Years ago, Timur Ercan paid a few hundred dollars for a two-year SSL certificate. The cert was a random number. The price was gatekeeping dressed up as security. It bothered him then, and it still does. Let's Encrypt eventually solved SSL: free, automated, open. 363 million websites now get certificates for nothing.
He looked at DocuSign and saw the same pattern. One company capturing 70% of a market for something every business has to do. Per-seat fees. Per-envelope fees. Pricing that scales with your usage of basic infrastructure. Documenso is his attempt to do to e-signatures what Let's Encrypt did to SSL.
Founded by Timur Ercan (Co-Founder, CEO) and Lucas Smith (Co-Founder, CTO).
This Week's Breakdown: Documenso
What they do: Open-source electronic signature platform. Send documents for signature, build reusable templates, automate workflows, and embed signing directly inside your own product. Run it on Documenso's cloud, or deploy on your servers with no per-envelope fees on licensed self-hosted tiers. Enterprise customers get SSO, white-label domains, compliance modules (ESIGN, UETA, 21 CFR Part 11, SOC 2, HIPAA), and formal SLAs.
The numbers: ~12,700 GitHub stars. ~2,500 forks. 150+ contributors. 47 tagged releases (v2.9.0, April 2026). ~$1.54M raised (seed, July 2023) from OSS Capital and Prototype Capital, with angels including Calvin French-Owen and Cal.com's Peer Richelsen. Funding rounds and live user metrics are published on their Open Startup page. Team of roughly 4–10 full-time (plus a large contributor network). Profitable per third-party founder databases (not independently audited).
How They Built It
| Layer | Choice | Why |
|---|---|---|
| Frontend | React 18 + React Router v7 | Full signing UI in a modern SPA with fast client-side PDF interactions |
| Server | Hono (TypeScript monorepo via Turborepo) | Lightweight API server; packages split by domain (@documenso/lib, @documenso/trpc) |
| Database | PostgreSQL + Prisma + Kysely | Relational data for documents, teams, audit trails; type-safe queries at scale |
| PDF / Signing | @libpdf/core, pdfjs-dist, @documenso/signing | In-house PDF pipeline; local P12 certs or Google Cloud KMS for production signing |
| Auth | Arctic (OAuth) + WebAuthn passkeys | Social login for individuals; passkeys for passwordless enterprise flows |
| API | tRPC + ts-rest (REST v1/v2) + OpenAPI | Internal speed via tRPC; external SDK generation via Speakeasy TypeScript SDK |
| React Email + Nodemailer | Branded signing invitations and status updates from shared templates | |
| Payments | Stripe | Cloud subscriptions from free tier through Platform ($250/mo) |
| Jobs | Inngest (or local queue) | Async document processing without running your own worker fleet |
| Storage | S3-compatible object storage | PDF uploads and signed artifact retention |
| Hosting | Docker (self-host) + managed cloud | Same codebase; customers choose control vs convenience |
| Integrations | Zapier, webhooks, embedded signing iframe | Platform play: signing inside HR, legal, and vertical SaaS products |
Stack from public GitHub ARCHITECTURE.md, README, and Documenso engineering blog posts.
The Real Story
Timur Ercan is German. He built companies before Documenso and carried a grudge against opaque trust products: SSL certs you could not inspect, priced like secrets. When he looked at e-signatures, DocuSign had roughly 70% market share and a reputation for per-seat pricing that scales faster than usage.
In December 2022 he announced Documenso on LinkedIn: an open-source signing tool because "trust-based products should be built on openness." The repo went public in March 2023. Early traction was developer-led: stars, forks, self-hosters, and contributors who wanted a DocuSign alternative they could audit.
The co-founder match was not a networking event. Lucas Smith, an Australian engineer (Telstra, IBM, Fontis, Upflowy), found the project through an online "code roast" of early Documenso. He joined as CTO in April 2023. Timur has said publicly he would have started even earlier and leaned harder into grassroots open source from day one.
Fundraising followed the OSS playbook: ~$95K, then ~$288K, then a ~$1.54M seed in July 2023 led by OSS Capital (the fund behind commercial open-source companies like Cal.com). Peer Richelsen backed the idea before the name was final. The positioning was never "cheaper DocuSign." It was signing as public infrastructure.
