How do I verify the authenticity of a Bernstein bitcoin certificate?
1. Download the certificate
Browse your projects and select the right version. Then click on "download certificate" button.
| SCREENSHOT of the project version, highlight download buttons for certificates and files
A pdf file will be downloaded to your computer. Its name will have the following structure: <yyaaddhhmm> - Bernstein - Bitcoin - <certID>.pdf
And it will look like this:
2. Download the associated files
From the same version of the project you now have to download the zip file containing all manually uploaded files plus the cover file containing the metadata you entered.
The zip files will be named "<yyaaddhhmm> - Bernstein - Bitcoin - <certID>.zip".
Download it and unzip it. and it will contain the cover file named "<yyaaddhhmm> - Bernstein - Bitcoin - <certID>.json".
=== Bernstein verification web app ===
The easiest way to check the authenticity of a file or collection of files is using Bernstein verification web app.
✔ Just point your browser to https://app.bernstein.io/verify and enter the certificate ID.
| SCREENSHOT of the verify app
=== Manual verification ===
Since IP assets can have a lifespan of decades, and Bernstein may not be around forever, we designed the certification service in a way that you will be always able to prove the authenticity of a Bernstein certificate without any help from Bernstein.
1. Check the Bitcoin transaction
Since the Bitcoin blockchain is public digital infrastructure, you can easily look up the transaction referenced on your certificate. Copy the transaction identifier (TX) from the certificate and enter it in any Bitcoin blockchain explorer service (BlockCypher, TradeBlock, BitcoinChain, ...).
✔ Make sure the specific transaction exists!
| SCREENSHOT of a blockchain explorer
2. Check the transaction content
Now it’s time to compare the data extracted from the certificate with the ones found in the actual Bitcoin transaction.
The date of the transaction should match the ‘Certificate validation date’ value extracted from the certificate.
✔ Make sure the date displayed in the certificate matches the one shown by the blockchain explorer.
The OP_RETURN code of the transaction includes a ‘protocol version’. "BER 01.03 - REG - ..."
✔ Make sure the version displayed in the certificate matches the one shown by the blockchain explorer.
Outputs and public keys
The Bitcoin transaction should have two outputs:
- the OP_RETURN mentioned above
- a 3/3 MULTISIG output
The multisig script is generated using three different public keys:
- Project Owner public key
What: a private/public key pair randomly generated and assigned to each organization owner during the signup process.
Who: only in possession of the organization owner, never disclosed to Bernstein server.
- Project Data public key
What: a private/public key pair derived deterministically from the collection of files included in the project when the certificate was generated.
Who: anyone having access to those files can calculate the key.
- Bernstein public key
What: an organization specific key pair randomly generated by Bernstein to secure the integrity and consistency of the chain of certificates.
Who: the key is only disclosed to the organization owner.
✔ These are the steps you have to take to generate the Project Data public key from the files associated with the certificate and therefore prove their existence and integrity: i) calculate the SHA-256 hash for each file contained in the .zip container; ii) sort the resulting hashes alphabetically and concatenate them; iii) calculate the SHA-256 hash of the resulting string; iv) use the obtained hash as a Bitcoin private key; v) compute the corresponding public key; vi) check that the resulting hash, expressed as a string of 64 hex characters, matches the Project Data publick key displayed in the certificate. (explain the 64 vs 66 character mismatch)
| step-by-step example
=== Final remarks ===
- Please note that the above procedure enables you to prove the existence and integrity of just a specific file of the project without being forced to reveal all files associated to the certificate.
- The above steps does not prove the ownership of the Project Owner over the project files. This can be obtained by following these instructions.