Authentication and verification of the contents of paper-based documents is very challenging because:
- signatures can be forged,
- unauthorized pages can be inserted into large signed documents,
- hand-written documents may contain illegible handwriting etc.,
- sending documents physically for signatures by different counter-parties involves cost & time.
Paper-based records pose several challenges and suffer from several inherent problems:
- the need for physical storage space,
- high environmental costs,
- high costs & inconvenience of transportation,
- possibility of counterfeiting,
- prone to damage due to heat, dust, water, and other factors.
HyFi GREAT can be used for:
- Electronically signing documents without revealing actual content.
- Demonstrating data ownership without revealing actual data.
- Documenting time stamps.
- Proving ownership.
- Checking for document integrity.
Some of the benefits of using HyFi GREAT are:
- Eliminating fraud and forgery.
- Decentralized verification.
- Authenticating unlimited records at near-zero cost.
- Saving costs and time spent on "wet signatures".
- Signing any electronic record - images, pdf, word files, emails, transactional data, software code, etc.
- Accelerating the client onboarding and contract management process.
- Unlimited people can sign a record.
- 100% data privacy and immutability.
3.1 The electronic signature process
Let's take a simple example.
Step 1: Key generation
Rajnikant generates two keys, a public key, and a private key. These keys are nothing but extremely large numbers. Although the keys are mathematically related, it is "computationally infeasible" to obtain the private key by using the public key. A signature created by Rajnikant’s private key can be verified using Rajnikant’s public key.
Rajnikant's public key
03954458fe54151b32a035e6179b18a74cb027b0201404c522a41efdc043f0a138
Rajnikant's private key
VAV9DaTL8S4WjVCiezmGRTASH26GNmuaDVkee2jamZKVyWDLjMPE32R1
Rajnikant shares his public key with the whole world (through his website, blog, email, etc.) but keeps his private key to himself.
Step 2: Computing the hash
Now, Rajnikant wants to share his research on "self-driving cars" with his friend Scarlett Johansson. To do this, he creates a pdf file with details on his research.
Rajnikant computes the hash of the pdf document containing his research. A one-way hash function takes an input (e.g. a PDF file, a video, an email, a string, etc.) and produces a fixed-length output e.g. 160-bits. The hash function ensures that if the information is changed in any way – even by just one bit – an entirely different output value is produced.
Let's check out the sha256 hashes for three words - sanya, SANYA and Sanya.
The cryptographic hash for the word sanya is:
834ac48d8e6d1d7f0b8d21a5b3e81446f5a4caa63765cc23836f61844b67fb83
The cryptographic hash for the word SANYA is:
4247bff9d41c0f2da68ef43c5624531da9ca5bc31b39760a67e32265082e1ba8
The cryptographic hash for the word Sanya is:
513a15ed036e62c14b41b2608a5bb18aa7af2a3502c90b892f9dddabaf136bc2
It can be seen that by changing the case of the letter S, from small to capital, an entirely different hash value is generated. What must be kept in mind is that irrespective of the size of the input, the hash output will always be of the same size.
Two things must be borne in mind with regard to one-way hash functions:
- It is computationally infeasible to find two different input messages that will yield the same hash output.
- It is computationally infeasible to reconstruct the original message from its hash output.
Step 3: Signing the document
Rajnikant now "electronically signs" the pdf. For this, his software takes the hash and Rajnikant's private key and uses an algorithm to compute the electronic signature for the file:
IK+0M1DdcCnjIzVB4j997WusLlglq3rhBFsqEsuxkOZ7XwseQR2yJQ9/eOp/h/a6lt38iTu4aYceSx1yE1oUYIs=
Step 4: Verifying the signature
Rajnikant emails the pdf and the electronic signature to Scarlet. She takes the document and computes the hash. Since the hash function software will always produce the same hash result for a particular message, she computes this as the hash:
32841a6ddba36a71a4e5d86946e3baad0652885713756e01c89d1b6fda81d2ed
She takes Rajnikant's public key, the document hash & the digital signature and uses an algorithm to verify the digital signature.
