Instructions for verifying Clipperz Registration Certificates

1. Extract structured data from the certificate file

Clipperz Registration Certificate is a plain HTML file that contains a hidden textarea with all the relevant data of the certificate, in a structured format (JSON).
The easiest way to extract this data is to make the textarea visible by tweaking the HTML code with any inspector tool available in modern browsers.

Hidden textarea in Clipperz certificates

Once spotted the ‘textarea’ node, just deselect the checks besides the ‘display’ and ‘visibility’ properties (bottom-right panel). This will make the textarea visible in the main browser panel (see images below) and you will able to just select its whole content and copy the JSON version of the certificate.

Reveal textarea in Clipperz certificates

2. Structure of certificate structured data

To perform the verification process, the following data are required (path expressed using JSON Pointer notation):

  • protocol version: /transaction/version
  • BTC transaction ID: /tx
  • Certificate validation date: /creationDate
  • card data: /metadata
  • card address: /transaction/card.address

3. Bitcoin Blockchain transaction

The BTC transcation ID extracted in the previous step, refers to the specific transaction that was generated by Clipperz to register a user card. It is possible to use one of the many Blockchain explorer to get the full details of the transaction.
One such service is Blocktrail where you just need to append the BTC transaction ID to this url:

4. Checks

Now it’s time to compare the data extracted from the certificate with the ones found in the actual Bitcoin transaction.

4.1 Certificate date

The date of the transaction should match the ‘Certificate validation date’ value extracted from the certificate.

4.2 Protocol version

The OP_RETURN code of the transaction should include the ‘protocol version’ extracted from the certificate.
Eg, if ‘protocol version’ is “1.0”, the OP_RETURN code should be CLIPPERZ 1.0 REG".

4.3 Outputs and public keys

The Bitcoin transaction should have one input and two outputs:

  1. a OP_RETURN code
  2. a 2/2 MULTISIG script.

Blocktrail transaction detail

The multisig script is made of two bitcoin addresses:

  1. one should match the card address;
  2. the other is derived from the card data as explained below.

4.3.1 Compute the “card data” address

In order to compute a bitcoin address using the card data a few steps are required:

  1. Serialize card data by removing all extra space/tab/new lines from the JSON path /metadata;
  2. Apply SHA-256 hash function twice to the serialised string and produce a hexadecimal representation of the private key;
  3. Compute the related public key and bitcoin address.

One convenient online tool to perform the second step is available here.

Web app for calculating hashes

First, you have to paste the string with the metatada in the “String hash” form and collect the value of the SHA-256 outcome from the table at the bottom of the page.

Web app for calculating hashes

Now paste the SHA-256 value into the “Binary hash” form on the same page and collect the newly computed SHA-256 value. This is the hexadecimal representation of the private key.

To compute the public key and the bitcoin address, you may want to use an online tool like BitCore playground.

Web app for calculating hashes

Insert the above hash value in the “Private Key” field and “Public Key” and “Address” values are automatically updated. Please make sure to set the switch on the top-right to “Livenet”.

The address should match one of the values of the multisig output script.