pApostille A blockchain notarization and timestamping service with transferable, updatable, branded, and conjointly owned notarizations Authors J. McDonald, Assistant Professor, Keimyung University E-mail jeffnem.io J. Oliverio, NanoWallet Developer nbsp;Email January 15, 2017 v.1.1 Abstract Many timestamping services exist in one or another in the blockchain sphere, but most of these are simple first generation systems for hashing a document to get its fingerprint and then timestamping that fingerprint in the blockchain with a transaction. These are one-off fixed transactions that have their reason to be culminating in being included in a block so that later they may be audited. These 1.0 timestamps are not updatable, cannot be transferred from one owner to another, and cannot have additional value and assets attached to the timestamp. Apostille, as the first 2.0 blockchain notarization service, solves these problems and offers a new set of features and business opportunities. nbsp;The Apostille system’s key innovation is taking data which represents an underlying person, place, or thing and giving that data its own private key derived deterministically from its contents. nbsp;This is used to create an account that represents the state of that object. nbsp;These are dynamic accounts that can be used to prove authenticity, show ownership, and record updates, as well as be branded, transferable and conjointly owned. nbsp; Table of Contents 1. Introduction 2.1. Namespaces 2.2. Mosaics - Assets on the NEM Blockchain 2.3. Messages 2.4. Multisig Contracts 3. The Apostille System 3.1. Preparing the Initiating Blockchain Notarization Account 3.2. Types of Apostille Notarizations 3.3. Making a File’s Dedicated Private Key - Coloring HD Accounts - Creating an Apostille Account 3.4. Apostille Hashes - Preparing the Timestamp Fingerprint - Making the Blockchain Notarization 3.5. Differences of Hashes 3.6. Auditing Blockchain Notarizations 3.7. Transferring Control of a Blockchain Notarization’s Colored HD Account 3.8. Updating a Blockchain Notarization 3.9 Making Multiple Party Contract Notarizations - Initiated, Signed, Updated, Controlled, and Transferred by Multiple Parties 3.10 Private and Public Chains - Apostille for Mijin 4. Uses Cases 4.1.1. Car Title 4.1.2. Government Registration 4.1.4. Luxury Consumer Goods and Anti-Counterfeiting 4.1.5. Two-Party Legal Contracts 4.2 Custom Use Cases 5. Conclusion Acknowledgements Bibliography 1 nbsp;1. Introduction The idea of timestamping documents to prove they existed and were in one’s possession has been around since long before the blockchain, but with the invention of Bitcoin, many have seen the blockchain as a natural fit for this service taking advantage of the blockchain’s usefulness as an open and auditable timestamped ledger. nbsp;Timestamping the hashed fingerprint of a document into the blockchain has come to be known as proof-of-existence PoE. One of the first and most recognized services is , which is an open source website started in 2012. Users can drag and drop their document and get a hash representing the document’s digital fingerprint that can then be stamped in the Bitcoin blockchain. Since PoE’s start many other services have arisen, some with small improvements or cheaper fees have emerged, but these more or less rely on the same ula. These are one-time timestamping processes where a person uploads a document and stamps it in a blockchain. That is the limit of their utility. nbsp;Outside of blockchain technology, traditionally, legal notaries have verified and stamped paper documents to notarize their authenticity. These notaries gain their authority because they are registered and backed by the governments of the world. But since the invention of the blockchain, one can think of timestamping fingerprints of documents in the blockchain as a type of “blockchain notarization”; one not back by political authority, but instead by the blockchain’s decentralized network and underlying technology. nbsp;The existing legal certification and notary systems backed by the governments and traditional organizations of the world offer many use cases for verifying an object’s status. These include certificates of property ownership e.g. car titles, certificates of achievement e.g. diplomas, life event certificates, verification of witness e.g., notary public, verification of a product quality e.g. “Grade A” certification, etc. nbsp;These existing systems offer qualities to their certificates like being verifiable, witnessed, quality controlled by 2nd and 3rd parties, to be registered with official organizations, transferability, updatability, etc. nbsp;2 nbsp;The Apostille system looks to add these properties which only previously existed outside of blockchains, to within a blockchain ecosystem. This is the logical next step forward in blockchain technology and is where the idea of transferable value within a blockchain system, e.g. cryptocurrency, and timestamping