A claim is "hash-sealed" when its content has been hashed (SHA-256) and the hash committed to an externally verifiable record.
When a phytosanitary certificate or sensor log lands in our R2 bucket, we compute its SHA-256 digest and embed the digest in the evidence pack's artefact ledger. The digest becomes the artefact's canonical identifier; any later inspection of the file proves it's the same one referenced in the pack.
Two reasons: (1) the digest is a tiny, citable identifier the pack can include without bloating; (2) once the digest is in the Merkle root and the root is signed, no one — including Importable — can alter the underlying file without breaking the seal.
No. The Merkle tree commitments are not anchored on any public blockchain. The signing key registry, signature scheme, and verification client are open-source so any third party can run the same checks; the trust model is "named signer with externally verifiable public key", not "consensus across an open network."
SHA-256 (NIST FIPS 180-4). Universal browser + node support; collision resistance more than sufficient for an audit horizon measured in decades.