Proof of timestamp
To create a proof of timestamp for a file, you need to create a ‘data anchor’ (an anchor is basically a proof creation request). To do so, you only need to compute the SHA256 hash of the file client side and choose a name for the anchor. Since the platform doesn’t need the actual file, there is no limitation on the size or on the type of the file, and the file is not even leaked to Woleet.
Creating a data anchor consumes 1 timestamp credit.
Proof of seal
To create a proof of seal for a file, you need to create a ‘signature anchor’. To do so, you need to compute the SHA256 hash of the file and choose a name for the anchor.
Some additional data are required:
- the public key used to sign
- the signature of the SHA256 hash of the file
Optionally, you should provide the URL of the identity server of the sealing organization to enable the verification of:
- the identity of the seal (using the public key used to sign)
- the identity of the sealing organization (using the TLS certificate of the URL)
- the control of the signature key by the sealing organization (using a signature challenge).
Creating a signature anchor consumes 1 seal credit.
Proof of signature
To create a proof of signature for a file, you need to create a 'signature request'. To do so, you need to compute the SHA256 hash of the file and choose a name for the signature request.
Optionally, you can provide the list of signers (using their email, public key and/or phone numbers). The signature request workflow is entirely managed by the Woleet platform, producing proofs of signature as well as an audit trail sealed by Woleet.
Creating a signature request consumes 1 signature request credit. Each signature registered consumes 1 signature credit, and each SMS sent consumes 1 SMS credit.
About the anchoring process
Newly created anchors are automatically collected by the platform and recorded in the Bitcoin blockchain: this can take from 10 mn to 6 hours with an average of 3 hours) depending on the load the the Bitcoin network. To check the state of your anchors, you can pull them using the Woleet API, or you can associate a callback URL to an anchor that the platform will call whenever the anchor status changes.
Once an anchor is recorded in the Bitcoin blockchain, you can retrieve its associated proof receipt using the Woleet API. Proof receipts conform to the Chainpoint 2 proof receipt format with some Woleet extensions when it comes to proofs of seal.
The proof receipt is the only piece of data required to prove the timestamp, the sealing or the signature of a file (obviously the SHA256 hash of the file is also required, since it is not included in the proof receipt). Thus, it is highly recommended you keep your proof receipts (and your files) in your own data store, so that you don’t depend on the Woleet API to generate the proof receipt on-demand whenever you want to verify a file.