When the evidence has to survive your termination.
Whistleblowing has a survival problem: the evidence has to exist after you no longer have access. Internal screenshots, deck slides, Slack messages, customer-data exports — captured while you still had a corporate laptop, but the moment you forward to outside counsel or a regulator, you're entering a regime where your ex-employer may dispute the evidence's authenticity. Sealing the screenshot at capture, before any forwarding, fixes the chain of custody cryptographically. The receipt timestamp predates your termination, predates any post-hoc 'they fabricated this' claim from your former employer's litigation team. The receipt URL is portable: it works on a personal device, with no corporate credentials, and verifies independently even if your laptop is wiped. This page does not advise you on the legality of any specific disclosure — get an employment lawyer. It does tell you how to make the evidence you choose to disclose harder to dismiss.
Workflows whistleblowers actually run
- 01
Capture and seal — same browser session, before any forwarding.
When you screenshot internal evidence (a deck slide, a Slack message, an internal dashboard, an email), seal it in /seal immediately, in the same browser session. The receipt timestamp anchors the file to the moment of capture, not the moment of disclosure weeks later. This pre-dates any post-hoc 'fabricated' claim because the OpenTimestamps anchor is irreversible.
- 02
Forward the receipt URL alongside the file to outside counsel.
When you engage employment counsel or a regulator (SEC whistleblower office, DOJ, equivalent in your jurisdiction), forward the screenshot file AND the receipt URL. Counsel can verify the timestamp independently. The receipt is now part of the documentary record from first transmission.
- 03
If your laptop gets wiped, the receipt still verifies on a personal device.
The receipt URL is portable. From a personal phone, a public library terminal, or counsel's office — drop the file (which you've preserved on personal storage) on /verify, and the cryptographic match still holds. Independent of your former corporate environment, independent of your continued employment status.
- 04
Anti-retaliation timeline: seal your performance reviews and project assignments.
If retaliation is anticipated, seal contemporaneous evidence of your pre-disclosure standing — performance reviews, project assignments, recent praise emails. When retaliation later happens (PIP, schedule changes, sudden demotion), the sealed pre-disclosure documents form a defensible 'this changed AFTER the protected activity' chronology.
- 05
Public-interest journalism: provide receipts alongside leaked material.
If you're leaking to a journalist, the receipt URL gives the journalist independent verification of when you captured the material. The journalist's editorial chain can then cite 'evidence sealed at <date> via cryptographic timestamping' — strengthening the publication's defense against post-publication 'these were fabricated' counter-narratives.
What it maps to in your world
- OpenTimestamps anchor is independent of receipts.you the company. Even if our service is shut down or coerced, the cryptographic record survives — verifiable with the OTS reference client, our public key, and the receipt JSON.
- Hash-only architecture means we never had the content. There is nothing for us to disclose, nothing to subpoena, nothing to lose. The screenshot bytes never left your browser at capture time.
- Receipts are portable across devices and jurisdictions. A sealed receipt on a corporate laptop verifies identically on a personal phone in another country.
- Verification is offline-capable. With the public key + the OTS proof + the receipt JSON, any third party (lawyer, regulator, journalist) can verify without trusting us or your former employer.
- Append-only, no edit history, no admin override. We cannot 'modify' a receipt under pressure; the chain doesn't allow it.
Questions this page answers
- “preserve evidence before whistleblower complaint”
- “whistleblower screenshot evidence chain of custody”
- “sec whistleblower documentary evidence”
- “regulatory disclosure evidence preservation”
- “anti-retaliation timeline evidence”
- “internal misconduct screenshot proof”
- “preserve evidence before termination”
- “whistleblower evidence portable verification”
Specific answers
Does sealing a screenshot create a record that my employer can subpoena?
We hold a SHA-256 hash, a perceptual hash, a timestamp, and a signature — about 400 bytes per receipt. Subpoenas to us would yield those bytes; nothing else. The hash cannot be reversed to recover the image. The receipt URL alone, without your underlying file, does not disclose the content of what you sealed. For specific legal advice on subpoena exposure, consult employment counsel — but the data-minimization posture is much stronger than uploading screenshots to cloud storage.
Should I use a personal device to seal corporate evidence?
Legally fraught. Some jurisdictions distinguish 'evidence captured during employment' from 'evidence captured for personal use.' Consult counsel before transferring corporate material to personal devices. The right answer is often: seal in the corporate browser at the moment of capture, then move the file via the disclosure path your counsel approves. The receipt URL is the portable part; the underlying file's handling is the legally-sensitive part.
Can my former employer claim the receipt was created retroactively?
The OpenTimestamps anchor — once the cron upgrades it (~30 min after sealing) — is on a public blockchain we cannot rewrite. Backdating after the anchor lands is cryptographically infeasible. For evidence sealed minutes before transmission, the anchor will land shortly after; for evidence sealed weeks before, the anchor is long-since cured. Either way, the timestamp is provable independent of us.
Will the SEC / DOJ / EU whistleblower offices recognize this?
Sealed-screenshot evidence is a relatively new category in regulatory practice. Regulators with technical teams (SEC tech specialists, DOJ digital forensics) will recognize SHA-256 + ECDSA + OpenTimestamps as standard cryptographic primitives. Less technical intake staff may need the evidence walked through; the methodology is documented at /methodology and verification is reproducible offline. Have counsel prepare a one-page methodology brief for the intake officer.
Is sealing evidence itself a protected activity?
Sealing a screenshot is just hashing a file. It is not, by itself, disclosure. Most jurisdictions' whistleblower protections attach to the act of reporting to a covered authority, not to the act of preserving evidence. But specific protection regimes (SOX, Dodd-Frank, EU Whistleblower Directive) vary; consult counsel for the protection-trigger analysis specific to your situation.
Can I seal anonymously?
Yes — there's no signup, no account, no PII collected. The receipt is associated with your browser's request (which our worker sees via the standard CF-IP header), but we don't link receipts to identities. From a privacy-of-disclosure standpoint, sealing from a personal-use VPN or Tor adds another layer, but the underlying receipt is already anonymous at the application layer.
What if my former employer pressures you to delete a receipt?
Receipts are append-only and externally anchored. We technically cannot delete the anchored proof from the public chain. We can mark a receipt as withdrawn on our side, but the cryptographic record outside our control persists. We have not been asked to delete a receipt in any production scenario; if we were ever compelled, we would publish that fact and the receipt status in a public transparency report.
The evidence has to survive you having access.
Seal at capture, forward with the receipt URL. The cryptographic timestamp survives termination, NDAs, and litigation pressure.