The Empowerment of CBA© Certification: Value and Benefits of Verifiability on the Blockchain

I am now a Blockchain Analyst Certified by the @DECInstitute, I will tell you how the certification acquires further value from its verifiability on the bitcoin blockchain

Versione italiana dell’articolo disponibile Qui; Italian Version available Here.

My CBA©

TL;DR; The ability to verify my certification directly on the Bitcoin blockchain is a milestone. It represents not only the authenticity of my achievement, but it also demonstrates the evolution of certifications in the Web3 age. In this article I explore the importance of this verifiability and the steps to verify the authenticity of a certificate such as the CBA©

In this article, we will see how it is technically possible to identify the Bitcoin transaction and its connection with the certificate (you will find the Javascript procedure included). However, I do not hide from now on that the detailed verification process, when I wanted to link all the pieces from my certificate to the onchain transaction and back, is quite challenging and not as straightforward and simple as I expected. It requires using a bit of Javascript code, which, on the contrary, is immediate when verifying from the certification publication site (even though the direct link to the onchain transaction is missing, introducing an unwanted element of ‘trust’).

INDEX

• Introduction
• Il CBA© del Dec Institute in breve
• The importance of verifiability on Blockchain
• Verification of my CBA© certificate
• The complexity of verifying the transaction on the Bitcoin blockchain — procedura Javascript
• Conclusion

Introduction

In the era of transparency and reliability, obtaining the CHARTERED BLOCKCHAIN ANALYST certification from the DEC Institute represents the formal recognition of my skills in the field of emerging technologies and secure digital transactions. In addition to quickly exploring the utility and personal significance of this certification, what truly fascinates me and what I want to share with you is its verifiability on the Bitcoin blockchain and how to verify a certificate issued on the Bitcoin chain.

This certification, in fact, leverages one of the capabilities of web3 to provide greater ease of verification for both the certificate and the issuer of the certificate, as well as immutability and tamper resistance.

Il CBA© del Dec Institute in breve

The CHARTERED BLOCKCHAIN ANALYST (CBA) certification from the DEC Institute, an international consortium of higher education institutions and blockchain industry practitioners, aims to certify a range of in-depth knowledge and skills in the field of blockchain, Web3, and distributed ledgers. This certification program is designed to address the shortage of professionals capable of understanding, analyzing, and implementing blockchain technologies across various sectors, from finance to business, healthcare to logistics, and beyond.

The goal is to assess participants on the skills necessary to evaluate, develop, and manage blockchain applications, promoting an understanding of advanced concepts such as cryptography, smart contracts, network security, and the legal and regulatory implications of blockchain technologies.

The uniqueness of the certification lies in its multidisciplinary coverage of the distributed ledger field, verifying the candidate’s knowledge in technological aspects, as well as in Business and Economics, while also giving ample space to the Legal and Regulatory component, which is still undergoing significant changes in properly characterizing these new technologies.

I have to say that the certification is far from a formality; the reference booklet requires extensive mandatory and optional areas of exploration and study. The exam itself is quite thorough in verifying the specifics of the covered areas.

I must admit that even for a professional like me, who has been following the blockchain field mainly from a technical standpoint for years, the exam requires delving deeply into all areas and seriously addressing the business and legal/regulatory implications posed by the use of distributed ledgers in various sectors. The exam is truly complex and requires dedication and in-depth preparation.

The subject of this article, however, is what particularly surprised me, namely the fact that once the certification is obtained, it is issued to enable verification through the Bitcoin blockchain. Let’s see what this means, what differences there are compared to other similar tokens issued in the Web3 environment, and what the process is for the verification of the certification.

The importance of verifiability on Blockchain

The importance of being able to verify a certificate on a blockchain, especially on one like Bitcoin, becomes immediately evident to those who have undergone certification processes in recent years, both traditional and particularly on MOOC systems that provide the opportunity to attest skills in various fields.

The blockchain, as a distributed and immutable ledger, allows anyone to access and verify the recorded information. This makes the certification verification process transparent and accessible to the public, eliminating the need to rely on third parties to verify qualifications.

The immutability of the blockchain eliminates the risk of falsification or manipulation of information. Certifications stored on the blockchain cannot be retroactively changed, ensuring the integrity of data over time. This provides an unprecedented level of security and trust, crucial in sectors where the reliability of credentials is crucial.

With the evolution towards an increasingly digital world, blockchain certifications emerge as a fundamental infrastructure for the future of professional credentials. The integration of certifications into the blockchain open the way for innovative and automated solutions for credential management, enabling portability, real-time updates, and secure and reliable validation of qualifications.

To safeguard privacy and space in blockchain blocks, services like the one used by the DEC Institute store an hash of the certificate metadata on the Bitcoin chain, ensuring that no personal or private information is written on the blockchain.

