Business Overview¶
This page explains what Diogenes does and why it matters, written for business stakeholders and decision-makers.
The Problem¶
Digital documents lack verifiable provenance. When a report, contract, research paper, or regulatory submission passes through multiple hands -- authoring, editing, review, approval, publication -- there is no standard way to prove:
- Who reviewed or approved it, and when.
- Whether the document has been altered since it was signed.
- How trustworthy the signers are, based on their relationships and reputations.
Traditional digital signatures (like PDF signing) solve part of this, but they rely on centralized certificate authorities, do not build a multi-party provenance chain, and offer no public audit trail.
The Solution¶
Diogenes provides cryptographic provenance infrastructure that enables multiple parties to independently attest to a document's integrity, with full public verifiability.
Key Capabilities¶
| Capability | What It Means |
|---|---|
| Multi-party attestation | Authors, editors, reviewers, and publishers each independently sign the document, building a complete chain of custody. |
| Public audit trail | Every signature, key registration, and endorsement is recorded on a tamper-evident, publicly auditable log. |
| Decentralized trust | No single authority controls who is trusted. Trust is built through a network of mutual endorsements between participants. |
| Temporal proof | Signatures are timestamped via Bitcoin, providing tamper-evident proof of when an attestation occurred, independent of any single server. |
| Privacy-preserving | Document content never reaches the server. Only a hash (digital fingerprint) of the document is used for verification. |
Use Cases¶
Scholarly and Theological Publishing¶
Problem: Historical and theological texts pass through multiple scholars, editors, and publishers. Establishing that a specific scholar reviewed a specific version of a text is critical for academic credibility.
Diogenes solution: Each scholar registers a cryptographic key. When they review a manuscript, they sign it, creating a verifiable attestation. The full review chain -- from original author through editors and peer reviewers to the publisher -- is recorded on the transparency log. Anyone can verify the provenance chain years later.
Medical Research and Regulatory Compliance¶
Problem: Clinical trial documents, research datasets, and regulatory submissions must meet strict chain-of-custody requirements (21 CFR Part 11). Current systems rely on proprietary platforms with limited auditability.
Diogenes solution: The attestation model maps directly to 21 CFR Part 11 requirements for attributable, tamper-evident, time-stamped electronic signatures. The transparency log provides the audit trail that regulators require. Documents never leave the institution's network -- only hashes are transmitted.
Verified AI Retrieval (RAG Pipelines)¶
Problem: When AI systems retrieve document chunks for generating responses, there is no way to verify the source's integrity. Citations to AI-retrieved content lack cryptographic provenance.
Diogenes solution: Documents ingested into RAG pipelines carry verifiable attestation graphs. Each retrieved chunk traces back to its signed manifest, enabling citations with cryptographic proof of source integrity.
How It Differs from Existing Solutions¶
| Feature | Traditional PKI | Blockchain Notarization | Diogenes |
|---|---|---|---|
| Multi-party attestation | No | Limited | Yes -- DAG of attestations |
| Decentralized trust | No (CA-dependent) | Partially | Yes -- web of endorsements |
| Public audit trail | No | Yes | Yes -- hash-chained log |
| Content privacy | Depends | Often no | Yes -- only hashes transmitted |
| Temporal anchoring | CA timestamp | Block time | Bitcoin via OpenTimestamps |
| Cost per signature | CA fees | Gas fees | Free (self-hosted) |
| Regulatory compliance | Varies | Unproven | Designed for 21 CFR Part 11 |
Deployment Model¶
Diogenes is self-hosted infrastructure. Organizations run their own Diogenes server, maintaining full control over their transparency log and key registry. This means:
- No vendor lock-in. The protocol is open and the code is open source.
- No per-signature fees. Once deployed, there are no transaction costs.
- Data sovereignty. Document content never leaves the organization.
- Auditability. Any party can independently verify the log's integrity.
Getting Started¶
If you are evaluating Diogenes for your organization:
- Review the Security Architecture to understand the trust model.
- Try the Getting Started guide to see the system in action.
- Read How It Works for a conceptual overview.