Primitiv · onboarding
Trust infrastructure for the documents you onboard with.
Regulated onboarding runs on documents that everyone has to trust — and no one can prove. Primitiv gives each one a seal, a watermark, a version history, and a chain of custody, so what you send is exactly what they receive, and you can show it.
No card required · tenant-isolated from the first row of data
Six primitives, one source of truth
Not a document store with permissions bolted on. Each primitive is a property the record carries wherever it goes.
Seals
Lock a package of documents into a tamper-evident record. Its content hash is fixed at the moment of sealing; any later change is a new version, never a silent edit.
Certified copies
Share a copy that carries proof of what it is and where it came from — the serial, the seal, and the source record travel with the file, not in a separate email.
Version histories
Every document keeps its full lineage. The current valid version is resolved by date, and superseded versions stay readable so nothing is lost or rewritten.
Chains of custody
Each open, download, and hand-off is written to an append-only audit trail with the acting party and timestamp. The log can be read, never altered.
Watermarks
Distributed files are stamped per recipient with the serial and a timestamp, so a leaked copy points back to exactly who received it.
Ownership graphs
Model entities, individuals, and their holdings, then resolve ultimate beneficial ownership through the graph — the percentages compound the way a regulator expects.
From record to receipt
Four steps, each one leaving evidence behind.
- 1
Assemble
Build the record — entities, individuals, ownership — and attach the documents each counterparty needs. Ownership resolves to beneficial owners automatically.
- 2
Seal
Pin the exact versions into a package and seal it. The package becomes immutable and gets a serial and a content hash.
- 3
Distribute
Send a tokenized link — watermarked copies, an optional one-time code, and an expiry. No account required on the other side.
- 4
Verify
Watch the chain of custody fill in. Every open and download is logged to your audit trail, and links can be revoked at any time.
Security is not a feature here
Isolation and evidence, in the schema
Row-level security runs on every table, so one tenant can never read another's data through any path. The audit log is append-only. Distribution links expire, can be revoked, and fail closed. These aren't settings — they're how the system is built.
- Tenant isolation
- RLS on every table
- Audit log
- append-only
- Portal links
- expiring · revocable
- Files
- watermarked · signed
Put your onboarding documents on the record.
Set up your organization, seal your first package, and send it with a chain of custody in minutes.