Signed vs. Unsigned: The Difference That Changes Everything

Take the same digital artifact. Look at it twice. The first time, it is unsigned. The second time, the same content is wrapped in a small cryptographic record — a fingerprint of the bytes, a key identifying the author, a timestamp, a few hundred bytes of math. The two files look almost identical when you open them. Their operational behavior in the world is binary different.

First pair: a spreadsheet. Unsigned, any cell can change without trace; if the recipient claims a different total, both sides have a valid file and no way to determine which is original. Signed, any cell change breaks the seal; the recipient can verify what was sent without cooperation from the sender. The difference is not that the data became unmodifiable — it remains modifiable; people remain free to edit. The difference is that modifications are now detectable, in math, by anyone, offline.

Second pair: a contract. Unsigned PDF — editable, deniable, drift over email threads, alternate versions on each side's laptop. Signed — amount, parties, dates locked into a fingerprint; any modification detectable; "my version was different" stops being a defense. The contract still negotiates the same terms. The difference is what happens six months later when one side claims something the other side didn't agree to.

Third pair: a research paper. Unsigned — who wrote which section is reconstructed from chat logs, dim memory, and the supervisor's recollection. Signed per-contribution — every section's authorship and timing is mathematically settled; every dataset's collector is named on-record at the moment of collection; every figure's generation is signed at the moment the script ran. Authorship disputes that today take months to escalate and rarely resolve cleanly become arithmetic.

The cost of the difference, in each pair, is asymmetric. The signature itself is small — a few hundred bytes of math. The operational difference, in dispute resolution, is enormous: weeks of legal fees vs. minutes of verification; chart-review FTE vs. automated audit; unrecoverable disagreements vs. closed disagreements. The bytes are tiny. The blast radius the bytes prevent is large.

Why the bytes look almost identical. The signature is a small JSON sidecar or a header field; it doesn't change the content of the artifact. You can read the spreadsheet the same way. You can print the contract the same way. The recipient sees the same words and numbers. The difference is not in what the artifact says — it's in whether the artifact can prove what it says, when asked, by anyone, without depending on you to be available.

The choice is binary. The cost gap is enormous. Signing is rapidly becoming the operational default in any context where the artifact actually matters six months after it's created. Don't lose sleep about which features your tools have — ask whether they sign. The features come and go. The signature is what survives.