🔶 PROVISIONAL — grounded in DRAFT legal documents pending Vicente LLP execution + founder sign-off. Source: Seal Credential Terms v1.0 (draft) and MVA v2.0 (pre-counsel draft). Binding on execution.
Owner: Ayisha (Compliance) + Jonathan (Founder) · Department: Compliance/Executive · Status: Draft (provisional) · Version: 0.1
Effective Date: on execution · Last Reviewed: 2026-06-13 · Next Review Date: on Vicente LLP opinion
Source of Truth: Seal Credential Terms v1.0; MVA §4.7 · Maturity: 3 (Usable)
The authoritative description of the HempDash Compliance Seal. Every page that mentions the Seal, a credential, verification, or a compliance badge must conform to this doctrine. Inherits from the Authority Boundary and Operating Model.
A verifiable records-on-file attestation — an Ed25519-signed JWT issued by HempDash to a vendor whose documents met HempDash's platform standards as of the issuance date (Seal Terms §1). Two tiers:
/verify-on-file/[vendor-id]): required documents are on file and unexpired. No content review./verify-compliance/[vendor-id]): additionally passed a structured review of COA content against the §300.301 schema (cannabinoid profile, MoU, heavy metals, pesticides, microbials, residual solvents).The Seal must never be described as a certification, guarantee, approval, safety endorsement, or regulatory authorization. Specifically it is NOT (Seal Terms §2):
Free tier: current ISO/IEC 17025 COA per product dated within 9 months (or shorter if law requires); copies of required state hemp licenses/permits; certificates of insurance per the MVA. Premium tier: all Free-tier requirements + pass the structured §300.301 COA review. Issuance is at HempDash's sole discretion; submission does not guarantee issuance (§3.4).
Automatic, without advance notice: a required COA expires and no compliant replacement is filed within 5 business days; a required license lapses/is suspended/revoked; required insurance lapses (5-day cure); or HempDash learns of an active DSHS/regulatory enforcement action against the vendor. Discretionary: credible third-party safety/compliance complaint pending investigation; material document discrepancy; or material breach of the MVA.
Permanent revocation if: a regulatory enforcement action results in license revocation or a consent order finding a material violation; documents submitted for issuance were fraudulent or materially false; or the MVA is terminated.
HempDash updates the status at the verification endpoint, removes the Seal badge from the vendor's listings, and (on revocation) drops the account to the Documents-on-File tier. Previously issued JWTs remain cryptographically verifiable via JWKS but the verification endpoint reflects the suspended/revoked status. HempDash does not retroactively invalidate signatures.
A Seal tells a consumer that the vendor gave HempDash the required documents (and, at Premium, that those COAs passed a structured schema review) as of a date. It does not tell a consumer the product is safe, legal, or government-approved. Third parties rely on the Seal at their own risk and have no direct claim against HempDash (Seal Terms §6.4).
The vendor may not represent the Seal as government-issued or as a guarantee of regulatory compliance, and may not assert the Seal as a defense to any enforcement action (Seal Terms §6.3; MVA §4.7.5). The vendor retains sole, independent compliance responsibility.
Cryptographic: validate the JWT against the public JWKS at /.well-known/jwks.json and check exp. Live status: query the verification endpoint (signature ≠ current status). See Seal architecture.
Vendor may dispute a suspension/revocation/denial within 10 business days to compliance@gethempdash.com; HempDash responds within 15. HempDash is final on platform-standard questions, not on regulatory questions. Favorable resolution → reinstatement within 5 business days.
Operating Model · Authority Boundary · Operational Vocabulary · Seal architecture · Seal Revocation playbook · Home