Sign is Winnerr’s e-signature module. You can send any generated document to one or more signers, track progress per signer in real time, and download a tamper-evident audit trail and completion certificate when all parties have signed.
Signing engine
The default signing engine is Winnerr’s own internal legal-grade provider. It requires no external account or API key and is included on all plans. For organizations whose brokerage already uses DocuSign, SkySlope, or Authentisign, those providers can be configured to handle signature routing instead—see External providers below.
What “legal-grade” means
The internal provider is built to satisfy the substantive requirements of the US Electronic Signatures in Global and National Commerce Act (ESIGN), the Uniform Electronic Transactions Act (UETA), and Ontario’s Electronic Commerce Act, 2000 (ECA-2000):
| Requirement | How Sign satisfies it |
|---|
| Consent to transact electronically | The signer must complete an explicit consent step before the signature field is reached. Signing without consent is blocked. |
| Signer attribution | Email link possession is the default authentication method. SMS OTP and knowledge-based authentication (KBA) are additional options. The method used is recorded. |
| Intent to sign | The signature step is a deliberate action after consent—it is never implied or automated. |
| Document integrity | SHA-256 of the exact PDF bytes presented is stored on the envelope. Any byte change after signing is detectable at verification time. |
| Tamper-evident audit trail | Every action (opened, authenticated, consented, signed, declined, voided) is stored as a hash-chained SignatureEvent. Each event includes the IP address, user agent, timestamp, and a chain hash—sha256(prevHash + payloadHash). Deleting or reordering events breaks the chain. |
| Completion certificate | When all signers have signed, a certificate PDF is generated and appended to the signed document. It lists parties, timestamps, IP addresses, auth methods, the document hash, and the full event chain. |
The internal engine is engineered to be defensible, but counsel review of the ECA-2000 mapping is recommended before relying on it for a binding Agreement of Purchase and Sale. This review is non-blocking—the engine ships for all forms today.
Sending a document for signature
A document must be in GENERATED status before you can send it for signature.
From the document detail page, click Send for signature. A dialog lets you:
- Confirm the signers (pre-filled from the document’s canonical parties for OREA packs).
- Set the signing order: parallel (everyone signs at once) or sequential (each signer receives their link only after the previous person signs).
- Set an optional expiry window (days until the signing links expire).
Winnerr derives the signing parties automatically from the canonical data for typed OREA packs. For a freehold purchase, buyers and sellers are pre-populated. For a lease, landlords and tenants. You can adjust the list before sending.
The signer experience
Signers receive a link via email or SMS (depending on the delivery channel configured). The link opens a distraction-free, mobile-friendly signing page that does not require a Winnerr account.
The signer page walks through four steps in order:
- Open — the document is displayed; the
opened event is recorded.
- Authenticate — the signer confirms their identity via the configured auth method (email link possession by default). The
authenticated event is recorded.
- Consent — the signer explicitly agrees to transact electronically. The
consented event is recorded. This step is required by ESIGN/UETA/ECA-2000 and cannot be skipped.
- Sign — the signer applies their signature. The
signed event is recorded.
A Cloudflare Turnstile bot-check is applied to the sign and decline actions. The signer may also decline at any step, optionally providing a reason.
For sequential signing, a signer who is not yet in their turn sees a “waiting” state—their link is active but the sign action is blocked until the preceding signer completes.
Expired or voided links
Signing links that are unknown, expired, or belong to a voided envelope respond with a uniform “gone” state—no information is disclosed about why the link is unavailable.
Signature status rail
The document detail page shows a per-signer status rail. Each signer chip displays their current status:
| Status | Meaning |
|---|
pending | Link created, not yet delivered |
sent | Signing link delivered |
opened | Signer opened the document |
authenticated | Signer passed the auth step |
signed | Signer has signed |
declined | Signer declined; the decline reason is shown |
| Envelope status | Meaning |
|---|
created | Envelope exists, no signers have acted |
sent | At least one signer has been notified |
partially_signed | At least one signer has signed, not all |
completed | All signers have signed; certificate generated |
declined | At least one signer declined |
voided | Voided by the agent |
expired | The expiry window passed before completion |
Voiding an envelope
To void an in-progress envelope, use the void action on the document detail (or the API). Voiding records a voided event with the reason and moves the envelope to terminal status. Already-completed envelopes cannot be voided.
Audit trail and completion certificate
The full audit trail is available from the document detail. Each event in the chain shows the type, timestamp, IP address, and user agent. The chain integrity can be verified by re-computing sha256(prevHash + payloadHash) for each event.
The completion certificate is a PDF appended to the signed document. It is downloadable from the document detail once the envelope reaches completed status.
External providers
For organizations whose brokerage is already contracted with DocuSign, SkySlope, or Authentisign, Winnerr can route signature requests through that provider instead of the internal engine.
External providers require your brokerage’s own credentials. You must configure the provider credentials in Settings before signature requests can be sent through them. When an external provider is active, Winnerr maps the document’s canonical fields to the provider’s template tabs and hands off the signing flow to that provider’s platform.
Completed external envelopes are synced back into Winnerr’s document repository (Locker) so your signed documents are searchable and their obligations are tracked in one place.
To configure an external provider, go to Settings → Integrations and select the e-signature provider section.
