kilt-protocol
Published in

kilt-protocol

DIDsign vs. Web2 Signing Services

Web3 decentralized applications (dapps) are in many ways superior to Web2 services. DIDsign, the digital signature service built on KILT, is a sign of what corporates and consumers can expect in a Web3 world.

DIDsign provides a way to sign any digital file directly in your browser. The DIDsign signature is uniquely linked to the person signing as it is based around an industry-standard decentralized identifier (DID). This is a string of numbers and letters that forms a “digital fingerprint”, allowing users to build a digital identity by adding credentials, a unique web3name and any other information they wish to make public.

DIDsign offers several advantages over similar Web2 services:

Privacy

Web2 signing services require the user to upload the documents they want to sign to a server. With DIDsign, files remain under the user’s control on their device.

The user opens the DIDsign website on their computer and adds the file/s they wish to sign either using the drag & drop function or by selecting from their files. They then sign via their Sporran wallet, a browser extension on their device. This ensures the confidentiality and integrity of their signature. Once they have signed, they need to save the signed files and signature (usually as a zipfile) to their device. When the browser is closed, all data is deleted. That means the user’s data is never transferred or monetized.

Web2 signing services require registering with the service, giving personal details such as name, email address, etc. DIDsign requires no sign in or user details.

To sign via DIDsign, the user enters their password in their private Sporran wallet when prompted — DIDsign doesn’t need to know anything about them. The recipient also doesn’t need to provide any identifying details: they simply add the signed file into the Verify area on the DIDsign website to validate the signature.

Security

Web2 signing services check only the email of the person signing, which can be hacked. DIDsign allows the signer to add additional verified credentials to their signature, which show their email, social media handles, GitHub account, etc., in both private and public formats.

These credentials can be generated and verified for free via another Web3 dapp created by BTE, SocialKYC, and are stored privately in their Sporran wallet. The user can choose to make their credentials public via a service endpoint, or can selectively choose to add any or part of them to their signature as extra identity verification. They may also add a unique web3name to their DID. When the recipient checks the signed file in the DIDsign verifier tab, they can see this additional verification.

Any change to any of the files will invalidate the signature, so the recipient can be sure that the files they receive have not been tampered with. If the files match the signature and have not been changed since they were signed, the signature shows a green check mark next to each file, and next to “Verification” under the list of files. If any of the content of the files have been altered, or if the signature wasn’t included in the zip file, verification will fail.

Flexibility

Web2 signing services are limited to certain data types (PDF, etc.). DIDsign allows the user to sign any kind of digital file.

DIDsign allows signing text, image, video, audio, or software files. These may be signed individually, or combined in one file.

Web2 signing services require signed files to be sent by email only. DIDsign allows sending the signed file by a variety of communication methods.

The file can be shared via the user’s preferred method (email, Telegram, WhatsApp, via memory stick, etc.).

Cost Efficiency

Web2 signing services require the initiator to pay. DIDsign is free to use, both for those signing and for those verifying the signature.

Signing with DIDsign requires the user to pay a once-off deposit and a small transaction fee for their on-chain DID. Currently, deposits and fees in DIDsign are paid in KILT tokens, but the option to pay with fiat (for instance, euro or dollar) will be available soon, making enterprise adoption even easier. Once users have their on-chain DID, they can sign as often as they like (and receive the deposit back if they don’t need the DID any more). Verifying a signed file is always free — the recipient just drops the file into the Verify area on the DIDsign website.

Trustless Timestamps

With Web2 signing services that offer timestamps, the time of signing is centrally stored by the service or marked on the document. Timestamps with DIDsign are “trustless” as they are recorded on the decentralized KILT blockchain.

Once the file has been signed, DIDsign offers the option to add a timestamp. This is added to the KILT blockchain as a permanent record via the user’s cryptographically-protected Sporran wallet.

When verified via the DIDsign website, the signed file shows the date and time (local and UTC). Note, because it’s written to the blockchain, it requires a small transaction fee (around 0.004 KILT), and the timestamp is the time it was recorded to the blockchain.

To reiterate: the user’s data is never saved — instead, a unique hash (a series of letters and numbers) representing the user’s data is written on the KILT blockchain.

DIDsign in the Real World

Along with individual use, DIDsign can be used on a large scale by institutions such as hospitals, governments or banks, allowing staff to sign, timestamp and send reports. Any fees required for deposits or transactions that require payment can be paid by the institution.

DIDsign also allows several people to sign the same document separately and confirm that it was signed. For example if a contract needs to be approved by several parties, each party can sign it and send their signature to the others. The document can then be checked against each signature, showing that each party signed the document in its original form.

See more about how it works in the DIDsign How-to guide.

Enabling Web3

DIDsign was built on KILT by B.T.E. BOTLabs Trusted Entity GmbH (BTE). BTE is a subsidiary of BOTLabs GmbH, the initial developer of KILT Protocol.

KILT is a decentralized identity blockchain protocol with a mission to return control over personal data to its owner, restoring privacy to the individual. DIDsign is another step towards achieving this.

We are only at the beginning of mainstream adoption of decentralized blockchain-enabled applications, but already there are several Web3 dapps “built on KILT” that are available and ready to be used. Try them for yourself now and start building your own decentralized digital identity, under your control.

Even if you have no blockchain experience or KILT tokens, you can set up a Sporran and create credentials for free. Just follow the guides below:

Set up your Sporran: How-to guide, Sporran

Get your SocialKYC credentials: How-to guide, SocialKYC Credentials

For security on the blockchain, these transactions require some KILT tokens (soon, payment in fiat will also be possible):

Get your on-chain DID: How-to guide, on-chain DID

Get your web3name: How-to guide, web3name

Link your credentials publicly: How-to guide, linking credentials

Discover more about KILT on its website and blog, brainstorm KILT use cases in Discord, or follow KILT on Twitter and Telegram to keep up with the latest news. Join the growing KILT community to be part of the unfolding internet revolution.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
KILT Protocol

KILT Protocol

KILT is a blockchain identity protocol for issuing self-sovereign, verifiable credentials. KILT is part of the Polkadot ecosystem.