When building blockchain-based applications, discussion often comes to the point of whether a public or private blockchain should be used. sproof clearly takes the position for public blockchains for tamper-proof digital certificates and documents. Here is why.
sproof is a research-based company and our decisions are carefully evaluated and scientifically backed. These are the three reasons for using a public blockchain within the sproof network:
No trusted parties needed
Global and public registry
1. No trusted parties needed for maintaining the blockchain
A public blockchain serves as a decentralized data storage which is distributed over all participating blockchain nodes. These are referred to as “operators” or “miners”. Public blockchains are generally designed to be permission-less, i.e., anyone can act as a user and write data into a public blockchain. This can be done without the need for prior registration at some organization or authority. It is also not necessary to participate as an operator or miner. A so-called “consensus algorithm” allows all nodes to agree on a globally common state.
😎 sproof uses this feature in order to build a platform where anyone (e.g., universities, enterprises, etc.) can join without operating a blockchain themselves and without being dependent on a specific platform operator.
2. Tamper-proof timestamping
Since all nodes agree upon a common state at each point of time, their agreement corresponds to a global timestamping service. Thus, writing data to a public blockchain automatically assigns a timestamp to that data. Cryptographic tools (such as hash functions) and the designs of the blockchain and consensus mechanism, respectively, assure that, in practice, the data cannot be changed later on.
😎 sproof makes use of tamper-proof timestamping for assigning an unforgeable and verifiable timestamp to documents and data without the need for relying on a single, possibly forged, source for timestamping.
3. Global and public registry
The globally agreed-upon common state of data within the blockchain is replicated among all participating nodes. Thus, the data is publicly available and accessible by everyone.
😎 sproof publicly stores references to data, which are needed to verify the authenticity and integrity of documents or data and their issuers in this public registry. The document itself is not published publicly. Verification can then be done by anyone in possession of the original digital document. This verification neither involves sproof nor the issuer and the process is completely decentralized.
Please refer to the peer-reviewed sproof paper for technical details .
 C. Brunner, F. Knirsch, and D. Engel, “SPROOF: A platform for issuing and verifying documents in a public blockchain,” in Proceedings of the 5th International Conference on Information Systems Security and Privacy (ICISSP), Prague, Czech Republic, 2019, pp. 15-25. Read the full paper
Integrating a new feature into your existing application in only 60 minutes sounds like wishful thinking to you? Here’s how sproof makes your wish come true:
1. Easy to use API To issue secure digital documents in your institution or enterprise, all you need to do is as easy as an API call. Integrate sproof into your application easily by using our freely available Docker Container.
“This step took us about 40 minutes”, reports Christoph Winkler, software engineer at Salzburg University of Applied Sciences, who recently integrated sproof into the university’s study support system.
2. One single line of code No blockchain proficiency or cryptographic knowledge is demanded from you! Apart from the API call, simply paste one single line of code into your website in order to host an iframe for verification. Time required: about 5 minutes. With that iframe, you can verify secure digital documents on your own website. Want to know what that looks like?
3. Detailed open source documentation Did we make you curious how that all works exactly? Then we have some more good news. Not only IS there a complete documentation of how to integrate sproof into an existing application, but it is also really GOOD and even OPEN SOURCE. The documentation guides you through the few necessary steps for a quick and easy integration and can be read in 10-15 minutes. So if you are a fast reader, there’ll even be 5 minutes left for a cup of coffee before the hour is over.