Document attestation system for verifiable workflows between parties.
Ledgerator combines blockchain immutability with local metadata storage for document verification and attestation. The system enables multiple parties to cryptographically verify, acknowledge, or attest to documents in workflows minimizing trust requirements through auditability.
Key Features:
- Blockchain-based document registry with cryptographic proof
- Local SQLite metadata storage for privacy and simplicity
- Hash-based document verification
- Multiple attestation types (ACCEPT, ACKNOWLEDGE, WITNESS, REJECT)
- Multi-network support with easy switching
- Metadata export/import for collaboration
- Simple CLI interface
Ledgerator consists of two components:
- Smart Contract - EVM-based registry for document hashes and attestations
- CLI Tool - Command-line application with local SQLite storage
On-chain (Immutable):
- Document hash (keccak256)
- Registrar address
- Registration timestamp
- Attestations (who, what type, when)
Off-chain (Local):
- Document title and description
- Local file path
- Retrieval location (URL identifier: s3://, ipfs://, https://, etc.)
- Registrar address (cached from blockchain)
This separation balances permanence with privacy—attestation records stay on-chain forever, while practical metadata stays local and can be shared selectively.
- Rust 1.75+
- Foundry (for smart contracts)
# Build
cargo build --release
# Install globally
cargo install --path .
# Or use directly
cargo run -- --helpInitialize configuration (creates ~/.ledgerator/config.toml with local network):
ledge config initThis creates a default configuration with a local network profile for Anvil development.
Add additional networks:
ledge config add mainnet \
--rpc-url "https://eth-mainnet.alchemyapi.io/v2/YOUR_KEY" \
--chain-id 1 \
--contract-address "0x..."
ledge config add sepolia \
--rpc-url "https://sepolia.infura.io/v3/YOUR_KEY" \
--chain-id 11155111 \
--contract-address "0x..."Switch between networks:
ledge config use mainnetView current configuration:
ledge config showSet private key:
export LEDGERATOR_PRIVATE_KEY="0x..."Local metadata is stored at ~/.ledgerator/metadata.db (created automatically).
ledge register contract.pdf \
--title "Service Agreement" \
--location "s3://bucket/contracts/service-agreement.pdf"This:
- Computes keccak256 hash of the file
- Registers hash on blockchain
- Stores metadata locally (including absolute file path)
ledge attest 0xabc123... --type ACCEPTAttestation types:
ACCEPT- Approve or accept the documentACKNOWLEDGE- Confirm receipt or awarenessWITNESS- Observed or verifiedREJECT- Reject or dispute
ledge query 0xabc123...Shows:
- Blockchain data (hash, registrar, timestamp, attestations)
- Local metadata (title, description, file path, location)
ledge verify contract.pdf 0xabc123...Confirms the file matches the expected hash.
# All documents
ledge list
# Filter by registrar
ledge list --registrar 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb# Export
ledge export metadata.json
# Import (on another machine)
ledge import metadata.jsonMetadata files are portable JSON containing all your local document records.
Map Ethereum addresses to human-readable names for easier attestation tracking:
# Set identity
ledge identity set 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 Alice
# Get identity
ledge identity get 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266
# List all identities
ledge identity list
# Delete identity
ledge identity delete 0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266Identities are stored locally and displayed in query output alongside addresses.
