It is common practice for institutions in academia or in industry to issue credentials as an attestation of someone’s achievements. They have been doing that using physical documents for centuries and lately using digital credentials (typically PDF files) are all the more common. These institutions have always faced credential fraud problems since both the physical and digital credentials can be forged relatively easily. There is no good countermeasure for that unless someone conducts expensive and time-consuming processes for the verification and even then you could not always guarantee validity of a credential, there are actually services that provide contact phone numbers where they pretend to be the issuing institution and verify fake credentials. One side-effect of this inefficiency is that potential credential auditors (e.g. employers) would not even bother to verify the credentials.
Back in 2014 the University of Nicosia set out to solve this problem for digital credentials using blockchain technology. It came up with a novel way of fingerprinting digital documents and anchoring them into Bitcoin’s blockchain. This solution was refined over the years to lead to the platform we have today. This article will examine the design principles that shaped the development of this platform as well as future directions.
A valid credential should not depend on the issuer institution for its validation. Anyone should be able to verify it without contacting the issuer. That means that even if the issuer no longer exists or their records are lost it would not influence the verification of an existing credential.
This “no central point of failure” aspect is one of the primary reasons that blockchain technology was leveraged by our platform. It uses the Bitcoin blockchain as the decentralized immutable ledger to store and timestamp the fingerprints of the credentials upon their issuing. Since no one will be able to tamper with the fingerprints it is easy to take a fingerprint of the digital document in the future and compare it to the one stored in the blockchain. (The process is much more efficient than comparing a single credential at a time but that is beyond the scope of this article.)
Nowadays, one of the questions we get a lot is why Bitcoin’s blockchain. We wanted to use the most robust and stable public blockchain. Back in 2014 there was no doubt whatsoever that Bitcoin was the one. Even now with a multitude of choices we would still choose Bitcoin. To elaborate further we will use an example and discuss the tradeoffs. Ethereum is a popular choice for a lot of applications and we are asked about it the most, so we’ll use that.
- The design philosophy of Bitcoin is more conservative. It tries to make non-disruptive upgrades that can take literally years to ensure extensive testing was conducted. In contrast Ethereum’s philosophy is quick progress through experimentation to improve and evolve rapidly. For our purposes stability and robustness of the platform is of paramount importance to secure the credentials’ fingerprints.
- Bitcoin’s scripting language is more restrictive and more difficult to work with. Ethereum provides a much more flexible language that makes it easy to create complex smart contracts. We have managed to create a protocol on top of Bitcoin that allows for all the functionality required while doing everything on-chain. We won’t really gain much by using smart contracts. More importantly this flexibility and power of the Ethereum platform comes at a cost; it is more complex which increases the potential attack vectors.
- The security, hashrate-wise, of the Bitcoin blockchain is by far higher compared to Ethereum and for any blockchain for that matter.
Also note, that we can easily anchor on Ethereum (and other blockchains) without any significant changes since we use Chainpoint for anchoring, which is blockchain agnostic. This will anchor the data similarly to Bitcoin (does not make use of smart contracts) but there is no real incentive to include it yet.
It goes without saying that no one should be able to modify or tamper a digital credential. While it is trivial to get a unique fingerprint from a digital document it is quite challenging to guarantee what was the original fingerprint. However, as mentioned in the previous design decision Bitcoin’s blockchain stores and timestamps the fingerprints in a decentralized and immutable manner securing the credentials from tampering.
We wanted the whole process to be as simple as possible; to involve no other services or products other than (in this case) the Bitcoin blockchain. A simple solution is easier to test and validate, and again, the less dependencies the less potential attack vectors. With respect to users we needed a format that most would be familiar with in their day to day (digital) life and thus we opted to use the PDF format. The PDF should be appropriately annotated so that it is self-contained with no external dependencies.
PDF/A is an ISO-standardized format specialized for use in archiving and long-term preservation of electronic documents. It is an intuitive medium that most users are comfortable with and know how to view them. Moreover, the vast majority of the digital credentials (or any document) created are in PDF format and most institutions that issue digital credentials issue them in PDF anyway.
Following Bitcoin’s example we wanted our solution to be open and permissionless. The core library, which includes all the functionality, is open source and anyone can use it to issue, revoke and validate credentials. On top of that we published our work detailing how we managed revocation in an immutable ledger (a topic for another article) as well as the platform in general, sharing with everyone exactly how our platform works so that others may benefit from that.
Our platform makes use of blockchain technology to provide an all-in-one-solution abiding to the above design principles by providing a simple, scalable and robust solution to how digital credentials can be digitized, published, revoked and independently validated. For more details on how this is achieved technically please consult this publication, the repository and our website.
It is important to be open with the solution provided so that everyone can access the technology. It is also important to be able to align with others to make interoperable platforms for credentials. When we started working in digital credentials and their verification the standardization efforts where at their infancy. Some adhoc standards were used like Chainpoint which attempts to standardize how data is anchored in a blockchain. Sometimes the goals of the efforts were not aligned with ours. For example W3C’s Verifiable Credentials and Open Badges did not have initially considered platforms that want to be decentralized like ours. Some still lack the features required (Open Badges) while others (Verifiable Credentials) later evolved to accommodate decentralized identifiers and other mechanisms required by a solution like ours.
In light of these updates we are re-evaluating compliance to all standardization efforts that are in alignment with our design principles described in this article. We still feel that adoption of these standards will take years to be fruitful but we will update appropriately to be compliant. We are even adding mechanisms to re-issue existing certificates with the new standards when they are mature enough to be useful.