Selective Disclosure¶
Selective disclosure lets you share a cryptographic proof link for a single vault record with anyone outside your organisation. The recipient can verify the record's integrity, including document hashes, HMAC signature, and Merkle inclusion proof, without being granted access to your workspace, your data, or any other records.
How it works¶
- Open the Vault tab in your Redact workspace
- Find the record you want to share
- Click Disclose on that row
- A modal appears with a verification URL valid for 30 days
- Copy the link and send it to your auditor or regulator
The link points to a public page at /redact/verify/<token>. No login is required to open it.
What the auditor sees¶
The verification page shows everything needed to confirm integrity, and nothing more.
Record details
| Field | Description |
|---|---|
| Record ID | Unique identifier of the vault entry |
| Processed at | UTC timestamp of when the request was handled |
| Domain | Workspace domain (Legal, Healthcare, Finance, General) |
| Status | Success, error, or blocked |
| Entities stripped | Total count and breakdown by type |
Document hashes
| Field | Description |
|---|---|
| Original document hash | SHA-256 of the content before anonymization |
| Anonymized document hash | SHA-256 of the content after anonymization |
| Chain hash | Hash linking this record to the previous one in the audit chain |
Integrity verification
| Check | Result |
|---|---|
| HMAC signature | Valid, invalid, or not configured |
| Merkle inclusion proof | Valid with seal date, or not yet sealed |
| Merkle root hash | Truncated root hash of the sealed batch |
What the auditor does not see¶
- Your workspace name or workspace ID
- The API key that made the request
- The model used
- The actual content of any document
- Any other vault records
The link is scoped to one record only.
Token expiry¶
Each link is valid for 30 days from the moment it is generated. After expiry the verification page shows an expired message and the token cannot be used. Generate a new link if a longer window is needed.
API¶
You can also generate disclosure links programmatically.
Requires workspace authentication (session or API key with workspace access).
Response¶
{
"ok": true,
"token": "a3f9...",
"url": "https://app.xybern.com/redact/verify/a3f9...",
"expires_at": "2026-06-23T10:00:00"
}
Related¶
- Vault and Audit Trail - record structure, chain hashing, HMAC signing
- Cryptographic Integrity - Merkle tree sealing and inclusion proofs
- Vault Search and Filtering - filter records before selecting one to disclose