Signature Proofs

Signature anchoring is similar to data anchoring, except that the anchored data is not the original data (ie. the one that is signed) but the signature of the original data (as produced by the signer).

A signature proof is a Chainpoint compatible receipt with an additional signature property containing 3 mandatory sub-properties, and 1 optional:

• signedHash: the SHA256 hash (ie. the fingerprint) of the original data (this hash is what is actually signed)
• pubKey: the Bitcoin address of the signer
• signature: the signature of the content of « signedHash » using the « pubKey » Bitcoin address of the signer
• identityURL: an optional web hook to be called whenever the signer identity need to verified from his Bitcoin address

Note also that the targetHash property of the Chainpoint receipt is the SHA256 hash of the signature instead of the SHA256 hash of the data. Consequently, verifying a signature anchoring receipt using the regular Chainpoint verification process proves that the signature (and by transitivity the data) existed at some point in time: a signature receipt is thus equivalent to a regular anchoring receipt.

The verification process continues with the verification of the signature: the signature provided must be a valid signature of the hash of the original data produced using the signer’s Bitcoin address.

Optionally, if the identityURL property is provided, the verification process is completed by an identity verification process (described in the previous part).