Verification of my CBA© certificate

For any body that wants to verify the authenticity of my certificate it will therefore be simple to verify it; from my certificate page HERE you can view the certificate and access the verification section

Access to on-chain certificate verification

Here you will find the possibility to access the verification details; first of all, it is immediately visible that the qualification comes from a verified provider and that the certificate is consistent with the hash of when the certificate itself was issued.

We see that the number of the Bitcoin block in which the hash of my certificate is recorded is shown; we can go and check the block in question on a Bitcoin block explorer:

the Bitcoin block 822997 where the hash of my certificate is recorded

First of all we can see that the block was mined on December 26, 2023 by the AntPool miner (one of the main Bitcoin mining pools) and the transaction recording the certificate hash is together with other 4137 transactions present in the block.

However, it is not immediately identifiable what the associated transaction is, the service, in fact, as stated in the detailed post, uses his own blockchain to aggregate other information together and generate a merkle tree of this information to then publish in the bitcoin transaction the merkle root only (for further information please refer to the detailed article by the DEC Institute).

The complexity of verifying the transaction on the Bitcoin blockchain

At this point I would have expected to actually be able to verify that the hash of my certificate was visible and linked to a Bitcoin transaction and that it was easily identifiable and readable (this would have convinced me of the actual registration of the low-level certificate); as seen above, the validation of the transaction actually makes use of the Accredible service (where the certification is saved) as well as the chain of chainpoint service.

Briefly, without wanting to be exhaustive and formal, the chainpoint service uses a merkle tree of various certificates to be registered on the blockchain (received from Accredible) and registers the merkle root in the Bitcoin transaction, returning the values of the Bitcoin transaction to “connect” the All.

Apparently we would therefore expect to be able to easily verify this link between certificate and blockchain, but as we will see it is far from simple and this generates quite a few doubts for me which I will discuss in the conclusions.

So we come to the process for verifying the certificate on Bitcoin; first we have to look at the certificate in Json format via the Accredible API; to do this you need to retrieve the code associated with our certificate from the certificate URL:

The code of my certificate that we will have to use in the API

My Code is:

db612f19–451d-48fe-b523–82ea7f95acd8

At this point we will have to query the Accredible API to technically see the Json of the certificate, querying the API with our certified code:

https://api.accredible.com/v1/credentials/blockchain_data/db612f19-451d-48fe-b523-82ea7f95acd8

example of the Json of my certification

We can see that we find the reference to the Bitcoin block where the transaction is recorded

Reference to the Bitcoin block in which the transaction is recorded

The Json reports the details of the certification and the certifier and all the characteristics that we saw directly on the certificate page, such as the date of issue, registration and expiry, the issuing body, etc.

The Json is essentially composed of 2 sections:

• credential_json_data contains the certification details that are sent to other services for registration in the blockchain
• receipt: it is the receipt of registration in the blockchain by the chainpoint service to which the json of the certificate is submitted

Accredible’s documentation says that a hash is made of the Json of the certificate (which together with the certificate is saved in their archives), but I have not found in the documentation how and exactly on which data this hash is made; I was therefore unable to replicate it; let’s assume that the hash is the one found in the receipt, this seems reasonable to me because it would allow you to connect the certificate to the receipt, but I was unable to replicate this step).

Analyzing the receipt component of the Json we see that there is some significant information, such as the Bitcoin block in which it was registered, but as mentioned above, we do not find the transaction and registration codes in Bitcoin and the return value.

We must, therefore, leverage chainpoint libraries to extract this information before being able to identify the actual Bitcoin transaction.

I report as a note that this step is far from explicit and clear in the Chainpoint and Accredible documentation and that it required several hours of in-depth study and testing to create the working code that I document here; for every detail I suggest opening issues directly on the Chainpoint github where I have already found some documented issues that have helped me find the solution I propose.

We will have to parse the Json receipt using the javascript libraries; we therefore extract only the receipt component from the Json and save it in a Json file, we will then parse it using the following code:

const chainpointParse = require('chainpoint-parse')
const fs = require('fs')
const chpBinary = require('chainpoint-binary')

// Valid proof in JS Object, Buffer, Hex String, or Base64 String form
let jsonSample = fs.readFileSync('./receipt.chp.json', 'utf-8')
let chainpointProofObject = chpBinary.objectToBinarySync(JSON.parse(jsonSample))

try {
  let result = chainpointParse.parse(chainpointProofObject)
  console.log(JSON.stringify(result));
} catch (error) {
  console.error(`An error has occurred: ${error.message}`)
}

We obtain the following Json response that is the elaboration of the Proof to retrieve the proof details:

