W3C home > Mailing lists > Public > public-credentials@w3.org > May 2016

Spec updates: Proof of Publication

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Wed, 04 May 2016 16:34:41 -0400
Message-ID: <572A5CE1.5070002@digitalbazaar.com>
To: Web Payments CG <public-webpayments@w3.org>, Credentials Community Group <public-credentials@w3.org>
Hi all,

Thanks to a financial contribution from Blockstream[1] to Spec-Ops[2],
we've been able to do some work on the Linked Data Signatures
specification as well as an extension to it. Namely, generalizing it
more than it was and implementing something called a proof of publication.

Here's the basic use case for proof of publication:

What happens if you need to prove that you signed something at a
particular date and time? In the past, we've done something like depend
on our national post office to "post mark" a document we have signed by
mailing it to ourselves. That is, we depend on a notary of some sort to
verify that something happened at a particular point in time. The system
works well if all parties are trusted, but is not very resistant to forgery.

What happens when we want to take this mechanism into the "trust-less"
digital realm? One approach is to replace the notary with mathematics
and cryptography, storing the result in a public ledger of some kind.
This system works well even if all parties are not trusted and it's
extremely resistant to forgery.

The Proof of Publication extension to the Linked Data specification does
exactly this. It enables one using the specification to include a link
to a Merkle tree (a special type of data structure) in a public ledger.

Doing so:

1) Creates proof that you performed a digital signature at a particular
   point in time, and
2) Asserts that the Merkle tree contained a particular set of
   information at that point in time.

This means that people don't have to trust you or an arbitrary third
party as to when something happened, they can look at the public ledger
and verify for themselves that you are telling the truth.

The real world use cases for this include:

* Proving that a contract was signed on a particular date and time
  as well as the contents of the contract.
* Proving that an asset exchanged hands at a particular date and
  time and who the new owner is.
* Proving that a particular education credential was conferred on
  a particular date.
* Proving that a medical debarment happened on a particular date.

The use of a merkle tree enables a large amount of data to effectively
be compressed into a very small space and stored on a public ledger like
the Bitcoin blockchain, Ethereum blockchain, or any other public ledger.

The Proof of Publication specification can be found here:

https://web-payments.org/specs/source/pop2016/

... which builds on the Linked Data Signatures spec here:

https://web-payments.org/specs/source/ld-signatures/

-- manu

[1] https://blockstream.com/
[2] https://www.spec-ops.io/

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Web Browser API Incubation Anti-Pattern
http://manu.sporny.org/2016/browser-api-incubation-antipattern/
Received on Wednesday, 4 May 2016 20:35:07 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:28 UTC