# Salesforce
The KRNL Secure Document Manager for Salesforce brings cryptographically verifiable document integrity and identity-bound watermarking directly into your Salesforce record pages. It is a managed package that adds a layer of trust and accountability to document workflows without replacing your existing Salesforce infrastructure.
### What It Does
* **Upload** — Users upload documents directly from any Salesforce record page. The system generates a unique cryptographic fingerprint and anchors it for tamper-evident verification.
* **Watermark** — Every viewer receives a personalized watermark tied to their Salesforce identity. If a document is screenshotted, shared, or leaked, the watermark identifies the source.
* **Verify** — The system can confirm at any time whether a document matches its original fingerprint, detecting alterations or substitutions.
* **Audit** — All uploads, views, and verification checks are logged with immutable proofs, creating a complete compliance trail inside Salesforce.
### How It Works
The integration follows a simple four-step flow that runs behind the familiar Salesforce interface:
#### 1. Upload and Fingerprint
When a user uploads a document through the KRNL Lightning component:
* The document is sent to a secure processing service
* A cryptographic fingerprint (hash) is generated from the document content
* The fingerprint is anchored via the KRNL Protocol, creating a permanent, verifiable record
* The document is stored in secure storage; only the fingerprint is anchored, not the document itself
#### 2. Identity Confirmation
When a user requests to view a document:
* The system confirms the user's Salesforce identity
* Access permissions are checked against the record and document settings
* Unauthorized access attempts are denied and logged
#### 3. Watermarked Delivery
For authorized viewers:
* The original document is retrieved from secure storage
* A personalized watermark is applied in real time, tied to the viewer's Salesforce user ID
* A secure viewing session is created
* The watermarked document is delivered to the user
#### 4. Audit and Compliance
Every action is logged:
* Who uploaded the document and when
* Who viewed the document and when
* Whether the document was verified against its original fingerprint
* All events are stored with cryptographic proofs for independent audit
### Architecture Overview
```
┌─────────────────────────────────────────────────────────────┐
│ Salesforce Platform │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │
│ │ Record Page │ │ Lightning │ │ Access Logs │ │
│ │ (Account, │──│ Component │──│ (Audit Trail) │ │
│ │ Opportunity)│ │ (Upload/View)│ │ │ │
│ └─────────────┘ └──────┬──────┘ └─────────────────────┘ │
└───────────────────────────┬─────────────────────────────────┘
│
┌───────────────────────────▼───────────────────────────────────┐
│ KRNL Integrated Backend │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │
│ │ Fingerprint │ │ Anchor │ │ Watermark Engine │ │
│ │ Generation │──│ Proof │──│ (Identity-Bound) │ │
│ │ │ │ │ │ │ │
│ └─────────────┘ └─────────────┘ └─────────────────────┘ │
│ │
│ ┌─────────────────────────────────────────────────────────┐ │
│ │ Attestor (Developer-Controlled) │ │
│ │ • Signs all fingerprints and access events │ │
│ │ • Resolves secrets (API keys, storage credentials) │ │
│ │ • Generates cryptographic proofs for every action │ │
│ └─────────────────────────────────────────────────────────┘ │
└───────────────────────────────────────────────────────────────┘
│
┌───────────────────────────▼───────────────────────────────────┐
│ Infrastructure │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │
│ │ Secure │ │ Blockchain │ │ Identity Provider │ │
│ │ Storage │ │ Anchor │ │ (Salesforce Auth) │ │
│ └─────────────┘ └─────────────┘ └─────────────────────┘ │
└───────────────────────────────────────────────────────────────┘
```
### Key Capabilities
| Capability | What It Means for Your Organization |
| --------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- |
| **Blockchain-anchored integrity** | Every document receives an immutable fingerprint that cannot be altered. If the document changes, the fingerprint no longer matches. |
| **Lightning-based upload and delivery** | Users interact through a native Salesforce component. No external portals, no context switching, no training required. |
| **Identity-bound watermarking** | Every viewer's identity is embedded into the document they receive. Leaked documents are traceable to the individual who viewed them. |
| **Leak prevention by design** | Screenshots, recordings, and shared copies always contain traceable identifiers. There is no anonymous way to extract a clean document. |
| **Authenticity enforcement** | Any modification to a document invalidates its fingerprint. Verification fails if the document has been tampered with. |
| **Full auditability inside Salesforce** | Admins can see who uploaded each document, who viewed it, when, and whether the document passed verification—all without leaving Salesforce. |
### Security Model
#### Data Handling
* **Document content never touches the blockchain.** Only the cryptographic fingerprint is anchored. The document itself remains in your secure storage.
* **Watermarks are applied server-side.** The client receives an already-watermarked image or PDF. There is no clean original delivered to the browser.
* **All access routes through the protected pipeline.** There are no direct URLs to stored documents that could bypass identity checks.
#### Identity and Access
* **Salesforce authentication is the gate.** The system relies on your existing Salesforce identity provider, roles, and permission sets.
* **Access is record-scoped.** A user must have access to the parent Salesforce record to see documents attached to it.
* **Session-bound viewing.** Each document view creates a time-limited session. Watermarks include session identifiers for additional traceability.
#### Cryptographic Assurance
* **Developer-controlled attestor.** Your organization controls the attestation policy and signing keys. KRNL does not hold or operate your attestor.
* **Every action is signed.** Uploads, views, and verifications each produce a cryptographic proof that can be independently verified.
* **Immutable audit trail.** Event logs are structured and signed. They can be exported for external audit or compliance review.
### Installation
The Secure Document Manager is distributed as a Salesforce managed package. Installation requires:
1. **Salesforce admin privileges** to install the package and assign permission sets
2. **A KRNL attestor image** configured with your organization's secrets (API keys, storage credentials, signing keys)
3. **Lightning App Builder access** to add the component to your record pages
For detailed installation steps, configuration options, and troubleshooting, refer to the repository below.
### Repository and Resources
| Resource | Link |
| ---------------------------------- | ------------------------------------------------------------------------------------ |
| Source code and installation guide | [github.com/KRNL-Labs/salesforce-krnl](https://github.com/KRNL-Labs/salesforce-krnl) |
| Managed package installation | See repository README |
| Configuration documentation | See repository README |
### Common Questions
Does this replace our existing document storage?
No. The integration works with your existing storage. KRNL adds a verification and watermarking layer on top.
Can we use this with custom Salesforce objects?
Yes. The Lightning component can be added to any record page, including custom objects
Where are the documents actually stored?
Document storage is configurable. The default uses secure cloud storage; enterprise deployments can route to private storage or VPC-resident systems.
What happens if the KRNL service is unavailable?
Document uploads and views are queued gracefully. The Salesforce UI continues to function; verification and watermarking resume when connectivity is restored.
How do we prove compliance to auditors?
All events are logged with signed proofs. Export the audit log and provide the attestation hashes. Auditors can independently verify the proofs without KRNL's involvement.
### Next Steps
* Install the managed package from the repository
* Configure your attestor with storage and API credentials
* Add the Lightning component to your record pages
* Review the [Building Custom Enterprise Connectors](https://www.kimi.com/chat/19e1549c-9682-8edf-8000-0932619ab22b?chat_enter_method=history#) guide to extend this pattern to other platforms
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.krnl.xyz/enterprise-integration/salesforce.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.