Multi-party actions coordinated by email. Proved by git.
Live at https://git-done.com.
A free tool for running workflows and gathering signatures entirely over email. Every reply is cryptographically verified, stamped against Bitcoin, and committed to a permanent public record. No accounts. No passwords. No apps to install. If gitdone disappears tomorrow, every record still verifies — forever.
"Legal reviews the contract, then design mocks it up, then the exec team signs off." Create an event with those three steps, put each person's email in, add deadlines if you want, decide who waits for whom. Each person gets a reply address they respond to from their normal inbox. gitdone watches for their replies, verifies they really came from the person they claim to come from, and moves the workflow forward. You see progress in your own inbox and on a dashboard.
Works for any order — ordered chain, parallel, or a mix ("step 3 happens after both step 1 and step 2 are in"). Deadlines are optional per step. Reminders are one email away.
Two modes, depending on what you need:
- A single signed record. One person you name replies, and that reply becomes a permanent cryptographic record you can point anyone at. Good for: witness statements, sign-offs, single approvals.
- A crowd-sourced attestation. Share one reply address publicly (social post, QR code, mass email). Anyone who replies counts toward a threshold you set. Good for: petitions, polls of known signers, witness lists, community statements. You choose whether duplicates count as one or many.
They get an email. They reply. That's the whole experience.
No account to make. No link to click. No app to install. No password. If they reply from their own email address, gitdone can cryptographically prove it came from them. You (the organizer) get a copy in your inbox with every attachment intact.
- It outlives the service. Every record is a git repository plus an offline verifier tool. If gitdone-the-website dies, the records still exist on your disk, and anyone can check they're real without any gitdone server. Most online tools go away with the company; these don't.
- You own the evidence. The full audit trail — every reply, every cryptographic signature, every timestamp — lands in your inbox and in a repository you control.
- Nothing to install. Participants never sign up for anything, never install anything, never read terms of service. They reply to an email.
- No tracking. gitdone doesn't watch your activity, doesn't build a profile, doesn't sell anything. No ads. No analytics. No up-sell. The business model is that there is no business model.
- Vendor sign-offs, contract approvals, campaign launches — anything where several people have to say "yes" in order, and you want proof.
- Petitions and attestations — when you need N real people to put their names to something, with proof it was them.
- Release gates, change requests, board resolutions — anywhere a paper trail would be useful but a full CRM is overkill.
- Legal, compliance, or audit-adjacent work where the evidence has to survive the tool that collected it.
- Anything that needs a rich form — gitdone asks for short replies, not structured data.
- Chat. It's not a chat app.
- Anything that needs recipients who can't receive verified email (SMS-only, address-book-only, etc.).
- Open https://git-done.com
- Pick Event (workflow) or Crypto (signature).
- Fill in names, emails, deadlines.
- Review the preview. Confirm.
- Invites go out. A management link arrives in your inbox.
Or skip the link and sign in at https://git-done.com/manage — enter your email, receive a one-time link, see every event you've ever organized. No password involved.
Every completed event leaves behind a small git repository. Anyone
who has it (you, the participants, an auditor) can verify it offline
with the open-source gitdone-verify tool. No network calls, no
gitdone service, no trust in us. Works from a USB stick on an
airgapped laptop ten years from now.
Events have an explicit, reversible lifecycle — the system prompts, the organizer decides. Nothing is ever auto-closed. Closing writes a permanent commit, and that's a human decision.
- Pending activation. Participants are not notified until you click the activation link we email you (valid 72 hours). If you never click, the event is deleted at 72h — no trace, no stranger you claimed to be hears from us.
- Open. Steps complete as replies come in. Late replies still count — deadlines are aspirational, not gates.
- Day 14 past deadline → nudge. One email to you: "remind, close, or ignore." No cascade, no daily spam.
- Day 45 past deadline → auto-archive. The event goes grey: hidden from your default dashboard, replies stop counting, a heads-up email arrives with a one-click un-archive link. Nothing is deleted — the git repo and proofs stay intact; this is a reversible flag, not a terminal close.
- Terminal states — you write them, not us.
- completed: every step ran its full course.
- closed early: you ended it (close button /
close+email) with work still pending. Both write a permanent completion commit. Archive is not a close.
- gitdone never stores attachments — they're forwarded to the organizer and hashed into the record. The hash lives forever; the attachment lives in your inbox.
- Email addresses in the record are hashed with a per-event salt, not stored in plaintext. Anyone with the original email can confirm a match; no one can scrape the repository for a contact list.
- The service concentrates trust in four places, all named up front: the participants' mail providers (who sign their replies with DKIM), Bitcoin miners (who anchor the OpenTimestamps stamps), git (which uses SHA-1 for commit hashes), and whoever maintains the verifier tool. We don't pretend there's no trust; we try to make it visible.
- Product requirements (PRD) — what it is, what it isn't, why.
- Changelog — what shipped, newest first.
- Source: https://github.com/hamr0/gitdone.
The gitdone-verify tool is and will remain MIT-licensed — every
record must stay independently verifiable, forever.