Since there are no pointers to how this is actually working, I'm having to ask the questions here
so you are saying that if the verification key is stored off the box, it can tell that not only is every line 'sealed' but that none of the lines are missing?
This sounds like it is relying on some signing technology that's beyond what I'm aware of as the state of the art. This is possible, but I would have expected to hear about such a new technology through the security side of things rather than as something implemented in any FOSS project as the first word.
I am skeptical about this, because very similar claims were made about the hashing that systemd implemented
The ability to generate a key for signing documents where you can use a key for signing once, use it to generate a new one and forget the old one, and people verifying the signature can not only validate it no matter which key you use, but verify the order that you signed the documents and validate that there are no gaps in the order is something that seems like it would be a revolution in digital signatures.
If it's something less than this, the limitations are likely to greatly weaken it's value for logs as well.
If, for example, you have to have every document that was ever signed by the sender, then it's going to be much less useful. You don't keep all logs that a system has ever generated, you roll them and delete the old logs