Search

EP-4736049-A1 - BLOCKCHAIN TRANSACTION

EP4736049A1EP 4736049 A1EP4736049 A1EP 4736049A1EP-4736049-A1

Abstract

Herein is provided a computer-implemented method for signing a document at a document signature system. A signature request comprising an identifier of a signer and identifying the document is received from a requestor. A commitment to the document is obtained. A document blockchain transaction is generated, wherein the document blockchain transaction comprises the commitment to the document and a document signature requirement associated with a signer, wherein satisfying the document signature requirement signs the document. The document blockchain transaction is made available to node(s) of a blockchain network. A signature authorisation message is received from the signer and, in response, a signature blockchain transaction is generated, wherein the signature blockchain transaction comprises a signature associated with the signer and which satisfies the document signature requirement. The signature blockchain transaction is made available to one or more nodes of the blockchain network.

Inventors

  • PAN, Liuxuan
  • GORDON, Arthur
  • ZHANG, WEI
  • WRIGHT, CRAIG

Assignees

  • nChain Licensing AG

Dates

Publication Date
20260506
Application Date
20240603

Claims (20)

  1. 1. A computer-implemented method for signing a document at a document signature system, the method comprising: receiving a signature request comprising an identifier of a signer and identifying the document from a requestor; obtaining a commitment to the document; generating a document blockchain transaction, wherein the document blockchain transaction comprises the commitment to the document and a document signature requirement associated with a signer, wherein satisfying the document signature requirement signs the document; making the document blockchain transaction available to one or more nodes of a blockchain network; receiving, from the signer, a signature authorisation message; in response to receiving the signature authorisation message, generating a signature blockchain transaction, wherein the signature blockchain transaction comprises a signature associated with the signer and which satisfies the document signature requirement; and making the signature blockchain transaction available to one or more nodes of the blockchain network.
  2. 2. The method of claim 1, wherein the method further comprises: in response to receiving the signature authorisation message, obtaining from a keystore a private key associated with the signer; and generating the signature of the signature blockchain transaction using the obtained private key associated with the signer.
  3. 3. The method of claim 2, wherein the keystore is stored at the document signature system.
  4. 4. The method of any preceding claim, wherein the document blockchain transaction comprises a first locking script comprising the document signature requirement and configured, when executed together with a first unlocking script of the signature blockchain transaction, to verify the signature satisfies the document signature requirement.
  5. 5. The method of claim 4, wherein the first unlocking script of the signature blockchain transaction comprises the signature, wherein the first unlocking script, when executed together with the document blockchain transaction, is configured to satisfy the document signature requirement.
  6. 6. The method of any of claims 1 to 3, wherein the document blockchain transaction comprises a first locking script comprising the document signature requirement, wherein the first locking script is configured, when executed, to store the document signature requirement on the blockchain.
  7. 7. The method of claim 6, wherein the signature blockchain transaction comprises a first locking script comprising a representation of the signature which satisfies the document signature requirement, and configured to store the representation of the signature to the blockchain.
  8. 8. The method of claim 7, wherein the representation of the signature is a hash of the signature.
  9. 9. The method of claim 7 or claim 8 when dependent on claim 1, wherein the method further comprises: receiving from the signer the signature, or the representation of the signature, associated with the signer and for satisfying the document signature requirement; and providing the signature in the first locking script of the signature blockchain transaction.
  10. 10. The method of claim 9, wherein the signature or representation of the signature is received in the signature authorisation message.
  11. 11. The method of any of claims 6 to 10, wherein generating the document blockchain transaction comprises providing, in the first locking script, the commitment to the document, wherein the first locking script is further configured to store the commitment to the document to the blockchain.
  12. 12. The method of any of claims 6 to 11, wherein generating the document blockchain transaction comprises providing a second locking script configured to verify a signature provided in an unlocking script of the signature blockchain transaction when executed together with the unlocking script of the signature blockchain transaction, wherein the signature provided in the unlocking script of the signature blockchain transaction is generated based on a private key of the document signature service.
  13. 13. The method of any preceding claim, wherein the signature authorisation message is received from the signer after the document blockchain transaction has been included in a block by a node of the blockchain network.
  14. 14. The method of any preceding claim, wherein the method further comprises: sending, to the signer, a signature authorisation request comprising a transaction identifier of the document blockchain transaction; wherein the signature authorisation message is received in response to the signature authorisation request.
  15. 15. The method of claim 14, wherein the document is stored in a document store in association with a document identifier for identifying the document, wherein the method further comprises: providing the document identifier to the signer in the signature authorisation request.
  16. 16. The method of any preceding claim, wherein the commitment to the document is a hash of the document or a salted hash of the document.
  17. 17. The method of any preceding claim, wherein the signature request further comprises a document identifier for identifying the document, wherein the commitment to the document is obtained by accessing a document store and retrieving data stored therein in association with the document identifier.
  18. 18. The method of claim 16 and claim 17, wherein the commitment to the document is the hash of the document, wherein the data stored in the document store in association with the document identifier is the document, wherein the method further comprises: generating a hash of the retrieved document; wherein the generated hash is included in the document blockchain transaction.
  19. 19. The method of claim 16 and claim 17, wherein the commitment to the document is the salted hash of the document, wherein the data stored in the document store in association with the document identifier is the document, wherein the method further comprises: generating a salted hash of the retrieved document; wherein the generated salted hash is included in the document blockchain transaction.
  20. 20. The method of claim 16 and claim 17, wherein the data stored in the document store in association with the document identifier is the hash of the document or the salted hash of the document, wherein the retrieved hash of the document or retrieved salted hash of the document is included in the document blockchain transaction respectively.

