In order to explain the benefits of blockchain based electronic signature with Woleet, we answered three questions :
– Is Woleet e-signature eIDAS compliant?
– You are here : What are the benefits of a signature with bitcoin evidence?
– What about advanced electronic signature?
Long term, interoperable signature proof
Woleet provides electronic signature with Bitcoin evidence, meaning that each e-signature is systematically anchored in Bitcoin Blockchain to prove that the signature existed at a given time. The proof receipt includes all that is required to verify both the signature validity and its timestamp.
Anchoring a signature provides timestamping of the signature using the resources of the large-scale distributed system of Bitcoin. Timestamping in Bitcoin relates to the sequencing of transactions, more than the precision of time (about one hour). This solution, based on a high number of participants agreeing upon the existence of an event at a time, brings even more value than the time certified by a Timestamping Authority relying on a little number of independent time sources.
The signature proof is verifiable by any entity possessing the original signed data:
- The signature is hashed and added to a Merkle Tree whose root hash will be added in a Bitcoin transaction. After mining of at least 5 blocks above the one containing this transaction, it is sure that anybody possessing a copy of Bitcoin Blockchain will be able to find this proof, if they have the original data and the proof receipt delivered by Woleet (identifying the transaction and the block where the proof was anchored). The proof receipt is not required if Woleet validation solution is used.
- The format of the proof is open and standard (Chainpoint), so that it is possible for anybody to check the validity of the proof. It is also possible to check the validity of the related signature, relying on cryptographic standards.
The signature proof is time-resistant. Usual proofs made with X.509 certificates require to manage certificate expiration and Certification Authority perennity. Adapted signature format like PAdES -LTV is not generalized so far, and in some cases, re-signature is necessary.
Woleet.ID Server publishes the information of key expiration and blocking. As the signature was timestamped in Bitcoin blockchain, it is possible to check that the key was valid (or not) at time of signature. This mechanism is included by default in Woleet proof validation process.
Signature proof management with Bitcoin does not require extra cost over time.
No confidential data in signature proof allowing proof publication
The signature proof does not contain the original data, and still relates to it in a reliable manner (via the hash of the data), so that original data and signature proof can be stored in two independent ways.
The original data remains under the responsibility of the controller (in the words of the GDPR), who decides the right protection level according to confidentiality stakes. Besides, the controller will keep the proof receipt provided by Woleet, allowing to look for the signature proof in the blockchain independently from Woleet.
The absence of confidential data in the proof makes it possible to anchor a signature proof in a public ledger like Bitcoin and to leverage this open and distributed ledger system, whileprotecting data confidentiality. This anchoring in a public blockchain confers even more credibility to the proof. Anybody can perform proof validation by his/her own means, as long as the data controller lets him access to the document and the proof receipt.
E-signature made by Woleet relies on an asymmetric key pair that does not contain the identity of the signatory.
The signatory can perform an e-signature without revealing his/her identity. Proving possession of private key is sufficient to demonstrate the execution of the e-signature. The signatory is free to prove his/her identity at any moment, potentially depending on who asks for signature validation. Identity management is placed under the control of signatories.
In the next post we will explain how advanced e-signature is available with Bitcoin evidence. Stay tuned and see you next week!