Security & Trust

File Integrity

SHA-256 is computed client-side before upload and again on the server upon receipt. The hash is stored in the database and cannot be overwritten. Any modification to the file after upload would produce a different hash, making tampering detectable.

Access Control

Shared files require the viewer to verify their email address before access is granted. Verification tokens expire after a single use. Share links can be set to expire by date or after a maximum number of views. The file owner can revoke a share link at any time. Database access is enforced by Row Level Security policies — queries cannot cross user boundaries regardless of application state.

Audit Trail

Every access event is recorded: timestamp, viewer email, IP address, user agent string, and the action taken (view, download, share creation, share revocation). This log is append-only and is included in access audit trail exports. The file owner can view the full access history from their dashboard at any time.

Viewer Identity Watermarking

When a viewer accesses shared photos, video, or audio through Attested, their verified identity (email address and timestamp) is rendered as a visible overlay on every frame via a canvas element in the browser. The overlay is composited at render time and is present throughout playback. This overlay survives screen capture — if a viewer photographs or records their screen, their identity is embedded in whatever they captured. This creates viewer attribution: any leak can be traced back to the specific person who viewed it.

For document files (PDFs, Word documents, spreadsheets), the viewer's identity is displayed as an on-screen overlay during viewing, but the underlying document content can be extracted independently of the overlay — for example, by copying text or saving the file through the browser. For documents, Attested's primary protection is the access audit trail and SHA-256 integrity verification rather than watermark-based attribution. Attorneys sharing sensitive documents should be aware of this distinction.

All file types — photos, video, audio, and documents — receive SHA-256 integrity hashing, access logging, and FRE 902(13) authentication certificates regardless of watermarking approach.

Litigation Hold (Professional & Enterprise)

Attorneys can place a litigation hold on any file. Once a hold is active, the file cannot be deleted or shredded — including by the file owner — until the hold is explicitly released. This prevents inadvertent or coerced destruction of evidence subject to a legal obligation to preserve.

Automatic Expiration (Temporary Access)

Files shared with temporary access expire automatically at a date set by the uploader. After expiration, the share link becomes inactive and the file is scheduled for deletion. This reduces the exposure window for sensitive content that does not need permanent retention.

Encryption in Transit and at Rest

All connections to Attested are served over HTTPS with TLS 1.3. Files stored in Supabase Storage are encrypted at rest using AES-256. Encryption keys are managed by Supabase and are not accessible to Attested staff.

We don't store passwords — authentication is handled through industry-standard protocols.

Attested uses Supabase Auth, which supports passkeys (FIDO2/WebAuthn), email magic links, and OAuth providers. No plaintext credentials are ever stored. Session tokens are short-lived and rotated on each request.

We don't access your evidence — file contents are not reviewed by Attested staff.

Files are stored encrypted in Supabase Storage. Attested does not open, scan, review, or transmit your file contents to any third party. Access by Verifore Technologies staff would require circumventing the Row Level Security policies that govern all database queries.