{
   "branches" : [
      {
         "anchors" : [],
         "branches" : [
            {
               "anchors" : [
                  {
                     "anchor_id" : "be5e19aa548870e720991e98259654eb677bbf608a391b179e197cacb95981f5",
                     "expected_value" : "d8bc635eb8182b016f442f70fa600dd269d91ad0be3d83b977f3b7224f75dafb",
                     "type" : "cal",
                     "uris" : [
                        "http://18.220.31.138/calendar/be5e19aa548870e720991e98259654eb677bbf608a391b179e197cacb95981f5/data"
                     ]
                  }
               ],
               "branches" : [
                  {
                     "anchors" : [
                        {
                           "anchor_id" : "822997",
                           "expected_value" : "20b5550c61bc77fb07dc90b7b219f291816eff70050dc2a156408490808ea51b",
                           "type" : "btc",
                           "uris" : [
                              "http://18.220.31.138/calendar/63ead386d83ed711b3bab8d645958879761be46aa9c5fa024177026541035e5f/data"
                           ]
                        }
                     ],
                     "btcTxId" : "a3b3d1dca2f9c012f8b32ab6efa30ad3144981f6c6cf66ce90f6f326c9ac2637",
                     "label" : "btc_anchor_branch",
                     "opReturnValue" : "1bfa44c6906a400d5063255c2b00bb42bd41c4226cfb161f290373817885c2c1",
                     "rawTx" : "01000000017917986240ff3b474b68f5526a290dd05d2ae4c7bf61365a0692f85f8df821220000000000ffffffff02155f54010000000016001419a775d1abdc6ee15ffffa84cecd49930b5cc5fd0000000000000000226a201bfa44c6906a400d5063255c2b00bb42bd41c4226cfb161f290373817885c2c100000000"
                  }
               ],
               "label" : "cal_anchor_branch"
            }
         ],
         "label" : "aggregator"
      }
   ],
   "hash" : "c481e296fb8406293c6678ae393fa4bb18f09a44d96d512af4d11971ef270651",
   "hash_received" : "2023-12-26T06:24:03Z",
   "proof_id" : "01HJJCPT2SFMYG813WAVN4QZS8"
}

We see that in the Json we have two anchors, one to Bitcoin and one to Calendar (the Chainpoint blockchain); if we look at the Bitcoin section we can find the exact Bitcoin transaction we are looking for:

“btcTxId” : “a3b3d1dca2f9c012f8b32ab6efa30ad3144981f6c6cf66ce90f6f326c9ac2637”

This transaction is visible on a Bitcoin explorer:

the registration transaction of our certificate

The transaction is actually contained in block 822997 that we identified earlier; the expected_value field which represents the submitted markle_root is not immediately verifiable due to the different coding between chainpoint and Bitcoin (little endian vs big endian).

This also leaves me wondering, because, if I’m not mistaken in my interpretation of the documentation, this should really be the value of the hash of the certificate that is recorded in the blockchain and allows us to say that the certificate itself is the one registered; we go beyond this point in the hope of being able to delve deeper and verify it at a later time.

However, we find the opReturnValue field which is the value returned by Bitcoin for registering the root merkle:

“opReturnValue” : “1bfa44c6906a400d5063255c2b00bb42bd41c4226cfb161f290373817885c2c1”,

This is the return value that we can find in the Bitcoin transaction and in the receipt linked to the certificate, which allows us to verify the actual registration of the certification on Bitcoin:

We therefore verified, with quite a bit of difficulty, that the transaction is present in Bitcoin and that it refers to the hash of our certificate; to verify the authenticity of the transaction we could also have directly used the libraries to verify the proof, but this would still have limited our visibility on the real blockchain data.

Conclusion

In conclusion, I renew my satisfaction for having achieved the CBA© certification, a recognition that we have verified is immutably recorded on the Bitcoin blockchain, thus guaranteeing its authenticity and unalterable certification over time.

However, the verification process, for those who wish to go beyond simple confirmation through Accredible’s graphical interface, presents itself as a difficult undertaking. Not only from a technical point of view, but also in terms of effective traceability in the blockchain. In my opinion, this difficulty still limits the full adoption of on-chain certifications. Verification should allow immediate on-chain analysis without having to place trust in intermediate elements of the certification chain, reducing the need to rely completely on trust (trustless).

There are alternatives such as POAPs, NFTs or inscriptions to register certificates on-chain, each with their own advantages and problems, I intend to further explore these types of certificates in a future dedicated article.

I am therefore happy to have achieved this certification, to have been able to verify its validity in Bitcoin, but the perplexity of a rather difficult and non-transparent manual detailed verification process in all its components remains due to a technology that has yet to reach its complete development; however, this does not detract from the appreciation of the services that have been implemented so far and the DEC Institute’s desire to provide a certification that is written and verifiable on Bitcoin.

References::

• https://www.decinstitute.org/
• https://www.decinstitute.org/cba
• https://medium.com/@DECInstitute/how-to-verify-dec-institute-certificates-on-the-Bitcoin-blockchain-d95bf4186e7
• https://help.accredible.com/manually-verifying-blockchain-records
• https://github.com/chainpoint/
• https://github.com/chainpoint/chainpoint-binary
• https://npm.runkit.com/chainpoint-parse
• https://github.com/chainpoint/chainpoint-parse/
• https://github.com/chainpoint/chainpoint-gateway
• https://github.com/chainpoint/chainpoint-js/
• https://github.com/chainpoint/chainpoint-js/issues/8