Blockchain + eIDAS: Why Both Matter

The best of both worlds

Digital evidence is only as strong as the trust infrastructure behind it. In a world where businesses must prove what existed, when it existed, and that it has not been altered since, choosing the right combination of technologies is not a technical detail, it is a strategic decision with legal, financial, and reputational consequences.

Two technologies have emerged as pillars of digital proof: blockchain anchoring and eIDAS-qualified timestamps. Each is powerful on its own, but each also has blind spots that the other fills perfectly. The combination of both creates the strongest form of digital evidence available today, and this is exactly where Anchorify operates.

This article explains why neither technology is sufficient alone, and why their combination delivers a level of trust, legal standing, and resilience that no single approach can match.

Why blockchain alone is not enough

Blockchain technology has revolutionized our ability to create immutable, decentralized records. By anchoring a cryptographic hash on a public blockchain, you establish that a specific piece of data existed at the time of the transaction. The record cannot be altered, deleted, or backdated. This is a genuine breakthrough.

However, when it comes to legal proceedings and regulatory compliance, blockchain alone presents significant limitations that organizations must understand.

No automatic legal presumption

In the European legal framework, an eIDAS-qualified timestamp benefits from a legal presumption of accuracy under Article 41 of Regulation (EU) No 910/2014. This means a court must presume that the date and time indicated are correct, and that the data was intact at that moment. The burden of proof falls on the party challenging the timestamp.

Blockchain anchoring, by contrast, enjoys no such automatic presumption. While the Marseille court ruling of March 2025 was a landmark decision, recognizing blockchain timestamping as legitimate evidence of copyright ownership, it remains an imperfect proof in legal terms. A blockchain anchor is treated as an element of evidence that the judge must evaluate, weighing it alongside other factors. It does not carry the same automatic weight that a qualified electronic timestamp does under EU law.

No standardized regulatory framework

There is no pan-European regulation that specifically governs the evidentiary value of blockchain anchoring. The eIDAS Regulation establishes clear rules for electronic signatures, seals, and timestamps, but it does not address blockchain as a trust mechanism. This means:

• No harmonized standards across EU member states for blockchain-based evidence
• No mutual recognition obligation, a blockchain proof accepted in France may be questioned in Germany or Italy
• No accreditation framework for blockchain anchoring services, unlike the formal supervision of Qualified Trust Service Providers (QTSPs)
• Legal outcomes depend heavily on national case law, which is still evolving

Depends on judicial expertise

When blockchain evidence is presented in court, its assessment depends on the judge's understanding of the technology. A judge unfamiliar with Merkle trees, hash functions, or blockchain consensus mechanisms may struggle to evaluate the reliability of the evidence. This introduces variability: the same evidence may be assessed differently depending on the court, the judge, and the jurisdiction.

Furthermore, while blockchain proves that data was included in a transaction, proving the exact time is more nuanced. Block timestamps are set by miners or validators, not by a regulated authority. They can vary by several minutes, and different blockchains have different timestamp granularity and accuracy guarantees. Without a trusted, independently certified timestamp, the precise moment of notarization can be debated.

Why eIDAS alone is not enough

The eIDAS framework provides an excellent foundation for legal certainty. Qualified timestamps issued by accredited Trust Service Providers (QTSPs) carry legal presumption across all 27 EU member states. They are standardized, audited, and supervised. So why not rely exclusively on eIDAS?

No distributed immutability

An eIDAS-qualified timestamp is essentially a signed assertion by a trusted third party that a particular data hash existed at a given time. The integrity of this assertion depends entirely on the Trust Service Provider that issued it, their infrastructure, their key management, their operational continuity.

Unlike blockchain, there is no distributed network of independent nodes verifying and preserving the record. The timestamp token is a cryptographic object, but it is not replicated across thousands of nodes worldwide. If the TSA's signing certificate is compromised, revoked, or expires without proper archival procedures, the long-term verifiability of the timestamp could be affected.

Blockchain provides a fundamentally different trust model: the record exists on thousands of independent nodes, maintained by diverse participants with no single point of control. No entity, not even the blockchain's creators, can alter or delete a confirmed transaction.

Single point of failure

What happens if a QTSP goes out of business? While eIDAS regulations require transition plans and key escrow arrangements, the practical reality is that centralized providers can disappear. Verification of old timestamps may become difficult or impossible if the provider's infrastructure is decommissioned, if certificate chains are broken, or if archival systems are not properly maintained by a successor entity.

With blockchain anchoring, the proof persists as long as the blockchain itself exists. Public blockchains like Bitcoin and Ethereum are maintained by vast, decentralized networks with strong economic incentives for continuity. The proof does not depend on any single organization's survival.

Additionally, eIDAS timestamps operate within a centralized trust model. You must trust the QTSP, the supervisory body, and the entire chain of authority. While this trust is well-founded for legal purposes, it lacks the independent verifiability that blockchain provides. Anyone with access to the blockchain can independently verify an anchored proof, no trusted third party required.

The winning combination: blockchain + eIDAS

The limitations of each technology are precisely complementary. Where blockchain is weak, legal presumption, regulatory recognition, standardization, eIDAS is strong. Where eIDAS is weak, decentralization, immutability, independent verification, blockchain excels. Together, they create an evidence framework that is greater than the sum of its parts.

