A Brief Legal Analysis of Authentication of Documents using Blockchain Technology
A New Way To Digitally Sign And Authenticate Documents
Blokusign is a new application for enabling the legal validity and management of agreements. It offers a major advantage over existing e-signature solutions by allowing users to independently verify the existence, timing, and authenticity of their signed documents.
Other e-signature solutions issue only a transaction receipt that lists signers’ IP addresses, email addresses, date, and time. These receipts are easily altered and have no security mechanisms. Furthermore, these receipts are centrally stored and managed, which can lead to doubts about their authenticity. Records that are under the control of an authority can be tampered.
How It Works
Blokusign connects the document to an address and a hash of the signed document on a public blockchain. A cryptographic hash is the ‘fingerprint’ of a file — changing the file, to any degree, will completely alter the hash. Because of this property, hashes can be used to demonstrate the authenticity of a document, even when it has been copied and stored under someone else’s control. Similarly, linking the document to an address, and supporting the transaction with cryptographic assurances of validity, helps ensure that the person creating the record has the authority to do so. Finally, by encoding a hash of the document, users can easily prove that their locally-held copies are correct, while at the same time creating an incontrovertible timestamp of the agreement.
To be clear, Blokusign does not store the signed document itself on a blockchain, as that would be an inefficient and costly use of precious block space. Instead, Blokusign’s solution is simple and elegant: a hash of the signed document is stored on a public blockchain and provided as part of the transaction receipt. Users are free to use their own document storage methods, whether local storage, cloud services like AWS or Dropbox, or Blokusign’s storage service (to be provided in a future release).
If the user ever needs to check whether a document is authentic, the user merely needs to compare the hash ‘fingerprint’ of the document to the one stored on the blockchain. If the two values are identical, then the document has not been altered. Users can also do the reverse: because each hash uniquely identifies documents, hashes can also be used to locate particular files with ease.
Blokusign’s solution is far simpler and more reliable than existing methods, which may either check metadata (which may be altered) or rely on centralized e-signature solutions to verify it from their own storage.
Decentralized Authentication is More Efficient
Blokusign’s blockchain-backed solution eliminates the need for reliance on third parties for document authentication and allows users to select their own solution based on their needs.
It can be used wherever documents need to be secured and authenticated.
For example, litigation can often turn on the authenticity of a document. Traditionally, both parties produce their version of the documents — which may not be identical. Demonstrating authenticity may ultimately depend on issuing a subpoena to the e-signature or document storage company to produce their version of the document (or its metadata). These third-party subpoenas can be extremely time consuming and costly. Moreover, users may not wish to entrust their most important documents to third party custodians, given the risks of data breaches, deletion, and errors outside the user’s control. Similarly, properly-authenticated documents can be used to prove the existence of agreements.
Blockchain document verification will likely become standard practice in the near future. Furthermore, standards and rules are currently being developed for alternative dispute resolution/arbitration which would recognize blockchain authentication. This can save parties significant cost, time, and deter bad actors from tampering with signed documents.