How to create Bitcoin advanced seals to certify data flows?
What is a Bitcoin seal?
The sealing technology proposed by Woleet involves the notion of identity. Indeed, when a seal is applied to data, it is linked to a corporate identity that must be defined and verified. The Woleet Bitcoin seal combines both the proof of date and integrity of the data with that of the digital signature corresponding to a given identity.
There are two technical components to the Bitcoin seal:
- The timestamp published in Bitcoin that freezes a transaction at a given block height,
- The identity server that manages the cryptographic keys used for the signature and the associated identities,
Advanced seals
The European eIDAS regulation defines the advanced seal as follows:
Article 36 – Requirements for advanced electronic seals
An advanced electronic seal shall meet the following requirements:
An advanced electronic seal shall meet the following requirements:
- it is uniquely linked to the creator of the seal;
- it is capable of identifying the creator of the seal;
- it is created using electronic seal creation data that the creator of the seal can, with a high level of confidence under its control, use for electronic seal creation; and
- it is linked to the data to which it relates in such a way that any subsequent change in the data is detectable.
To claim the advanced electronic seal, the server must be linked to an identity that has been verified.
There are two ways to do this:
Host your own identity server.
By hosting a Woleet ID Server, the company itself testifies to its identity. To do so, it exposes an identity URL (identityURL) that will be queried at each verification. This URL, which identifies the company, must be protected by a TLS certificate (link to certificate definition). This TLS certificate will contain the company’s identity. This certificate is verified in the process and this is how we make sure that the declared identity corresponds to the real one, without having to perform any additional verification. Woleet therefore uses your TLS certificate as proof of identity.
Obtain a verified identity hosted on an external identity server.
Woleet also provides its customers with verified identities. The principle is that these identities are created on identity servers managed by Woleet but a formal verification (KYB) is performed by third party partners. Lawyers or bailiffs will be able to attest to the customer’s identity by following a particular protocol and by establishing an official act engaging their responsibility. Following this verification, the customer will be able to use this identity for his server stamps as long as he wishes. This solution is suitable for users who do not have the internal resources to install and maintain an identity server alone.
Free lifetime access to Woleet Sign to create signatures requests