Description

BLOCKCHAIN TRANSACTION TECHNICAL FIELD The present disclosure relates to a computer-implemented method for signing a document at a document signature system, and computer equipment and a computer program for implementing the method. BACKGROUND Document signing applications (DSAs) provide a platform for users to digitally sign documents. One known application is DocuSign®. DocuSign has been integrated with assistive technologies, mobile signing, Microsoft™, Google™, and Dropbox®. It allows individuals and organizations to sign and manage documents electronically, eliminating the need for physical signatures and paper-based processes. The DocuSign makes use of the following technologies to help signature generation: • SMS two-factor authentication - DocuSign texts an authorization code to a recipient's mobile phone and the recipient enters the code to commence signing. This compliments existing DocuSign authentication options including email access code, phone, and knowledge based (KBA) authentication. • ePadlink Signature Pad Integration - The DocuSign Signature Pad option allows signing and signature adoption using signature pads. With the upcoming release, DocuSign adds support for ePadLink ePad-ink (VP9805) signature pad devices. • eWitness - allows users to add an electronic signature and act as a witness for an agreement. On DocuSign, an envelope is used as a container for documents that a user sends to a recipient to sign. An envelope can have one document or many documents, and one signer or many signers. Envelopes have statuses (i.e., sent, delivered, completed, voided) and contain information about the sender and timestamps that indicate the progress of the delivery procedure. • Sender: create, send, and manage DocuSign envelopes • Signer: an envelope recipient who is required to act on an envelope or documents within an envelope • Fields: Indicate where a Signer needs to act on the document. For example, filling in data, selecting or applying a signature. • viewing/signing session - session information However, the signatures in DocuSign are not generated using any signature scheme, in fact the DocuSign only stores the images of signatures. Users register their email addresses on DocuSign and upload documents to sign them with signature images. In addition, DocuSign centrally manages all documents for users. This puts documents at risk if customer's email addresses were lost in a hack and the lost addresses are used in a phishing attack. To reduce the risk, DocuSign uses various security measure to keep its servers secure: • Physical security for data centres • Network security measures like firewalls, intrusion detection systems • Encryption for both data storage and data transmission • Access controls to restrict unauthorized access • Regular security audits and penetration testing • Compliance with industry security standards (e.g., SOC 2, ISO 27001) Furthermore, DocuSign's Electronic Notary feature lets senders require that documents be notarized in person. This is also known as eWitness functionality (eWitness in UK, Notary in US). DocuSign provides the following APIs • eSignature API - 400 endpoints for signing workflow • Notary API - notary-specific endpoints • Click API - REST API for capturing consent to standard terms with a single click • Rooms API - streamline complex agreement through secure digital workspace Monitor API • Admin API • Salesforce Apex Toolkit The following describes the process for preparing and signing a document implemented in DocuSign: 1. Upload document: Users upload the document they need signed to the DocuSign platform. 2. Add recipients: The user adds the recipient's email address and specifies their signing role (e.g., signer, reviewer, etc.). 3. Customize signing order: The user can specify the order in which the recipients will sign the document. 4. Add signature fields: The user adds signature, initial, and other fields to the document as needed. 5. Send document: The user sends the document to the recipients for signature. 6. Signing process: Recipients receive an email with a link to the document and instructions on how to sign. They can review the document and add their electronic signature using a mouse, stylus, or their finger on a mobile device. 7. Completed document: Once all required signatures are obtained, the signed document is automatically returned to the sender and can be downloaded or stored in the DocuSign platform. There are a number of standards which have been introduced for eSignatures. The ESIGN Act is a US federal law passed in 2000. It grants legal recognition to electronic signatures and records if all parties to a contract choose to use electronic documents and to sign them electronically. Uniform Electronic Transactions Act (UETA) and ESIGN Act requirements state each electronically signed document needs to abide by the following: • Intent to sign - A signature on an electronic document is legal only if the document and claus