Product Hunt launches in May and November 2023, then again in December 2024 for the Platform plan. Hacker News debated v1.0.0 in late 2023 (skeptics said self-hosted signatures would not hold up in court; defenders pointed out many jurisdictions care about identity verification, not the SaaS brand on the PDF). The team kept shipping: templates, teams, webhooks, Zapier, 21 CFR Part 11, embedded signing (September 2024), API v2 with generated TypeScript SDK, and a three-tier self-hosted license model (Community, Business, Enterprise).
Lucas's 2024 year-in-review post is unusually honest for a startup CTO: growth "may not match typical startup metrics," but compliance and quality were prioritized over blitzscaling. That tradeoff fits a trust product. You do not move fast and break things when general counsel reads your commit log.
The Marketing Playbook: Trust Through Transparency
Documenso does not outspend DocuSign on ads. It out-opens them.
The GitHub flywheel. Every star is a developer who might self-host, embed, or recommend Documenso to a procurement team tired of envelope math. The repo is the top-of-funnel. Issues and PRs are support tickets and feature requests in public.
Open Startup metrics. At documenso.com/open, they publish funding history, team joins, and live charts for users, customers, and completed documents. Timur's advice to OSS founders: people want the "nitty, gritty, dirty actual data," not polished growth stories. For a signing product, radical transparency is marketing that reinforces the product promise.
Compliance pages as SEO and sales. ESIGN, UETA, SOC 2, HIPAA, and 21 CFR Part 11 content targets buyers who search "[regulation] e-signature" before talking to vendors. Legal and ops teams find Documenso when they need auditability, not when they need a prettier button.
Developer-led expansion. The Platform tier ($250/mo billed yearly on cloud) sells unlimited documents, unlimited API access, embedded white-label signing, and Slack integration support. The long-term bet is not individual prosumers. It is HR platforms, legal tech, and vertical SaaS products that embed Documenso instead of building signing from scratch.
How Documenso Makes Money
Cloud (hosted by Documenso):
| Plan | Price | Highlights |
|---|---|---|
| Free | $0 | 5 documents/month, up to 10 recipients |
| Individual | $25/mo ($300/yr) | Unlimited signing for one person, personal API access |
| Team | $40/mo ($480/yr) | 5 users included (+$8/user), 1 team, automation API |
| Platform | $250/mo ($3,000/yr) | Unlimited docs/users, embedded signing, integration support |
| Enterprise | Custom | Advanced compliance, licensing, dedicated support |
Self-hosted:
| Edition | Price | Highlights |
|---|---|---|
| Community (AGPL) | Free | Full core signing; AGPL obligations for network use |
| Business | Fixed yearly license | Enterprise feature set, fair support, no usage caps |
| Enterprise | From ~$30,000/yr | SLAs, roadmap priority, AATL-compliant certs, custom license terms |
The commercial license exists for companies that cannot open-source their modifications or comply with AGPL network-use rules. That is the same dual-license playbook as GitLab, MongoDB, and other COSS companies: open core for adoption, commercial terms for enterprises with legal constraints.
The Global Landscape: Electronic Signatures
Grand View Research puts the global digital signature market at roughly $7 billion in 2025, with aggressive growth forecasts through 2033. DocuSign alone reported $3.22 billion revenue in fiscal year 2026 (8% YoY growth) and $3.27 billion ARR. The category is enormous. The open-source slice is still tiny. But the margin structure (per-seat + envelopes + add-ons) is exactly what COSS challengers attack.
The Big Players (Enterprise Scale)
| Company | Where | Scale | What They Do |
|---|---|---|---|
| DocuSign | US | ~$3.22B revenue (FY26), public (DOCU) | Dominant e-sign + expanding "Intelligent Agreement Management" platform |
| Adobe Acrobat Sign | US | Part of Adobe Document Cloud | E-sign bundled with PDF and Creative Cloud enterprise contracts |
| PandaDoc | US | ~$100M+ ARR (est., private) | Quote-to-close docs, CPQ, and signing for sales teams |
| OneSpan | US | Public, smaller cap | Regulated industries, banking-grade signing |
Documenso is not competing on CLM breadth or DocuSign's IAM suite today. It competes on control: self-host, read the code, embed the API, predictable license cost.
