How do you perform digital signatures and verification?

by vaachii in November 12th, 2021

Hello, UNiD fans!

This time, I would like to talk about UNiD's feature, Digital Signature, and its verification function. As explained in past blog posts, UNiD uses DPKI (Decentralized Public Key Infrastructure), built on the foundation of DID (Decentralized Identifiers), to manage private and public keys in an autonomous and decentralized manner. Digital signatures and verification of digital signatures follow the Verifiable Credentials specification defined by the W3C, which is implemented according to the EcdsaSecp256k1VerificationKey2019 specification, which describes these functions in detail.

EcdsaSecp256k1VerificationKey2019 is one of the signature schemes defined by W3C, and it defines the following:

  • GCA2015 is used as Canonicalization Algorithm.
  • SHA256 (RFC6234) is used as Digest Algorithm.
  • ES256K (RFC6979) is used as Signature Algorithm.

Suppose we follow the EcdsaSecp256k1VerificationKey2019 scheme and sign a simple JSON-LD as shown below.

  "@context": "<>",
  "<>": "AuthenticateMe",

The result of the signature is the following data (Verifiable Credentials).

  "@context": "<>",
  "<>": "AuthenticateMe",
  **"proof": {
    "challenge": "abc",
    "created": "2019-01-16T20:13:10Z",
    "domain": "",
    "proofPurpose": "authentication",
    "verificationMethod": "<>",
    "type": "EcdsaSecp256k1Signature2019",
    "jws": "eyJhbGciOiJFUzI1NksiLCJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdfQ..QgbRWT8w1LJet_KFofNfz_TVs27z4pwdPwUHhXYUaFlKicBQp6U1H5Kx-mST6uFvIyOqrYTJifDijZbtAfi0MA"

Since the public key corresponding to the private key used for signing is available on the UNiD Network (DPKI), the user agent that receives Verifiable Credentials can verify the integrity and authenticity of the data using the contents of the proof key included in the Verifiable Credentials.

Want to make a technical deep dive into UNiD EDGE? Visit our GitHub.

Your cart