Blockstack Blog
Published in

Blockstack Blog

Blockusign App: A Pragmatic Approach to Smart Contracts and Anchoring Data to the Blockchain Using Blockstack

Bitcoin automates the bank, Blockusign automates verification.


  1. Blockusign Use Case
  2. Blockstack Components
  3. Files and Hashes
  4. Saving Data to the Blockchain using Blockstack Subdomains Registrar
  5. Timestamping
  6. Immutable vs. Mutable Data
  7. Peer Replicated Storage
  8. Zonefiles
  9. Anchoring Data to Bitcoin in Batches
  10. Verifying Data and Digital Signatures Stored on the Blockchain
  11. Verifying a User and Attestations
  12. Trust but Verify the Blockstack Network
  13. Video Commentary Demo of Blockusign


I used Blockusign on vacation to sign a moving form, while watching the beautiful sunset on Lake Michigan!

Use Case — Consulting Agreement

Demo of the “Consulting Agreement” using Blockusign Video Proofs

Blockstack Components

Files and Hashes

let hashBits = sjcl.hash.sha256.hash(data);
let hashStr = sjcl.codec.base64.fromBits(hashBits);
return hashStr;

Saving data to the Blockchain using Subdomains


Mutable vs. Immutable Storage

  1. Immutable Storage (Layer 1- base blockchain storage) — Only use this storage for super important stuff — like verifying important signatures on a document. This storage is expensive and slow. You can only store a few bytes of data here. It’s slow by design for security. Thousands of servers save and synchronize the data. A consensus algorithm (PoW) is used to make sure the data in accurate, signed and verified. Bitcoin’s OP_RETURN code is used to store up to 80 bytes of data. It is soooooo secure you can do million dollar money transfers on it — therefore it’s secure enough for very important contracts.
  2. Peer Replicated Storage (Layer 2- Peer-to-Peer Network) — Use this layer for pointers to files. Blockstack uses this layer for zonefiles — mapping names to storage locations. Blockusign uses this for storing hashes of documents, videos and digital signatures of those hashes. You store pointers to stuff in your zonefile. They are mutable/updatable and peer replicated, but you can anchor a hash of the zonefile to the blockchain and do things to make it “immutable” (explained later). You can use the TXT entry of a zonefile to store hashes of important data that is kept in Gaia. One-to-Many servers can replicate this data. It can cost money to store data here, but you can store slightly larger files compared to the base blockchain.
  3. Mutable Storage (Layer 3- off-chain storage) — This is your user owned encrypted storage. It is usually backed by an S3 storage bucket or Azure blob storage. You can store really large files here. Most of the application state, images, files and databases should be stored here. In Blockstack, you store large files in your Gaia bucket. These files are mutable, meaning you can add/modify/delete and do just about anything to these files — because YOU OWN THEM!

Example Zonefile Schema

  • *Note — In the Blockusign App the public key that owns this zonefile entry is a burn address so nobody can update this zonefile, thus making it immutable.
  • *Note — the original Blockstack zonefile schema is maintained so the existing blockstack explorers will work (*it might not work anymore with the new explorer, but you can lookup the raw data still via a core node) .
  • *Note — The Blockusign system currently needs to append 0,1,2,3,4 etc… to the FILE_GUID to take into account if it was the 1st or 2nd or nth signer of the document up to 9 (due to name length restrictions in blockstack — the guids representing a document’s unique identifier is really long!)

Save Data to the Blockchain

Blockusign saves this data in the zonefile as TXT entires

Verify that the Digital Signatures are authentic

You need to do 3 things to manually verify and prove that a document was digitally signed by two (or more) parties and was not forged:

  1. Verify the hashes are authentic and each party has the same hash (this means you signed the same doc)
  2. Verify the digital signatures are authentic for each party (this means it was signed by you and not forged)
  3. Verify the zonefile file hash matches the hash stored on bitcoin. This means a batch of data was authentic and not forged. You can compare this to a stack of files on a notaries desk being stamped and authentic — but we use no centralized third parties, we use the bitcoin blockchain! MIND BLOWING, RIGHT!

Map a User’s App Public Key to a Blockstack Name


Map to a real world attestation (like Facebook)

Finally! Trust…but verify the Blockstack Network

  1. Lookup the last_txid in the zonefile that you are trying to verify
"last_txid": "81df37b475f380016fa38a0c5e5a126c85cf7cae7180a8af06da7c4c817211a2"

Verified! Hooray! Here is your nice green check mark!




The easiest way to start building decentralized blockchain apps

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store