Why This Work Mattered
Generative AI broke the implicit trust contract between writers and their readers.
For most of history, if someone submitted an essay, a report, or an article, you could assume a human wrote it.
That assumption no longer holds.
The dominant response has been AI detection — classifiers that try to determine whether text was machine-generated. Detection is the wrong framing. It is probabilistic, produces false positives, and degrades as models improve. A student who wrote their own essay can be flagged. A journalist with a genuine scoop can be accused of fabrication.
Detection treats the writer as a suspect.
The right question is not "did a human write this?" — it is "can this person prove they wrote this?" Proof is binary. Detection is probabilistic.
Scripli is the answer to the second question. I built the full product — Fastify REST API, Next.js web application, browser telemetry SDK, Chrome extension, multi-tenant institutional platform, billing, and public verification infrastructure — solo, from scratch.
Systems I Built
The Writing Session SDK
The core of Scripli is a browser SDK that captures process evidence — not content.
It ships as a standalone JavaScript package (ESM and CJS) and as a React Native module, designed to integrate into any editor environment. It is also wrapped into a Chrome extension that works inside Google Docs.
The SDK records only metadata: timing patterns, revision behavior, session events, and client-side document state signals. No text is ever transmitted. A technically sophisticated user can confirm this independently.
That meant solving for a hard constraint from day one: the SDK needed to be meaningful enough to distinguish real human sessions from automated or copy-pasted submissions, without ever touching the words.
Human Authenticity Certificates
After a writing session closes, Scripli analyzes the session evidence and issues a Human Authenticity Certificate — a cryptographically signed, tamper-evident record that the session occurred.
The full pipeline covers session analysis, certificate issuance, cryptographic signing, PDF generation, and public verification.
Each certificate maps to a public verification page anyone can check without an account. A professor, an editor, a hiring manager can verify without treating Scripli as a trusted intermediary.
The certificate also supports optional Bitcoin timestamp anchoring through OpenTimestamps, proving the session's existence against a public, immutable record independent of the Scripli platform. Revocation is supported as a first-class feature — certificates can be revoked with a visible reason, and verification pages always reflect current status.
Institutional Platform
Individual writers are one side of the market. The larger opportunity is institutions.
I built a full multi-tenant platform for universities, companies, and educational providers. Every resource is scoped to an institution from day one: users, documents, sessions, certificates, courses, and assignments.
Instructors can create courses, assign writing sessions to students, and view class-wide analysis. Students can manage documents, track their history, and download certificates.
I also built a defense request workflow for students accused of AI-generated writing. The student can submit writing evidence as part of a formal appeal — the session record and certificate become the argument.
Privacy as Architecture
Most platforms make privacy a policy choice. A policy can change. An architecture cannot.
Scripli is designed so no document text can be transmitted or stored — not because of a rule, but because the system provides no path for it. The client computes one-way representations of document state and sends only those.
This constraint eliminated a large class of simpler implementations and raised the difficulty of certain analyses. I chose it anyway because the platform's credibility depends on the guarantee being independently verifiable, not just stated.
LMS Integration and Distribution
Institutions already have learning management systems.
LTI 1.3 support lets Scripli launch directly from Canvas, Moodle, or any standards-compliant LMS. An instructor creates an assignment in their LMS, students click through and land in a Scripli session scoped to that assignment, and the session record links back to the original assignment context.
That mattered because adoption inside institutions depends on reducing friction for instructors. A platform that requires a separate login workflow for every assignment will not be assigned.
I also built Wrapped — an annual writing year-in-review that summarizes a writer's session history, behavioral patterns, and certificate record — and a writing fingerprint view that gives writers a personal behavioral profile across sessions.
Billing and Platform Operations
Scripli runs as a live commercial product.
Stripe powers subscription billing with a founding member tier, webhook handling for subscription lifecycle events, and a billing dashboard inside the web app.
The operational infrastructure includes an async job queue for certificate issuance, data retention policies configurable per institution, weekly digest emails for instructors, demo environment cleanup, and a super-admin analytics dashboard.
Engineering Impact
The measurable impact of building Scripli is the product itself — a live, commercially operating platform that did not exist before.
Zero document content is stored anywhere in the system. That is not a policy claim — it is an architectural fact any developer can verify by reading the data model. No essay text in any database table, log line, or storage object.
The certificate pipeline issues cryptographically signed, publicly verifiable records with Bitcoin timestamp anchoring. A certificate issued today is checkable without Scripli being online.
The institutional platform serves both ends of the market from a single shared data model. Session records that belong to an individual writer also feed into instructor dashboards, course-level analysis, and institution-wide reporting without a separate data pipeline.
Built solo. Deployed to production. Running at scripli.com.
What Building This Taught Me
Proof Is Harder Than Detection
Every AI detection product has the same architecture: input text, output probability.
Proof is a harder problem because it requires building infrastructure around the absence of something — the content — rather than its presence.
You cannot analyze what you do not have. That meant building a different kind of signal, one that is meaningful without revealing the document.
Getting that right required thinking carefully about what actually distinguishes a human writing session from an automated one, and making sure the answer was legible to a third party who was not in the room.
Trust Is Infrastructure
Scripli is not primarily a writing tool.
It is trust infrastructure for a world where the default assumption about text has changed.
The certificate is the product. But what makes the certificate valuable is not the platform — it is that the platform can be verified independently, that the signatures can be checked, that the privacy guarantee can be confirmed.
Building for trust means every layer of the system has to be defensible.
Not just secure. Defensible.
A user should be able to understand why their data is safe — not just be told it is.
Friction Is a Design Failure
The hardest part of building Scripli was not the cryptography, the SDK, or the multi-tenancy.
It was making the path from "I need to prove I wrote this" to "I have a certificate I can share" as short as possible.
Every extra step is a student who gives up. Every extra login prompt is an instructor who does not assign it.
That meant building the LTI integration, the Chrome extension, the shareable verification link, and the defense request workflow — all designed to shrink the distance between need and proof.
Platform Scale
Scripli is live at scripli.com.
The platform serves both individual writers and institutions. Individual writers get a fast path: write in the built-in editor, get a certificate, share it. Institutions get the full platform: courses, assignments, class-wide session analysis, student management, LMS integration via LTI 1.3, and per-institution data isolation with configurable retention policies.
The browser SDK ships as ESM and CJS packages, embeddable in any editor environment. The Chrome extension brings session recording to Google Docs. LTI 1.3 connects Scripli to Canvas, Moodle, and any standards-compliant LMS without requiring a separate login flow.
Certificates are verifiable by anyone, without an account. Bitcoin timestamp anchoring via OpenTimestamps is available for certificates that need provenance independent of the Scripli platform itself.
Organic reach across 7 countries: Kenya, Nigeria, Georgia, South Africa, the United States, Australia, and Germany.
How I Think
The right framing for Scripli is not "AI detection, but better."
It is "authorship infrastructure for a world that has lost its default assumptions."
That reframing changes what you build.
Detection asks: is this AI?
Proof asks: can you show that it was not?
The answer to the second question requires building a system that records trustworthy evidence, seals it cryptographically, makes it publicly verifiable, and does none of that at the cost of the writer's privacy.
That is what Scripli is.