I have some concerns with digital signatures and how will it work for your exchange. Since most electronic signatures I see are all pre-signed meaning users already have their existing digital signatures on board so that they won't sign and sign it again will you be using it or will you only accept actual signatures made that time? Because if its the former then I don't think its secure as what you want it to be because anyone could literally obtain that user's signature if they have a copy of it.