, not a workflow engine. It does not manage your process — it proves what happened during it. This distinction is architectural, not a limitation.
Invoance does not define what steps a process must contain. Your application decides what to anchor.
Events are ordered by timestamp, but Invoance does not reject based on sequence or missing steps.
No conditional logic, no gates, no role assignments. The trace records — it does not orchestrate.
No 'in progress,' 'pending review,' or 'approved.' A trace is open or sealed. That's it.
Sealed traces cannot be reopened under any circumstance. This is a structural guarantee, not a policy.
One trace, one linear sequence, one seal. If your process branches, use multiple traces.
Open traces stay open indefinitely. Invoance never forces a seal. Your application decides when the process is complete.
Once an event is anchored to a trace, it cannot be removed, replaced, or reordered. The sequence is permanent from the moment of ingestion.
Create, manage, and seal traces
Create traces and anchor events via API or from the dashboard. Create a trace — Invoance returns the trace_id. Anchor events using that ID. Seal when done. The proof bundle generates itself from the cryptographic evidence already recorded. Below is an example using the API.
Invoance generates the trace_id. Store it in your system.
POST /v1/traces
{
"label": "Vendor Onboarding — Acme",
"metadata": {
"department": "procurement",
"initiated_by": "j.smith@acme.com"
}
}
// Invoance returns:
→ trace_id: "tr_abc123..." ← server-generated
→ status: "open"Reference the server-issued trace_id from step 1.
POST /v1/events
{
"event_type": "document.anchored",
"trace_id": "tr_abc123...", ← from step 1
"payload": {
"document_ref": "contract_v2.pdf",
"signed_by": "legal@acme.com"
}
}
→ event_id: "evt_001..."Permanently close. Composite hash computed automatically.
POST /v1/traces/tr_abc123.../seal
→ status: "sealed"
→ composite_hash: "sha256:def456..."
→ event_count: 7
→ seal_event_id: "evt_xyz789..."When process proof matters
Individual event proofs answer "did this happen?" A trace answers "here is everything that happened during this entire process, in order, cryptographically proven."
A vendor claims the onboarding process was incomplete or steps were skipped.
A regulator asks you to prove your loan origination process followed required procedures.
An auditor asks you to prove that every control was tested and every finding was documented before the report was finalized.
After a security incident, you need to prove exactly what response actions were taken and when.
Technical guarantees
These are structural properties of how traces work — not policy commitments. They hold regardless of plan, tenant, or circumstance.
The composite hash is SHA-256 over the ordered concatenation of all event hashes. Any missing, added, reordered, or altered event invalidates it.
The seal event is itself hashed, signed with Ed25519, and appended to the ledger. It cannot be forged, backdated, or reversed.
Every event in a trace retains its own independent hash, signature, and verification URL. Trace membership does not weaken individual proof.
No UPDATE or DELETE on traces or events. The seal transition (open → sealed) is the only mutation, and it is irreversible.
The proof bundle contains everything needed to verify the entire trace — public keys, signatures, hashes — without contacting Invoance.
Export the proof bundle. Verify it yourself. The cryptography is standard Ed25519 + SHA-256. No proprietary formats.
No extra cost. Traces are a grouping mechanism.
Traces themselves are free to create. Each event anchored to a trace counts against your existing event quota — already billed. No new pricing tier, no add-on fees, no per-trace charges.
All plans include traces. See full pricing
Make your business processes provable
If a process matters enough to track, it matters enough to prove. Group events. Seal the trace. Export the proof. That's it.
Traces — Verifiable Process Proof
Group events into a sealed, verifiable proof of an entire process. A Trace groups independently anchored events into a single auditable sequence. When the process is complete, seal the trace permanently. The result is a composite cryptographic proof that covers every event from start to seal. Exportable as JSON or PDF. Verifiable by anyone.