Purpose

The Woleet API provides an easy way to create proofs of timestamp and proofs of seal for your data. The data can be of any type or size and is not modified by the process: only its digital fingerprint is required, so that the data does not have to be disclosed to Woleet.

The Woleet API also allows to easily create and manage customizable signature requests for your data. The data to sign can be of any type or size and is not modified by the process: only its digital fingerprint is required, so that the data does not have to be disclosed to Woleet. The Woleet platform handles the full life cycle of the signature: each signature performed produces one proof of signature. At the end of the signature workflow, a human readable PDF document, the 'signature attestation' is produced, containing all the proofs of signature plus the audit trail of the signature workflow sealed by Woleet.

To sum up, using the Woleet API you can create durable cryptographic proofs that can be used to prove that:

  • a data existed on a given date (proof of timestamp)
  • a data was certified/sealed by an organization on a given date (proof of seal)
  • a data was signed by an individual on a given date (proof of signature)

Proofs created by Woleet leverage the Bitcoin blockchain to provide timestamping, and were designed from the ground up to be independent from Woleet: an access to the Bitcoin blockchain and some open source code is enough to verify them.

Proofs of timestamp conform to the open source standard Chainpoint. Consequently, they can be verified using any tool compatible with this standard, without any interaction with Woleet, and remain verifiable forever even if Woleet stops its operations.

Proofs of seal are an extension of the Chainpoint standard proposed by Woleet. Thus, the timestamp of a seal can be verified the usual way. Then, the validity of the signature can be verified cryptographically. Finally, the identity of the sealer and its control of the signature key can be verified independently from Woleet by using the identity URL of the proof and its associated TLS certificate, both owned by the sealing organization.

Proofs of signature are similar to proof of seal, except that the verification of the identity of the signer usually relies on Woleet's own identity URL and TLS certificate, since Woleet is often used as the a trusted identity provider when it comes to electronic signature of individuals. Nevertheless, organizations can also chose to act as trusted identity providers, so that proofs of signature can be verified independently from Woleet.