Salesforce

The KRNL Secure Document Manager for Salesforce brings cryptographically verifiable document integrity and identity-bound watermarking directly into your Salesforce record pages. It is a managed package that adds a layer of trust and accountability to document workflows without replacing your existing Salesforce infrastructure.

What It Does

Upload — Users upload documents directly from any Salesforce record page. The system generates a unique cryptographic fingerprint and anchors it for tamper-evident verification.
Watermark — Every viewer receives a personalized watermark tied to their Salesforce identity. If a document is screenshotted, shared, or leaked, the watermark identifies the source.
Verify — The system can confirm at any time whether a document matches its original fingerprint, detecting alterations or substitutions.
Audit — All uploads, views, and verification checks are logged with immutable proofs, creating a complete compliance trail inside Salesforce.

How It Works

The integration follows a simple four-step flow that runs behind the familiar Salesforce interface:

1. Upload and Fingerprint

When a user uploads a document through the KRNL Lightning component:

The document is sent to a secure processing service
A cryptographic fingerprint (hash) is generated from the document content
The fingerprint is anchored via the KRNL Protocol, creating a permanent, verifiable record
The document is stored in secure storage; only the fingerprint is anchored, not the document itself

2. Identity Confirmation

When a user requests to view a document:

The system confirms the user's Salesforce identity
Access permissions are checked against the record and document settings
Unauthorized access attempts are denied and logged

3. Watermarked Delivery

For authorized viewers:

The original document is retrieved from secure storage
A personalized watermark is applied in real time, tied to the viewer's Salesforce user ID
A secure viewing session is created
The watermarked document is delivered to the user

4. Audit and Compliance

Every action is logged:

Who uploaded the document and when
Who viewed the document and when
Whether the document was verified against its original fingerprint
All events are stored with cryptographic proofs for independent audit

Architecture Overview

┌─────────────────────────────────────────────────────────────┐
│  Salesforce Platform                                        │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │ Record Page │  │ Lightning   │  │ Access Logs         │  │
│  │ (Account,   │──│ Component   │──│ (Audit Trail)       │  │
│  │ Opportunity)│  │ (Upload/View)│  │                    │  │
│  └─────────────┘  └──────┬──────┘  └─────────────────────┘  │
└───────────────────────────┬─────────────────────────────────┘
                            │
┌───────────────────────────▼───────────────────────────────────┐
│  KRNL Integrated Backend                                      │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐    │
│  │ Fingerprint │  │ Anchor      │  │ Watermark Engine    │    │
│  │ Generation  │──│ Proof       │──│ (Identity-Bound)    │    │
│  │             │  │             │  │                     │    │
│  └─────────────┘  └─────────────┘  └─────────────────────┘    │
│                                                               │
│  ┌─────────────────────────────────────────────────────────┐  │
│  │ Attestor (Developer-Controlled)                         │  │
│  │ • Signs all fingerprints and access events              │  │
│  │ • Resolves secrets (API keys, storage credentials)      │  │
│  │ • Generates cryptographic proofs for every action       │  │
│  └─────────────────────────────────────────────────────────┘  │ 
└───────────────────────────────────────────────────────────────┘
                            │
┌───────────────────────────▼───────────────────────────────────┐
│  Infrastructure                                               │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐    │
│  │ Secure      │  │ Blockchain  │  │ Identity Provider   │    │
│  │ Storage     │  │ Anchor      │  │ (Salesforce Auth)   │    │
│  └─────────────┘  └─────────────┘  └─────────────────────┘    │
└───────────────────────────────────────────────────────────────┘

Key Capabilities

Capability

What It Means for Your Organization

Blockchain-anchored integrity

Every document receives an immutable fingerprint that cannot be altered. If the document changes, the fingerprint no longer matches.

Lightning-based upload and delivery

Users interact through a native Salesforce component. No external portals, no context switching, no training required.

Identity-bound watermarking

Every viewer's identity is embedded into the document they receive. Leaked documents are traceable to the individual who viewed them.

Leak prevention by design

Screenshots, recordings, and shared copies always contain traceable identifiers. There is no anonymous way to extract a clean document.

Authenticity enforcement

Any modification to a document invalidates its fingerprint. Verification fails if the document has been tampered with.

Full auditability inside Salesforce

Admins can see who uploaded each document, who viewed it, when, and whether the document passed verification—all without leaving Salesforce.

Security Model

Data Handling

Document content never touches the blockchain. Only the cryptographic fingerprint is anchored. The document itself remains in your secure storage.
Watermarks are applied server-side. The client receives an already-watermarked image or PDF. There is no clean original delivered to the browser.
All access routes through the protected pipeline. There are no direct URLs to stored documents that could bypass identity checks.

Identity and Access

Salesforce authentication is the gate. The system relies on your existing Salesforce identity provider, roles, and permission sets.
Access is record-scoped. A user must have access to the parent Salesforce record to see documents attached to it.
Session-bound viewing. Each document view creates a time-limited session. Watermarks include session identifiers for additional traceability.

Cryptographic Assurance

Developer-controlled attestor. Your organization controls the attestation policy and signing keys. KRNL does not hold or operate your attestor.
Every action is signed. Uploads, views, and verifications each produce a cryptographic proof that can be independently verified.
Immutable audit trail. Event logs are structured and signed. They can be exported for external audit or compliance review.

Installation

The Secure Document Manager is distributed as a Salesforce managed package. Installation requires:

Salesforce admin privileges to install the package and assign permission sets
A KRNL attestor image configured with your organization's secrets (API keys, storage credentials, signing keys)
Lightning App Builder access to add the component to your record pages

For detailed installation steps, configuration options, and troubleshooting, refer to the repository below.

Repository and Resources

Resource

Link

Source code and installation guide

github.com/KRNL-Labs/salesforce-krnl

Managed package installation

See repository README

Configuration documentation

See repository README

Common Questions

Does this replace our existing document storage?

No. The integration works with your existing storage. KRNL adds a verification and watermarking layer on top.

Can we use this with custom Salesforce objects?

Yes. The Lightning component can be added to any record page, including custom objects

Where are the documents actually stored?

Document storage is configurable. The default uses secure cloud storage; enterprise deployments can route to private storage or VPC-resident systems.

What happens if the KRNL service is unavailable?

Document uploads and views are queued gracefully. The Salesforce UI continues to function; verification and watermarking resume when connectivity is restored.

How do we prove compliance to auditors?

All events are logged with signed proofs. Export the audit log and provide the attestation hashes. Auditors can independently verify the proofs without KRNL's involvement.

Next Steps

Install the managed package from the repository
Configure your attestor with storage and API credentials
Add the Lightning component to your record pages
Review the Building Custom Enterprise Connectors guide to extend this pattern to other platforms

PreviousOverview NextHubSpot

Last updated 1 month ago