By Juan Galt,
Certificate Authorities for HTTPS, PGP authentication and multi-signature cryptographic notarizing can now be done on top of Bitcoin, thanks to Signatura.
Digital Notary Service Now Open to the Public
Developed out of the Buenos Aires Bitcoin Center in Argentina, Signatura.co a digital notary and authentication service on top of Bitcoin, just ended its public beta and opened to the public.
“Signatura allows multiple parties to jointly sign documents, legally binding and notarizing them in such a way that no one can repudiate it’s date, content or signatures.”
Signatura allows users to sign and authenticate just about any document using the Bitcoin blockchain. It brings Bitcoin’s high security and decentralization to important institutions like notaries and internet certificate authorities.
It’s not hyperbole so say these institutions are vital to modern civilization. Notaries are a kind of semi-centralized set of databases in liberal democracies today. Importantly, they keep tabs on who owns what (or try to, anyway).
Without notaries, “property rights” — a key tenet in both free market-oriented societies and classical liberalism — would not be possible. For property rights to be respected, there must be some way of proving who owns what and making sure there is no fraud or double spending. This includes verifying a user’s identity in a viable legal manner, one of Signatura’s focuses.
How Users Can Trust Websites — In Theory
The internet shares a similar infrastructure, with its certificate authorities (CAs). These are organizations that streamline the credibility of other sites. Like a stamp of approval, organizations like Verisign put their name on the line to verify that your website’s HTTPS encrypted tunnel actually is routing to your server. That is their job, anyway.
Your browser, in turn, looks at these certificates and decides whether to show you a green lock or a red warning. This is essential to user experience.
CAs attempt to do for secure communications what Bitcoin does for money. That is, provide a secure record of who owns what, so cheating becomes very difficult.
If a CA fails, man-in-the-middle attacks become possible. It’s likely websites with critical information flowing through them, like banks, would suffer from impersonators.
Some of these CAs are so big, centralized and vulnerable to government and corporate pressure that they even occasionally comply with man-in-the-middle attacks.
Bitcoin Blockchain Great for Managing Notary Services
Bitcoin’s decentralization, immutability, and massive hashrate make it an obvious candidate for managing these services. The team at Signatura understands this.
And they are not the only ones. Blockstack, Factom, Emercoin and Ubiquity are also organizations developing Bitcoin or blockchain-based notarization and authentication.
Signatura’s focus seems to be towards individual and institutional authentication, particularly for individuals in critical and official government roles.
Franco Amati, Signatura co-founder, told Bitcoin.com:
“Digital signatures are used in a wide range of industries, from legal to financial services. But we also see potential in education, where we are already working with career diplomas, and in government, where transparency has an important role. In fact, we are already in talks with local counties to start using the platform.”
How Signatura’s Authentication Works
Like traditional digital signature authorities and CAs, Signatura has its own public key that it uses to sign documents its users want to authenticate. While this signature provides some credibility, at the end of the day it’s not the only thing that matters.
Users can choose who co-signs their documents. This can be anyone they trust or is reputable, be it their lawyer, their business partner… Or their mom. Anyone can create an account at Signatura.co and become cosigners.
User identity verification happens with private/public key cryptography similar to Bitcoin’s, as well as through connections with a user’s social media — like Facebook, Twitter and Linkedin. In this sense, Signatura is quite similar to Onename.com, one of the first to offer a blockchain authentication service.
Following the security model Blockchain.info pioneered, Signatura provides users a master seed and encrypts it with a password. If users forget the password they can restore from the seed. If they lose both, however, they will permanently lose access.
User Credits to Access Signatura Services
Signatura is currently developing an API, to serve institutional and larger organizations and not just small businesses and other independent users.
It is not open source either, at least not yet. When asked about it, Amati added:
“We have plans to open source Signatura web platform itself, but not its API, at least not yet.”
New users will receive a positive balance of 10 credits. These are to access Signatura resources and sign transactions on the Bitcoin blockchain. Users can purchase further credits to access more services later on. However, users cannot exchange credits with each other, and so credits do not trade on the open market.
“Furthermore, we plan to support current credentials, not only using ECDSA (secp256k1) as this beta but also RSA (like most existing certificates),” Signatura told press. “For that, we are working with Rootstock (RSK Labs, our next-door office neighbors) to have RSA opcodes on their smart contract platform.”