1. Content Hashing
When the statement was generated, a SHA-256 hash of its contents was computed, creating a unique fingerprint.
2. HMAC Authentication
The statement ID is generated using HMAC-SHA256 with a server-side secret, binding the wallet address, date range, and timestamp into a tamper-proof identifier.
3. Dual EIP-712 Signatures
Both the Moneva platform and the account holder sign the statement hash using EIP-712 typed data signatures. This binds both identities to the exact document, proving it was genuinely issued and approved.
4. File Match
When you upload a file, its SHA-256 hash is computed locally in your browser and compared against the attested hash. If they match, the file has not been modified.