"pubkey": "03954458fe54151b32a035e6179b18a74cb027b0201404c522a41efdc043f0a138",
"signature": "IK+0M1DdcCnjIzVB4j997WusLlglq3rhBFsqEsuxkOZ7XwseQR2yJQ9/eOp/h/a6lt38iTu4aYceSx1yE1oUYIs=",
"hash": "c14fa6ea73269522b3362c637e9d90de39f58ac7696536019b7a3f2e0741e606"
If the signature is verified, it means that:
- the document has been signed by Rajnikant
- the document has not been altered in any way
From a legal point of view, electronic signature creation & verification achieves the following:
1. Signer authentication: A person’s electronic signature cannot be forged. This means that if an electronic signature can be verified by Rajnikant’s public key, then it must have been created by Rajnikant’s private key. The digital signature verification process thus authenticates the identity of the signer.
2. Message authentication: An electronic signature is based upon the hash value of the actual message. Thus an electronic signature is unique for each message and automatically authenticates the message.
3. Affirmative act: The process of electronic signature creation requires the signer to use his private key (usually by entering a password). This overt act alerts the signer that he is initiating a transaction that may have legal consequences.
3.2 Legal aspects of electronic signatures
The term `electronic record` includes data, record or data generated, image or sound stored, received, or sent in an electronic form. Examples of electronic records include documents in text, pdf, html, doc, ppt, html, mp3, and other file formats.
Some of the important features of an electronic record are preservability, accessibility, readability, comprehensibility in respect of linked information, evidentiary value in terms of authenticity and integrity, and augmentability. Electronic records can be produced, replicated, distributed, and stored at near negligible costs.
The legal concept of an electronic record having parity with a paper-based or written document was introduced by the UNCITRAL Model Law on Electronic Commerce, 1996. This concept has subsequently been included in the laws of many countries.
Major countries have either permissive / minimalist laws or two-tier laws relating to electronic signatures.
In countries with permissive / minimalist laws, simple electronic signatures have the same status as handwritten signatures provided both parties agree to the use of electronic signatures.
In countries with two-tier laws, digital signatures have the same status as handwritten signatures, but electronic signatures are also legal and enforceable.
Setup a server with the following minimum config:
- Linux: 64-bit, supports Ubuntu 12.04+, CentOS 6.2+, Debian 7+, Fedora 15+, RHEL 6.2+.
Windows: 64-bit, supports Windows 7, 8, 10, Server 2008 or later.
Mac: 64-bit, supports OS X 10.11 or later.
- 512 MB of RAM
- 1 GB of disk space
Login as root and run these commands:
You will see something like this:
Email it to team@hyfiblockchain.com
When we confirm, login to the node and run
You should get this response: Node ready
.
Now run:
Now you can create addresses, assets, transactions, signatures and more.
Also see the MultiChain JSON-RPC API commands and various Multichain developer tutorials and guides
For future logins, use:
5.1 Creating a custodial address
getnewaddress
returns a new address whose private key is added to the wallet. This is a custodial address.
The output is an address.
5.2 Creating a non-custodial address
createkeypairs
generates one or more public / private key pairs, which are not stored in the wallet or drawn from the node’s key pool, ready for external key management. These are non-custodial addresses.
For each key pair, the address, public key (as embedded in transaction inputs) and private key (used for signatures) is provided.
6.1 Signing by a custodial address
A message (text or hash) can be electronically signed by a custodial address using signmessage addressOfSigner "message"
The output will be the electronic signature.
An electronic signature can be verified using verifymessage addressOfSigner electronicSignature "message"
The output will be true or false.
6.2 Signing by a non-custodial address
A message (text or hash) can be electronically signed by a non-custodial address using signmessage privateKeyOfSigner "message"
The output will be the electronic signature.
An electronic signature can be verified using verifymessage addressOfSigner electronicSignature "message"
The output will be true or false.