documents combine to bring the best features of both into one system. Apostille seeks to do this by taking advantage of a naming service, multisignature accounts, messages, and blockchain assets. These can be found on a blockchain like Bitcoin but will need to incorporate different integrations and APIs of various projects, some of which are centralized; projects like Onename for the naming service, Bitpay for multisig, CounterParty and Colored Coins for assets, and the OP_RETURN field of a Bitcoin transaction for messaging. Alternatively, a better solution is for one to explore the option of Ethereum and write a smart contract attempting to replicate these features, but this too could prove to be challenging due the the complexity and risks in writing smart contracts. Instead, one 2.0 blockchain, NEM, offers all of these services by default with one universal API, so we will discuss using it as an example. nbsp;The name “Apostille” comes from the French word of the same spelling meaning to certify, authenticate, or complete . The French word derives its meaning from the Latin use of “post” meaning after , and the use of “illa” meaning these , and “verba” meaning words . At its root then we can say it means after these words . nbsp;The term was popularized during the Apostille Convention held under the Hague Convention in 1961 and signed by 112 countries making a system for international notarizations. The NEM blockchain is an international and decentralized technology and as so brings a new twist to the idea of an apostille. NEM Apostille transactions are not traditional legal notarizations endorsed and enforced by political entities and treaties, but instead are “blockchain notarizations” made on an internationally supported blockchain secured and enforced by computer code and cryptography. nbsp;3 nbsp;2. NEM Features The NEM blockchain is a 2.0 plat written from scratch. It was designed by professional enterprise-level developers to be a reboot of what an ideal blockchain should be. Because of this, how NEM works, and to fully understand how Apostille works, it is important to introduce NEM technology, which is in many ways fundamentally different from other blockchains. A more in-depth technical explanation of NEM technology can be found in the Technical Report. nbsp;2.1. Namespaces Namespaces on the NEM system is a domain naming system, but one both like and unlike that of the internet. There are unique root-level domains and non-unique subdomains, typically used to classify fully qualified unique assets or naming systems. This allows one person with one unique root domain to create many different subdomains for their various projects or outside business accounts. It also helps to build and maintain a reputation system for services built on registered names. One such example is the blockchain supported NEM digital asset feature, named Mosaics, but others could be any third-party distributed naming systems an app builder would like to make. This is useful in the Apostille system because it creates a system of authority and power and now a user can trust a blockchain notarization made from a legitimate and registered company. NEM’s namespaces enable, for instance, one to own the namespace “foo company” and now no other person can claim that root domain. Blockchain notarizations published from that namespace can be trusted to have come from the real “foo company”. This is useful, for example, with luxury good makers making certificates of authenticity on the blockchain for luxury items. Now, the certificate can be trusted because the manufacturer of the certificate can be clearly known from things like publishing their namespace on their website and packaging ination. It is also useful for things like governments registering citizen identification on the blockchain. If those registrations are approved of by the official and unique namespace domain of that country, one can think of it as an officially endorsed blockchain ID. nbsp;4 nbsp;2.2. Mosaics - Assets on the NEM Blockchain Mosaics in NEM are essentially named assets inherent in the NEM blockchain, and not on a 2nd party layer. They can represent any kind of asset that a company, such as “foo company”, would like to issue. They have customizable names, descriptions, divisibility, quantities as either fixed or mutable, and transferability restrictions if necessary, and can have levies applied to them or be levies themselves on other mosaics. nbsp;So not only can “foo company” make notarizations but can actually attach any kind of asset to the blockchain notarization they might wish. Governments might want to make a “taxes paid” or “registered citizen” mosaic asset. Private companies might want to make a “good for a redeemable amount of money” or “share of company” asset and pair it with a notarized contract. nbsp;This is useful in the Apostille system because now many different third parties can customize, brand, and attach mosaic assets that