LLSmartVerify

The LLSmartVerify Framework is an integrated, end-to-end framework designed to secure Mac forensic evidence, automate collection documentation, and provide decentralized, public proof of evidence integrity. It moves the digital forensics paradigm away from Circular Trust (relying on editable local files) to Decentralized Truth (relying on an immutable public witness).

The ecosystem is comprised of four integrated components:

  1. πŸš€ LLIMAGER 6.0: The high-speed, native imaging engine for Apple Silicon.
  2. πŸ“± The Mobile Companion App: Automated, multivariate data capture and field verification.
  3. πŸ”— The Public Ledger: The blockchain-anchored Smart Contract providing immutable validation.
  4. 🌐 The LLSmartVerify Portal (llsmartverify.llimager.com): The centralized command center for license, case, and evidence management.


One Examiner  - One or More Licenses
  • Purchase  LLIMAGER licenses and obtain serial numbers;
  • After LLIMAGER licenses have been provisioned, purchase "One Year LLSmartVerify Subscription for a maximum of 10 LLIMAGER licenses and 40 blockchain anchor credits." Enter current LLIMAGER SNs and email address to be used as the LLSmartVerify (llsmartverify.llimager.com) portal admin account;
  • Your license(s) will be configured in LLSmartVerify and you will be set up on the portal as a user and receive an email notification to change your password;
  • Login to the LLSmartVerify portal and set up 2FA;
  • AFTER receiving the notification and setting up the account, download the LLIMAGER Mobile Companion app (search for "llimager" in app store)
  • Run the LLIMAGER Mobile app and sign in to make sure you can login; and
  • You are on-boarded and ready

Multi-Examiners - Multi-Licenses

  • Purchase LLIMAGER licenses and obtain serial numbers;
  • After LLIMAGER licenses have been provisioned, purchase  a One Year LLSmartVerify Subscription. Enter current LLIMAGER SNs and email address to be used as the LLSmartVerify (llsmartverify.llimager.com) company portal admin account;
  • Your license(s) will be configured in LLSmartVerify and you will be set up on the portal as a user and receive an email notification to change your password;
  • Login to the LLSmartVerify portal and set up 2FA;
  • AFTER receiving the notification and setting up the account, download the LLIMAGER Mobile Companion app (search for "llimager" in app store);
  • As company admin, login to LLSmartVerify and create standard user accounts which will generate email invitations for users to onboard.
  • As company admin, assign users to LLIMAGER licenses

The Mobile App facilitates two critical workflows within the ecosystem:

  • Workflow A: Input (Automated Documentation): The app virtually eliminates manual documentation by the examiner. During acquisition, it captures a "Digital Snapshot of the Moment"—including πŸ“ GPS location, πŸ•’ carrier-synced time, Case ID, and πŸ“± Phone ID. This data is seamlessly embedded into the unique QR-Sealed Acquisition Log (PDF).

  • Workflow B: Audit (Universal Validation): Anyone in the legal chain (examiners, 3rd-party experts, or opposing counsel) can utilize the app to scan the QR code on an acquisition log to receive immediate, cryptographic confirmation from the public ledger that the collection log is authentic and unaltered.
For strict security and evidence handling compliance, the Public Ledger and the LLSmartVerify Portal NEVER STORE OR MAINTAIN the actual forensic images. The portal and the ledger only store the immutable cryptographic metadata and the salt-hashes derived from the acquisition logs, never the sensitive data itself.
We use a strict distinction between the Portal and the Public Ledger:
  • The LLSmartVerify Portal maintains the corroborated log data on an Encrypted Database. The portal uses this clear text data to calculate the unique SALT-HASH fingerprint.

  • The Public Ledger (Blockchain Smart Contract) stores ONLY the derived, salt-hashed cryptographic fingerprint. The only additional data sent to the public ledger is the πŸ“… Date of Acquisition and the Hash Value of the Device. It never stores personally identifiable or case-sensitive clear text.
Yes. We designed the ecosystem's data architecture with GDPR and data privacy in mind. Because we never store personally identifiable clear text data on the decentralized public ledger, we maintain strict adherence to data sovereignty rules.
The standard data anchoring transaction sends only three non-sensitive points to the public ledger:

  1. The unique cryptographic SALT-HASH fingerprint of the QR-Sealed Acquisition Log.
  2. The πŸ“… Date of Acquisition.
  3. The unique Hash Value of the Device.
Anchoring credits are the prepaid currency required to generate an immutable proof (Smart Contract transaction) on the Public Ledger. Every successful acquisition that generates a salt-hash anchored to the blockchain utilizes one anchoring credit. Enrollment in the paid LLSmartVerify Framework includes a starting bundle of anchoring credits (e.g., 40 credits).
The LLSmartVerify Portal (llsmartverify.llimager.com) is the centralized nerve center for managing distributed teams and multiple licenses. Available only after framework purchase, it allows managers and administrators to:

  • Centralized Enterprise License Management: Deploy, monitor, and audit all active LLIMAGER licenses across your distributed teams from a single pane of glass.
  • Case & Evidence Nexus: Organize collections into secured cases and maintain an automated audit trail of images, logs, and associated smart contracts.
  • Reporting: Generate unified performance/compliance reports across all your collection operations.
No. You can continue to utilize LLIMAGER 6.0 as a standalone, high-speed Mac imager if you have an active subscription. However, using it in standalone mode will not provide the benefits of Automated multivariate documentation (captured by the app), Blockchain Anchoring (enabled by the portal), or Universal Public Validation (enabled by the complete ecosystem).
This is a major breakthrough for examiner efficiency. The foundational COC event is the immutable, non-repudiable moment that an item of evidence is collected and secured. 

