We wanted our first blog post to be an analysis of digital signatures and timestamps using blockchain technology. But our first client arrived, and it was in fact an example of what we wanted to explain, so we will leave that for now and start directly with a real-world case.

CESYT is a an Argentinian College with nearly 40 years of history teaching a wide range of official careers, like marketing, international trade, tourism and gastronomy. Furthermore, they offer different kinds of evaluations, for example, SAP certifications.

They contacted us in the Bitcoin forum organized by the government of Ciudad de Buenos Aires (July 2015) to record a proof of authenticity of their career diplomas and certifications on the Bitcoin blockchain.

Buenos Aires Bitcoin forum, where we talked about the idea and met CESYT.

We recommended them to record everything using their own digital signatures, and we did an analysis about the advantages of using both, traditional digital signatures and timestamps, and their blockchain alternative. You can download it here: “Blockchain, academic verification use case” (Spanish version also available).

We suggest reading the document for details and explanation (we even used the President of Argentina’s university degree dispute as an example), but in summary the proposed solutions were:

Counterfeit/falsification : “Multisig” digital signatures using Bitcoin addresses.

: “Multisig” digital signatures using Bitcoin addresses. Future internal fraud: Bitcoin blockchain timestamps.

They agreed with our conclusions and their latest graduates had proof of their diplomas recorded in the blockchain on October 27, 2015. And they will continue doing so in the future.

There have been cases of cryptocurrency course certificate proofs being recorded in the Bitcoin blockchain (without blockchain based digital signatures), but this was the first time by an academic institution with all of their official careers and diplomas. Our congratulations to CESYT. :)

Procedure

Besides traditional diplomas, digital versions were created and delivered to each graduate, with the College keeping a copy of each of them for itself.

CESYT’s Academic Secretary digitally signing the first batch of diplomas.

In Argentina, the Ministry of Education mandates that official diplomas need to be signed by College’s Director and Academic Secretary. So using software developed by us they created their own public and private keys and made a backup of the seed needed to recreate them for a future batch of graduates. Additionally, a third key for the College itself was created.

Then, using the same software, a cryptographic hash function was used with all diplomas, and after being digitally signed by each authority, results were recorded in the Bitcoin blockchain. This constitutes a proof of authenticity of each diploma.

With our help, CESYT will soon be adding a special place in their website to check for diploma’s authenticity, but the process can already be done with available third party tools (and in fact it would better from an audit perspective).

Technical stuff

A 3-of-3 “multisig” Bitcoin address is used to record proof of diplomas and certifications, this way we guarantee that each document has the required signatures (CESYT address is 3JG9Sp3N8SCvgk3NmkASSKUX7bpRvqYMnK, you could check for it on any Bitcoin blockchain explorer, but you would need the diplomas to verify their integrity and authenticity).

Our product has its own format for the OP_RETURN output where a SHA-256 hash of the document is recorded, but CESYT didn’t need most of our functionality and neither they use our standard platform, so we created their own using “CESYT” as header.

Talking again about the advantages over traditional digital signatures and timestamps, but now on a technical side:

“Multisig” digital signatures using Bitcoin addresses : we can demand certain signing requirements that were not possible before, for example, “needs to have the signature of at least 3 of 5 authorized individuals”. And using solutions such as Ethereum, Counterparty or RootStock we could require much more complex conditions.

: we can demand certain signing requirements that were not possible before, for example, “needs to have the signature of at least 3 of 5 authorized individuals”. And using solutions such as Ethereum, Counterparty or RootStock we could require much more complex conditions. Bitcoin blockchain timestamps: the traditional timestamp solution (RFC 3161/ANSI X9.95) needs a Time Stamping Authority (trusted third parties), and long-term timestamping (RFC 4998) involves an eternal maintenance to preserve the validity of the certified timestamp. Meanwhile, the blockchain alternative has none of this problems.

On the other side, a disadvantage could be that Bitcoin based timestamps are based on blockchain blocks, and those are created every 10 minutes (and sometimes it can take more than an hour). But for a diploma, a correct date is more than enough, we don’t really need to know the exact minute it was created.

Conclusion

Our custom-made solution for CESYT was a great example of blockchain technology being used to bring transparency, authentication and counterfeit-proof certification. It was wonderful having them as our first client while we finish our standard platform and we hope to have such interesting works in the future.