are digital representations of value or status to a blockchain notarization. nbsp;2.3. Messages Messages in NEM come in three flavors open, encrypted, and hex. They can be of any length up to 320 characters 272 encrypted, and messages can be strung together if needed. nbsp;This is useful in Apostille because after a blockchain notarization is made, messages on the blockchain can record updates and augmentations to the file and the person, place, or thing it represents. Additionally, they could be used as plain text descriptions, or links to additional ination about the notarized content. These may need to be public, or private, or possibly written in hex as part of the backend of an application. nbsp;2.4. Multisig Contracts Multisignature and multiuser accounts play an important and critical role in the Apostille system. Although other blockchain’s multisignature solutions resemble NEM’s multisignature accounts on the surface, there 5 nbsp;are subtle differences that set NEM apart. It is some of these differences that allow us to easily create the Apostille solution on NEM. nbsp;NEM’s multisig works by on-chain contracts. Unlike other blockchain solutions, the multisig account is not created by combining public keys from other accounts. Instead, a pre-existing and funded address is converted into a multisignature account and the cosignatories are assigned to it. The cosignatories can be assigned in any m-of-n combination where both the m nbsp;and n nbsp;can be any number of 1-32; this includes 1-of-1 multisignature contracts which are important in Apostille. nbsp;A 1-of-1 multisignature account is possible in NEM as the account being turned into a multisig account has its private key nullified; meaning, it no longer has any power to initiate transactions. Only a cosignatory’s private key can initiate transactions on the multisigged account’s behalf. It is therefore that accounts in NEM’s multisig implementation can be analogously thought of as parent/child accounts, where the parent accounts are the cosignatories and can make the child account make any transaction. nbsp;This is useful in the Apostille system because now a dedicated account representing a blockchain notarization can receive messages to update the blockchain notarization, and can receive assets/mosaics sent to the dedicated account locking in value or adding status to the blockchain notarization. But the other subtle yet critical utility about NEM’s multisignature solution is that, the dedicated blockchain notarization account be transferred from person to person. This means that the account is no longer “just an account” but instead is a certification account representing the state of the underlying content it is linked. We call these certification accounts “Apostille accounts”. nbsp;6 nbsp;Figure 1. The accounts for Alice, Bob, Chuck and Account M are all each separate and each is controlled by its own private key. Figure 2. Making a multisig contract. The private key of the multisignature account M, is no longer important and not used. Meanwhile, Alice, Bob, and Chuck have custodial control over Account M. nbsp; 7 nbsp;Figure 3. Editing a multisig contract. With only a few clicks, Chuck’s account is removed and Davie’s account is added. nbsp;3. The Apostille System As one can gather from reading this paper thus far Apostille takes advantage of many different features to make a holistic blockchain notarization system, one in which notarizations are not static one-time timestamps, but instead can now be dynamic, moving, changing, and updatable values on the blockchain. Companies or applications using and customizing this service have an opportunity to make well-defined application framework conventions of how their Apostille accounts are made and interact with the authority given by namespaces, the value and status represented by digital assets sent to that account, and the ination sent as memos. nbsp;8 nbsp;Figure 4. Overview of the Apostille system framework and Apostille account creation. If one is familiarized with the Colored Coin system in Bitcoin, then it becomes easier to understand the Apostille system. In Bitcoin, a colored coin is created by taking a Satoshi and tagging it with a value such as “car title” and then transferring that Satoshi around the blockchain making sure to track it and link it back to the time it was colored. In this situation, we can be considering to “color” the Satoshi with the designation of “car title”. And while it is a visionary concept, it unfortunately, is built as a 2nd layer which is taxing for most Bitcoin organizations and wallets to implement. Furthermore such schemes usually require using the OP_RETURN, which is possible to use, but is something the Bitcoin Core developers have stated is a bad idea in version 0.9.0. nbsp;The NEM Apostille system proposes the same concept, but instead of applying it to a Satoshi, it applies it to an account created from a private key derived from the data bei/p