LLSmartVerify automates this entire process:

  1. The examiner starts the acquisition.
  2. The Mobile Companion App automatically and instantly captures πŸ“ GPS location, πŸ•’ carrier-synced time, Case ID, πŸ“± the collecting Phone ID, and πŸ’» the Mac Serial Number. This multivariate data is embedded directly into the non-editable QR-Sealed Acquisition Log (PDF).
  3. The portal immediately salt-hashes this log and anchors the fingerprint to the public ledger as an immutable smart contract.
This entire foundational event—the unique signature of the moment the evidence was collected—is recorded and globally witnessed without the examiner writing a single word of documentation, creating an instantly defensible, globally verifiable Chain of Custody record.
Yes. Disseminating the official, legal Certificate of Authenticity (COA) is a core function controlled at the LLSmartVerify Portal level (llsmartverify.llimager.com), ensuring a complete audit trail.

  1. Validation Check (The App): The Mobile Companion App is used to perform the initial validation. The examiner, stakeholder, or public user scans the QR-Sealed log and the app confirms the data matches the blockchain-anchored smart contract.
  2. COA Dissemination (The Portal): The administrative user—such as a case manager or lead examiner—then accesses the portal. The portal, now aware of the validation event, allows the authorized user to generate the formal, secured Certificate of Authenticity (COA) PDF.
🚨 OPERATIONAL & AUDIT BENEFIT: The authorized user can then immediately email this formal COA PDF directly from the portal nexus. The portal’s case management database records who generated the COA, who it was emailed to, and when, providing a complete audit trail of the document's dissemination.
The LLSmartVerify Portal serves as your centralized Enterprise Command Center for team and license administration. Company Administrators have granular control over their distributed fleet:
  • View Available Fleet: Administrators can view all active and available LLIMAGER licenses across the organization.
  • Assign/Reassign Users: Administrators can effortlessly create standard user profiles for examiners, investigators, or e-Discovery collection specialists.
  • Dynamic Matching: They can dynamically assign or reassign these users to specific active LLIMAGER licenses as case needs shift. This allows for rapid scaling of teams or restructuring of collection squads without complex IT tickets.
Yes. We designed the portal architecture specifically for large, matrixed organizations. You can structured your organization into distinct Offices, Regions, or Practices within the portal.
Company Administrators can then:
  • Allocate Licenses to Offices: Assign specific batches of LLIMAGER licenses to the "Miami Forensic Lab," the "New York e-Discovery Practice," or the "EMEA Cyber Threat Intel Team."
  • Regional Autonomy: This allows regional managers to administer their own assigned pool of licenses and users while the Global Administrator maintains centralized visibility and audit capability over the entire fleet.
Budget and spend management are controlled directly within the LLSmartVerify Portal.

Administrators can monitor the real-time anchoring credit balance for the entire organization (or break it down by office/region). When the balance runs low:
  • Direct Purchase: Administrators can purchase additional anchoring credits directly through the portal’s secure management interface.

  • Usage Forecasting: The portal provides basic reporting on the 'burn rate' of credits across your teams, allowing for accurate forecasting and budget planning.
Our architecture maintains a rigid separation between immutable, decentralized proof of integrity and private, corporate-administered matter status.
  1. Case-Based Application (The Portal): An authorized administrative user (Case Manager/Admin) in the LLSmartVerify Portal flags an entire Case ID as being under an active Litigation Hold. This action is applied to all linked transactions and is only visible within your secure corporate portal instance.
  2. Verification Behavior (The Portal Control): The Litigation Hold status is controlled and communicated only by the LLSmartVerify Portal.
    • When an authorized user (case manager, internal legal team) validates an image, the portal will immediately display a red 'LITIGATION HOLD ACTIVE' alert alongside the decentralized integrity proof.
    • 🚨 CRITICAL ARCHITECTURAL DISTINCTION: This sensitive administrative status IS NEVER SENT TO THE PUBLIC LEDGER. The blockchain smart contract remains pristine, storing only the immutable salt-hash of the log and the timestamp. The public ledger does not know, and should not store, the litigation status of a private legal matter, maintaining strict privacy and regulatory compliance.
We engineered the LLSmartVerify Portal to handle the complex, hierarchical needs of large organizations using delegated administration.
  • Hierarchy established by Company Admins: Your designated Company Administrators hold the master control. Within the portal nexus, they have the authority to define specific Groups (e.g., "Precinct 1 Cyber Squad," "EMEA D&A Team," or "Western Region Collections").
  • Delegated Authority (The Group Admin): The Company Administrator then creates specific Group Administrator profiles and assigns them to one (or more) of these groups.
Operational Scope of the Group Admin:

The Group Administrator is empowered within their assigned cohort. When they log into the portal, their visibility, control, and Reporting capabilities are strictly scoped to the activities, licenses, standard users, and collection events that occurred within their specific assigned group.

This allows regional or divisional managers to monitor anchoring credit burn, and generate compliance reports for their region autonomously.
e-Forensics (e-forensicsinc.com)
Copyright Β© 2026 All rights reserved