1. Extract structured data from the certificate file
Clipperz Registration Certificate is a plain HTML file that contains a hidden textarea with all the relevant data of the certificate, in a structured format (JSON).
The easiest way to extract this data is to make the textarea visible by tweaking the HTML code with any inspector tool available in modern browsers.
Once spotted the ‘textarea’ node, just deselect the checks besides the ‘display’ and ‘visibility’ properties (bottom-right panel). This will make the textarea visible in the main browser panel (see images below) and you will able to just select its whole content and copy the JSON version of the certificate.
2. Structure of certificate structured data
To perform the verification process, the following data are required (path expressed using JSON Pointer notation):
- protocol version: /transaction/version
- BTC transaction ID: /tx
- Certificate validation date: /creationDate
- card data: /metadata
- card address: /transaction/card.address
3. Bitcoin Blockchain transaction
The BTC transcation ID extracted in the previous step, refers to the specific transaction that was generated by Clipperz to register a user card. It is possible to use one of the many Blockchain explorer to get the full details of the transaction.
One such service is Blocktrail where you just need to append the BTC transaction ID to this url:
Now it’s time to compare the data extracted from the certificate with the ones found in the actual Bitcoin transaction.
4.1 Certificate date
The date of the transaction should match the ‘Certificate validation date’ value extracted from the certificate.
4.2 Protocol version
The OP_RETURN code of the transaction should include the ‘protocol version’ extracted from the certificate.
Eg, if ‘protocol version’ is “1.0”, the OP_RETURN code should be
CLIPPERZ 1.0 REG".
4.3 Outputs and public keys
The Bitcoin transaction should have one input and two outputs:
- a OP_RETURN code
- a 2/2 MULTISIG script.
The multisig script is made of two bitcoin addresses:
- one should match the card address;
- the other is derived from the card data as explained below.
4.3.1 Compute the “card data” address
In order to compute a bitcoin address using the card data a few steps are required:
- Serialize card data by removing all extra space/tab/new lines from the JSON path
- Apply SHA-256 hash function twice to the serialised string and produce a hexadecimal representation of the private key;
- Compute the related public key and bitcoin address.
One convenient online tool to perform the second step is available here.
First, you have to paste the string with the metatada in the “String hash” form and collect the value of the SHA-256 outcome from the table at the bottom of the page.
Now paste the SHA-256 value into the “Binary hash” form on the same page and collect the newly computed SHA-256 value. This is the hexadecimal representation of the private key.
To compute the public key and the bitcoin address, you may want to use an online tool like BitCore playground.
Insert the above hash value in the “Private Key” field and “Public Key” and “Address” values are automatically updated. Please make sure to set the switch on the top-right to “Livenet”.
The address should match one of the values of the multisig output script.