A controlled signing workflow for final legal documents.

Legal drafting often gets attention while execution is treated as administration. That is a mistake. The signing step can invalidate the work if the wrong version is uploaded, a signer role is assumed, attachments are missing, or the email goes out with the unsigned draft still attached.

A document is not "done" because it reads well. It is done when the right file has been signed by the right person, with the right attachments, and the trail has been kept.

The workflow therefore treats execution as a separate legal-control problem. A document cannot move just because it reads well. It must be the intended final file, carry the correct reference and date, have known signer authority, and leave behind a record that can be checked later.

The workflow starts with a finality gate: correct source path, intended PDF or DOCX, no unresolved comments or track changes unless deliberately retained, correct date and references, complete attachments, and known signer or seal authority. Only then does the system decide whether the document should use an existing signing template, a one-off uploaded document, or a manual setup path.

The technical point is separation of concerns. The drafting system should not pretend a document is ready for execution. The execution workflow should not redraft the document. It should inspect readiness, create the signing route, record the submission, and capture the completed file and audit trail before any email handoff.

The execution record tracks what matters for later reconstruction: the source file used, the route chosen, the signer role, whether platform emails were sent, the submission status, the signed output, and the audit trail. The record is not decorative - it is what prevents a final signed document from becoming detached from the file and decision that produced it.

Email handoff is treated as part of the same control surface. If a signed document is meant to be sent onward, the old draft attachment must be replaced, the email body must still match the final attachment list, and the generated signing output must be attached before dispatch.

The next useful version would make review states more explicit: draft-ready, execution-ready, sent for signature, completed, and dispatched. The danger is making execution feel automatic when it is still a legal act. The better aim is a system that makes the reviewer pause at exactly the points where legal responsibility attaches.

The signing infrastructure is self-hosted because final execution shouldn't sit behind someone else's product. The architecture is the public view; the implementation stays inside the firm.