# All components
make build
# Contracts only
make build-contracts
# CLI only
make build-cli# All tests
make test
# Contract tests
make test-contracts
# CLI tests
make test-cli
# Integration test
make integration# Start local Ethereum node
anvil
# Deploy contract (in another terminal)
make deploy-local
# Initialize configuration
cargo run -- config init
# Use CLI
cargo run -- --help# Check compilation
make check
# Run linters
make lint
# Format code
make formatFile: contracts/src/Ledgerator.sol
registerDocument(bytes32 hash)- Register document hashattest(bytes32 hash, AttestationType type)- Add attestationgetDocument(bytes32 hash)- Get document infogetAttestations(bytes32 hash)- Get all attestationsgetAttesters(bytes32 hash)- Get unique attesters
DocumentRegistered(bytes32 indexed hash, address indexed registrar, uint256 timestamp)Attested(bytes32 indexed hash, address indexed attester, AttestationType attestationType, uint256 timestamp)
Comprehensive test suite in contracts/test/Ledgerator.t.sol covers:
- Document registration and uniqueness
- Multiple attestation types
- Query operations
- Gas optimization
Location: src/
ledge config init Initialize configuration
ledge config show Show configuration
ledge config add <name> Add network
ledge config use <name> Switch active network
ledge register <file> Register document
ledge attest <hash> --type Add attestation
ledge query <hash> Query document
ledge verify <file> <hash> Verify file
ledge list [--registrar] List documents
ledge export <file> Export metadata
ledge import <file> Import metadata
ledge identity set <addr> <nm> Set identity for address
ledge identity get <addr> Get identity for address
ledge identity list List all identities
ledge identity delete <addr> Delete identity
Local SQLite database at ~/.ledgerator/metadata.db:
CREATE TABLE documents (
hash TEXT PRIMARY KEY,
title TEXT,
description TEXT,
local_path TEXT, -- Absolute path on filesystem
location TEXT, -- URL identifier (s3://, ipfs://, https://, etc)
registrar TEXT,
created_at TEXT,
updated_at TEXT
);
CREATE TABLE identities (
address TEXT PRIMARY KEY,
name TEXT NOT NULL,
created_at TEXT,
updated_at TEXT
);Config file: ~/.ledgerator/config.toml
[networks.local]
rpc_url = "http://localhost:8545"
chain_id = 31337
contract_address = "0x5FbDB2315678afecb367f032d93F642f64180aa3"
[networks.mainnet]
rpc_url = "https://..."
chain_id = 1
contract_address = "0x..."
[settings]
active_network = "local"Environment:
LEDGERATOR_PRIVATE_KEY- Private key for transactions
Full end-to-end test in integration-test.sh:
./integration-test.shTests:
- Start Anvil (local EVM)
- Deploy smart contract
- Register document
- Attest to document
- Query document
- Verify file
- List documents
- Export metadata
- Import metadata
- Contract tests
# Local (Anvil)
make deploy-local
# Testnet/Mainnet
cd contracts
forge script script/Deploy.s.sol \
--rpc-url <RPC_URL> \
--private-key <KEY> \
--broadcastAfter deploying to a new network, add it to your configuration:
ledge config add <network-name> \
--rpc-url <RPC_URL> \
--chain-id <CHAIN_ID> \
--contract-address <DEPLOYED_ADDRESS>
ledge config use <network-name># Install system-wide
make install
# Or distribute binary
cargo build --release
# Binary at: target/release/ledge# Alice registers a contract
ledge register service-agreement.pdf \
--title "Service Agreement Q1 2025" \
--location "s3://legal-docs/q1-2025/service-agreement.pdf"
# Output: Hash: 0xabc123...
# Alice shares hash with Bob (email, Slack, etc)
# Bob receives file, verifies hash
ledge verify received-contract.pdf 0xabc123...
# ✓ Hashes match!
# Bob queries to verify on-chain registration
ledge query 0xabc123...
# Shows: Alice registered at timestamp X
# Bob accepts (which also confirms the document exists on-chain)
ledge attest 0xabc123... --type ACCEPT
# Anyone can verify the chain of attestations
ledge query 0xabc123...
# Shows: Alice registered, Bob accepted, timestamps
# Alice exports metadata to share with Carol
ledge export contracts-q1.json
# Carol imports metadata
ledge import contracts-q1.json
ledge list # See all Q1 contracts- Contract Approval: Multi-party contract signing with verifiable timestamps
- Document Verification: Prove document existence at a specific time
- Audit Trails: Immutable record of document attestations
- Supply Chain: Track document flow through verification stages
- Compliance: Regulatory documents with attestation history
See docs/plans/2026-01-01-ledgerator-design.md for detailed specifications.
MIT