DOCUSENTINEL
Log inTry Live Demo
Product Tour

How DocuSentinel Protects Your Data

A deep dive into the steganographic encoding, multi-layer detection mesh, and forensic audit systems that make DocuSentinel unique.

Three-Layer Encoding

256-bit identity, woven into grammar

Each document receives a unique DSID composed of 8 structured fields: Tenant ID, Document ID, Classification Level, Author Hash, Timestamp, Version, Encoding Method, and Reed-Solomon ECC parity bits. This identifier is then embedded using three independent steganographic techniques.

A

Zero-Width Unicode Insertion

Four invisible Unicode characters (U+200B, U+200C, U+200D, U+2060) encode the DSID as base-4 digits at inter-word boundaries.

B

Statistical Whitespace Patterns

Subtle variations in spacing between sentences and paragraphs encode redundant DSID copies using statistical models.

C

Semantic Micro-Substitutions

Swapping synonyms ("however" ↔ "nevertheless") encodes bits that survive even AI-powered paraphrasing.

// DSID Bit-Field Layout (256 bits)
Tenant ID0x3F2A9B8C32 bits
Document ID0x7E91F042A3B1C8D564 bits
Classification0x028 bits
Author Hash0x8D2E4F7132 bits
Timestamp0x66541A2E32 bits
Version0x018 bits
Method0x018 bits
ECC Parity0xF091A2B3C4D5E6F7A872 bits
Total: 256 bits = 64 hex characters = 128 base-4 digits
// Supported AI Tool Detection Matrix
ChatGPTchat.openai.com
41% of events
Claudeclaude.ai
22% of events
Geminigemini.google.com
18% of events
Copilotcopilot.microsoft.com
12% of events
Perplexityperplexity.ai
5% of events
Detection Mesh

Every exfiltration path, covered

The detection mesh operates at three layers: OS-level clipboard monitoring via the endpoint agent, browser-level input field scanning via the extension, and network-level HTTPS inspection via the ICAP proxy. Detection latency averages 387ms at p95.

Forensic Audit

Cryptographic chain-of-custody

Every detection event is hash-linked to its predecessor using SHA-256, forming an immutable Merkle chain. Events are anchored to external timestamping authorities (RFC 3161) for non-repudiation. The result: a forensic record that holds up in court.

See it in the live demo
// Merkle Hash Chain
H(event₀) = a1b2c3d4...f091
↓ SHA-256(H₀ ∥ H₁)
H(event₁) = e5f6a7b8...c2d3
↓ SHA-256(H₁ ∥ H₂)
Merkle Root = 9f8e7d6c...b0a1
Anchored to RFC 3161 TSA · 5/27/2026