What blockchain brings to the combination

• Immutability: once anchored, the proof cannot be altered or deleted by anyone, including Anchorify itself. The record is permanent and tamper-proof.
• Decentralization: the proof is replicated across thousands of independent nodes worldwide. No single entity controls or can revoke the evidence.
• Independent verification: anyone can verify the proof using open-source tools and public blockchain data. No subscription, no account, no trusted third party needed.
• Multi-jurisdictional resilience: public blockchains operate across all borders. The evidence is not tied to any specific country's infrastructure or legal framework.
• Long-term persistence: as long as the blockchain exists and is maintained by its network, the proof endures, potentially for decades or longer.

What eIDAS brings to the combination

• Legal presumption: under Article 41 of the eIDAS Regulation, a qualified timestamp enjoys the presumption of accuracy. Courts across the EU must accept it as evidence without requiring the presenting party to prove its reliability.
• Regulatory framework: eIDAS provides a clear, harmonized legal basis recognized across all EU member states. There is no ambiguity about the legal standing of a qualified timestamp.
• Pan-European mutual recognition: a qualified timestamp issued in any EU member state must be recognized as such in all other member states. This is guaranteed by law, not dependent on case-by-case judicial assessment.
• Compliance and audit readiness: for industries subject to regulatory requirements, financial services, healthcare, intellectual property, public procurement, eIDAS-qualified timestamps provide the documented, auditable compliance evidence that regulators expect.
• Precise, certified time: the timestamp is issued by an accredited authority using a traceable time source, providing the exact moment of notarization with regulatory-grade precision.

Together, blockchain and eIDAS create the strongest possible digital evidence: an immutable, decentralized, independently verifiable record that also carries automatic legal presumption and pan-European regulatory recognition. This is not incremental improvement, it is a qualitative leap in the reliability and standing of digital proof.

This dual approach is Anchorify's core differentiator. While other platforms offer blockchain anchoring alone or simple timestamping, Anchorify systematically combines both to deliver evidence that holds up in court, satisfies regulators, and resists the test of time.

The chain of trust

Understanding how the two technologies work together in practice helps appreciate why the combination is so powerful. Here is how Anchorify constructs the complete chain of trust:

1. Hash submission: you generate a cryptographic hash (SHA-256, SHA-384, or SHA-512) of your document or data locally. The original data never leaves your infrastructure. Only the hash, a fixed-length digital fingerprint, is sent to Anchorify.
2. Merkle tree aggregation: Anchorify batches multiple hashes into a Merkle tree, a cryptographic structure where each hash can be independently verified against a single root hash. This enables efficient anchoring of thousands of proofs in a single blockchain transaction.
3. Blockchain anchoring: the Merkle root is anchored on one or more public blockchains (depending on your plan). This creates an immutable, decentralized record that the root hash, and therefore all individual hashes in the tree, existed at this point in time.
4. Qualified timestamp (Enterprise plan): an eIDAS-qualified timestamp is obtained from an accredited Trust Service Provider. The hash submitted by the client is individually timestamped, and the Merkle root is also timestamped once the accumulator is sealed. Each timestamp certifies the exact moment with legal presumption.
5. Complete proof bundle: the result is a signed proof document containing all cryptographic evidence: the original hash, the Merkle path, the blockchain transaction reference, and the qualified timestamp token. This bundle is self-contained, anyone can verify it independently.

At every step, the cryptographic link is unbreakable. Altering any element, the original data, the hash, the Merkle path, or the timestamp, would produce a detectable inconsistency. The proof is verifiable from end to end, by any party, at any time, without relying on Anchorify or any third party.

Practical implications for businesses

The combination of blockchain anchoring and eIDAS-qualified timestamps has concrete implications for organizations operating in regulated environments or needing to protect their interests:

• Intellectual property protection: establish priority of creation for designs, software, trade secrets, or creative works. The dual proof provides both the immutable record (blockchain) and the legally presumed date (eIDAS), essential for copyright disputes, patent prior art claims, or trade secret litigation.
• Regulatory compliance: industries such as financial services (MiFID II record-keeping), healthcare (clinical trial data integrity), and public procurement (bid submission timestamps) require evidence that meets specific legal standards. The eIDAS component ensures compliance, while blockchain adds a layer of integrity that regulators increasingly recognize.
• Contract and agreement management: prove that a contract version, terms of service acceptance, or consent form existed at a specific moment. In disputes, the combined proof eliminates ambiguity about timing and content.
• Audit trails and internal governance: notarize critical business events, configuration changes, access log snapshots, policy updates, with evidence that cannot be challenged on technical grounds (blockchain immutability) or legal grounds (eIDAS presumption).
• Cross-border operations: for organizations operating across EU member states, the combination ensures that evidence is recognized uniformly. The eIDAS mutual recognition obligation eliminates country-by-country legal uncertainty, while blockchain provides jurisdiction-independent verification.

The question is no longer whether digital evidence needs blockchain or eIDAS. The answer is clear: it needs both. Organizations that rely on only one technology accept unnecessary risk, either legal vulnerability (blockchain only) or infrastructure dependency (eIDAS only). The combination eliminates both risks.

Anchorify was built from the ground up to deliver this combined approach. Every proof created on the platform benefits from blockchain's immutability and decentralization, and Enterprise customers add the legal certainty of eIDAS-qualified timestamps. The result is digital evidence designed to withstand technical scrutiny, legal challenge, and the test of time.