The Mid Players (Funded SaaS)
| Company | Where | Scale | What They Do |
|---|---|---|---|
| Dropbox Sign | US | Part of Dropbox | HelloSign acquisition; SMB-friendly, inside Dropbox ecosystem |
| signNow (airSlate) | US | Private | Workflow + sign at mid-market price points |
| SignWell | US | Bootstrapped / smaller | Simple e-sign for startups and agencies |
| BoldSign | India / US | Zoho ecosystem | Developer-friendly API, competitive pricing |
These tools win on ease and price for teams that do not need self-hosting. Documenso wins when data residency, AGPL, or embedded signing is non-negotiable.
The Small / Open Players (Infrastructure Challengers)
| Company | Where | Scale | What They Do |
|---|---|---|---|
| Documenso | US / remote | ~12.7K GitHub stars, ~$1.5M raised | Full-stack open COSS signing + embed platform |
| DocuSeal | Remote | ~8K+ GitHub stars (est.) | Open-source DocuSign alternative, strong self-host community |
| OpenSign | OSS | Smaller community | AGPL signing server, developer-focused |
| SignServer | EU / OSS | Niche | Certificate and signing server for PKI-heavy setups |
The race among open-source options is about compliance depth, embedding, and enterprise licensing, not just stars.
How We Got Here
| Year | What Happened | Key Event |
|---|---|---|
| 2003 | DocuSign founded | Category creator |
| 2010s | HelloSign, PandaDoc, Adobe Sign scale | E-sign becomes default for SaaS and sales |
| 2019 | Dropbox buys HelloSign for $230M | Consolidation in SMB signing |
| Dec 2022 | Timur announces open-source Documenso | LinkedIn launch post, waitlist |
| Mar 2023 | GitHub repo public | AGPL-3.0, developer discovery begins |
| May–Nov 2023 | Product Hunt launches | Community validation |
| Jul 2023 | ~$1.54M seed | OSS Capital era COSS funding |
| Apr 2023 | Lucas Smith joins as CTO | Co-founder via public code feedback |
| Nov 2023 | v1.0.0 + Hacker News | "Open DocuSign" debate hits front page |
| Sep 2024 | Embedding support ships | Platform strategy: infrastructure, not just app |
| 2025 | Business Edition for self-host | Paid license between CE and Enterprise |
| Apr 2026 | ~12.7K stars, API v2 + TS SDK | Developer GTM matures |
~$7B market, ~$3.2B incumbent. The question is whether signing follows SSL's curve: proprietary lock-in first, then open infrastructure eats the commodity layer.
The Pattern You Can Steal
1. Reframe the category as infrastructure, not software. Timur did not pitch "cheaper envelopes." He pitched signing as a public good that should be inspectable, like TLS. If your incumbent sells trust opaquely, your wedge is transparency plus self-host or embed. The story writes itself.
2. Publish the numbers competitors hide. Documenso's /open page turns funding, hiring, and usage charts into proof of seriousness. For trust products, marketing that says "we have nothing to hide" only works if you actually hide nothing.
3. Let the repo recruit your co-founder. Lucas joined after roasting the code in public. Open development is not just distribution. It is hiring, QA, and founder dating in one channel.
Quick Hits
DocuSeal remains the other major open-source DocuSign alternative, with a strong self-host community and a focus on simple deployment. Worth comparing side by side if you are evaluating OSS signing. GitHub →
DocuSign's IAM pivot (Intelligent Agreement Management) now represents ~11% of ARR as of January 2026. The incumbent is moving upstack into AI and agreement data, which may leave pure signing more vulnerable to commoditization below. FY26 results →
Cal.com's playbook is the explicit template: Peer Richelsen angel-invested in Documenso early, and Timur cites Cal.com as the COSS company shape to emulate (open core, commercial cloud, enterprise license). We covered Hoppscotch as another OSS Capital-backed developer tool play.
What We're Watching
LibPDF and the signing stack. Lucas Smith is publicly involved in libpdf.dev. Owning more of the PDF pipeline in-house reduces dependency on brittle PDF libraries and matters for PAdES-compliant signatures at scale.
Enterprise self-host design partners. The $30k+/year enterprise license (unlimited usage, SLAs, AATL certs) targets teams that want DocuSign-grade guarantees without DocuSign-grade lock-in. Early design partners will shape whether "open signing infrastructure" is a real enterprise category or a developer hobby.
AGPL vs commercial license tension. Community Edition growth can outpace revenue if enterprises self-host without converting to Business or Enterprise licenses. Documenso's dual-license model only works if legal teams actually fear AGPL network clauses. That conversion funnel is the whole COSS business in one metric.
Ship it.
— The FounderSpec Team