P1 · Verifiable Origin

Long-Term Contract Records, Provable Years Later

Having a record ≠ being able to prove it

On 15–20 year contracts, prove "it legitimately existed and was legitimately amended at that time" cryptographically — without revealing the contents — even when amounts, specs, or inspection records are disputed years later.

Manufacturing · Critical infrastructure (power, water, transport) · Public sector · Construction & maintenance 5 min read
Sections
  1. § 01 Who this is for
  2. § 02 Why existing tools fall short
  3. § 03 Our approach
  4. § 04 What you get
  5. § 05 Worked example: a municipal infrastructure dispute years later
  6. § 06 Architecture concept
  7. § 07 What Lemma cryptographically guarantees
  8. § 08 What's next
  9. § 09 Related use cases

Who this is for

For those holding 15–20 year maintenance contracts and infrastructure ledgers, who get asked years later: "What was the price then? Which spec was agreed? Was the inspection actually done?" Records may exist — but is there any guarantee they weren't rewritten? When an amendment is doubted, can you show it was legitimate at the time?

  • Long-term maintenance / contract managers in manufacturing and critical infrastructure (power, water, transport)
  • Public-sector teams accountable for ledgers and inspection records
  • Teams troubled by "we have records but can't prove they're untampered" in audits or disputes

Why existing tools fall short

Three things are required at once: prove without revealing the contents; let a third party (court, auditor) verify independently; make it tamper-proof.

Tool Prove without revealing Independently verifiable Tamper-proof
Spreadsheet / ledger DB
Signed PDF
Blockchain alone ✗ (fully public)
ZK proof + provenance (Lemma)

A ledger DB can be rewritten by an admin; a bare blockchain exposes everything. Only ZK proof + provenance does all three. If one is dispensable, existing tools suffice. Only work requiring all three at once is Lemma's territory.

Our approach

We anchor the moment a contract, quote, or inspection record is created. The original stays in-house (or in your current system); what leaves is only the cryptographic fact of when, by whom, under which content hash, and tamper-free it existed. Even after amendments, "it legitimately existed and was legitimately amended" can be proven without revealing the contents.

However many years later a dispute or audit arrives, the parties, auditors, and third parties verify the same proof independently — without disclosing the original data.

What you get

All figures are directional.

The recording side (maintenance, contracts, ledger management) Keep the contents in-house while showing only their legitimacy years later. Answer "did you amend it?" without disclosing the original. e.g. dispute/audit response shifts from hunting and reconciling originals to presenting one proof.

The verifying side (auditor, court, client) Verify "legitimately existed and amended at that time" without seeing the contents, independent of the era's system or staff. e.g. from relying on the then-staff's testimony to a cryptographically reproducible trail.

As an organization The provenance of decisions and records survives even when veteran staff leave — reducing dependence on individuals.

Worked example: a municipal infrastructure dispute years later

Suppose a municipal infrastructure maintenance contract is later asked: "In 20XX, what was the pump-replacement quote and which spec?" The ledger has been updated repeatedly; reproducing the era's version is hard — only current values remain. "We have records, but can't prove they're from that time."

Had Lemma been in place, the content hash and provenance were anchored when the quote, spec, and approval occurred. The municipality can prove "in 20XX, approved at this amount under spec S-04" without disclosing the original. Client, auditor, and third party verify the same proof independently.

Architecture concept

We don't replace your ledger or contract system. We insert one provenance-anchor step where a record is finalized.

  • Provenance anchor: fix the content as a docHash, commit with Poseidon over BN254; record the moment tamper-free.
  • Selective disclosure: BBS+ over BLS12-381 — present only the needed clauses/attributes.
  • Legitimacy proof: prove "legitimately existed / amended" via Groth16 (Circom).

The original stays in-house; only the record's cryptographic identity travels.

What Lemma cryptographically guarantees

  • The time a record (quote, spec, inspection) occurred, and its content docHash
  • Proof that it "legitimately existed and was legitimately amended at that time"
  • The record's cryptographic identity, unchanged years later
  • A trail that parties, auditors, and third parties verify independently — without disclosing data

What's next

Not a standalone SaaS purchase. We enter through AI-adoption / data-governance consulting and a PoC, landing on an existing monthly plan.

  1. A 30-minute review — identify records in long-term contracts/ledgers where dispute/audit risk concentrates.
  2. Narrow to 1–2 decisions (results) to prove — e.g. "legitimately approved/amended at this point." Not the whole ledger.
  3. Design connection and amendment handling — connection to existing ledger/contract systems, versioning, amendment anchoring.
  4. Prove one path via a (quote-based) PoC.
  5. Land on an existing monthly plan (indicative) — Lemma Civic / Critical; pricing confirmed in conversation.

Using the Metawater work (Nishikawa, Hayama) as a template, we'll confirm in the first 30 minutes where to start anchoring in your ledgers/contracts.

Related use cases

Get Started

Ready to prove?

Talk to us about your use case. We respond within one business day.

Book a Discovery Call → Demo repo