Evidence Witness Architecture#
BenchVault currently supports manual email witnessing for certified backup copies and reserves typed route metadata for stronger future witnesses.
Current Route: Manual Email Witness#
The user clicks Certify Copy after a backup verifies locally. BenchVault opens an email draft containing the backup-copy fingerprint and scope language. The user reviews and sends the message.
This produces a practical outside timestamped record if the recipient mailbox is outside the notebook owner’s control. It is strongest when sent to a supervisor, SD, records staff, or retained shared institutional mailbox.
Future Routes#
Route |
Normal payload |
Notes |
|---|---|---|
Institution mailbox |
Seal JSON |
Mailbox should be institution-owned and retention-protected. |
Trusted timestamp authority |
Manifest hash only |
Proves the hash existed by a time without sending notebook content. |
Institution API |
Seal JSON |
Allows signed receipts, policy checks, and audit dashboards. |
Immutable file-server drop |
Seal JSON |
Works when owner accounts can add but not change or delete records. |
Object-lock storage |
Seal JSON or full backup bundle |
Strong route for WORM-style custody. |
Retention library |
Seal JSON |
Fits SharePoint-style records libraries with retention policy. |
Append-only transparency log |
Manifest hash only |
Supports inclusion proofs. |
Offline write-once media |
Seal JSON |
Low-tech route when custody is managed separately. |
Future Verification States#
UnsealedLocal sealCertification email preparedWitness pendingWitnessedInstitution archivedWarning
The app should always show the scope of the state. Certified backup copy means
the local backed-up copy, not the live LabArchives notebook.