4
1
Issues & Signs
Stores
Smart Contract
Address 3
2
Content Hash Metadata Hash
and universities can verify the student’s creden- tials without relying on central authorities—in just minutes, and with no other intermediaries.
Figure 1 describes the mentioned scenario. Certificates are issued by an authority, such as an education institute (1), stored on a centralized document management server (2), or on a distrib- uted file system like IPFS (ipfs.io) and signed with a cryptographic function. I’ll go into more about IPFS later in the article. The content hash and certificate’s metadata hash are then stored on the blockchain digital ledger (3) and attached to the user’s digital identity as a smart contract address that stores this information (4). This represents a sort of unique authenticity token, which identifies the document in a non-questionable way.
A common pattern is to generate a unique hash of the digital asset and a unique hash of the meta- data that describes it. Those hashes are then stored
IPFS
Authenticity Token
Figure 1 The Signing Actors and Process
that access on- and off-chain data, handle events generated by the digital ledger, and leverage the Azure ecosystem for a seamless and integrated solution. Let’s explore a practical application in the context of enterprise content management.
Signing Digital Assets
With blockchain, you can imagine a world in which documents are embedded in digital code and stored in transparent, shared databases, where they’re protected from deletion, tampering and revision. In this world every agreement, every process, every task, and every payment would have a digital record and signature that could be identified, validated, stored, and shared. Intermediaries like lawyers, brokers and institutions might no longer be necessary. Individuals, organizations, and machines would freely transact and interact with one another with little friction. This is the immense potential of blockchain.
The potential application of content decentralization and distri- bution is enormous. With a single, immutable and verifiable record store, people will own their digital identity and records—think of identity or residence documents, medical records, educational or professional certificates and licenses. All these documents and their metadata can be issued on the blockchain and be digitally signed. No more fake certifications, no more degree mills, no more “photoshopped” papers.
The potential application of content decentralization and distribution is enormous.
Students, for example, may apply for further study, a job, or immigration to another country; and in the process may be required to prove their level of study or knowledge of language to attend university. Entities like recruiters, employers, governments msdnmagazine.com
on a blockchain. If authenticity of a document is ever questioned, the off-chain file can be re-hashed at a later time and that hash com- pared to the on-chain value. If the hash values match, the document is authentic, but if just a character in a document is modified, the hashes won’t match, making obvious that a change has occurred.
Build the Signing Logic App Flow
Let’s look at a potential implementation of this workflow using Azure Logic App. The Logic App flow will generate a document and metadata hashes, and store the former on SharePoint and the latter on an Ethereum network, using the Ethereum connector available as part of the Azure Blockchain Development Kit. The calculation of the hash value is done in an Azure Function built on the .NET runtime stack. The function is based on the HTTP trigger template, and it will be run as soon as it receives an HTTP request.
Figure 2 The ComputeHashFunction
public static class ComputeHashFunction {
[FunctionName("ComputeHashFunction")] public static async Task<IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function,
"get", "post", Route = null)] HttpRequest req, ILogger log)
{
string requestBody =
await new StreamReader(req.Body).ReadToEndAsync();
string hash = ComputeHash(requestBody);
return (ActionResult)new OkObjectResult(hash); }
private static string ComputeHash(string data) {
// Create a SHA256 hash
using (SHA256 sha256 = SHA256.Create()) {
byte[] bytes = sha256.ComputeHash(Encoding.UTF8.GetBytes(data));
// Convert the byte array to a string
return Encoding.UTF8.GetString(bytes); }
} }
March 2019 27