EP-4736050-A1 - BLOCKCHAIN TRANSACTION

Abstract

Herein is provided a computer-implemented method for requesting a document signature for a document at a document signature system. A signature request is received from a requestor, wherein the signature request comprises an identifier of a signer and identifying the document. A commitment to the document is obtained. A document blockchain transaction is generated, wherein the document blockchain transaction comprises the commitment to the document and a document signature requirement associated with a signer, wherein satisfying the document signature requirement signs the document, wherein the document signature requirement is provided in a locking script of the document blockchain transaction and identifies the signer. The document blockchain transaction is made available to one or more node of a blockchain network.

Inventors

• PAN, Liuxuan
• GORDON, Arthur
• ZHANG, WEI
• WRIGHT, Craig Steven

Assignees

• nChain Licensing AG

Dates

Publication Date

20260506

Application Date

20240604

Claims (20)

1. 1. A computer-implemented method for requesting a document signature for a document, the method comprising, at a document signature system: receiving a signature request from a requestor, wherein the signature request comprises an identifier of a signer and identifying the document; obtaining a commitment to the document; generating a document blockchain transaction, wherein the document blockchain transaction comprises the commitment to the document and a document signature requirement associated with a signer, wherein satisfying the document signature requirement signs the document, wherein the document signature requirement is provided in a locking script of the document blockchain transaction and identifies the signer; and making the document blockchain transaction available to one or more node of a blockchain network.
2. 2. The method of claim 1, wherein the method further comprises sending, to the signer, a signature authorisation request comprising a transaction identifier of the document blockchain transaction.
3. 3. The method of claim 2, wherein the document is stored in a document store in association with a document identifier for identifying the document, wherein the method further comprises: providing the document identifier to the signer in the signature authorisation request.
4. 4. The method of any preceding claim, wherein the signature request further comprises a document identifier for identifying the document, wherein the commitment to the document is obtained by accessing a document store and retrieving data stored therein in association with the document identifier.
5. 5. The method of claim 4, wherein the commitment to the document is a hash of the document, wherein the data stored in the document store in association with the document identifier is the document, wherein the method further comprises: generating a hash of the retrieved document; wherein the generated hash is included in the document blockchain transaction.
6. 6. The method of claim 4, wherein the commitment to the document is a hash of the document, wherein the data stored in the document store in association with the document identifier is the hash of the document, wherein the retrieved hash of the document is included in the document blockchain transaction.
7. 7. The method of claim 4, wherein the commitment to the document is the document, wherein the data stored in the document store in association with the document identifier is the document.
8. 8. The method of any preceding claim, wherein the method further comprises: receiving the document from the requestor; and storing at least one of the document and a hash of the document in a document store together with a document identifier for identifying the document.
9. 9. The method of claim 8, wherein the document is received prior to receiving the signature request, wherein the method further comprises providing the document identifier to the requestor.
10. 10. The method of claim 8, wherein the document is received, from the requestor, in the signing request.
11. 11. The method of claim 3 or any claim dependent thereon, wherein the document is stored in the document store, wherein the method further comprises: receiving, from the signer, the document identifier; obtaining, from the document store, the document stored in association with the document identifier; and providing the document to the signer.
12. 12. The method of claim 6, wherein the method further comprises: receiving, from the requestor, the hash of the document; and storing the hash of the document with a document identifier for identifying the document.
13. 13. The method of any of claims 1 to 11, wherein the method further comprises: receiving a registration request from the signer comprising the identifier of the signer and a public key of a public-private key pair associated with the signer; storing the public key in a keystore in association with the identifier of the signer; and wherein the public key is used to derive the document signature requirement of the document blockchain transaction.
14. 14. The method of claim 13, wherein the method further comprises: receiving a certificate for attesting to an association between the signer and the public key; and determining if the certificate is generated by a trusted certificate authority; wherein the public key is stored in the keystore if the certificate is generated by the trusted certificate authority.
15. 15. The method of claim 13 or claim 14, wherein generating the document blockchain transaction comprises: obtaining, from the keystore, the public key associated with the signer; and providing the locking script derived based on the public key associated with the signer; wherein the locking script defines the document signature requirement.
16. 16. The method of claim 15, wherein the locking script is configured, when executed together with an unlocking script of a signature blockchain transaction, to verify the signature provided in the unlocking script.
17. 17. The method of claim 16, wherein generating the document blockchain transaction comprises providing a second locking script configured to store the commitment to the document to the blockchain.
18. 18. The method of claim 17, wherein the method further comprises providing a third locking script configured to verify a signature provided in an unlocking script of a second signature blockchain transaction when executed together with the unlocking script of the second signature blockchain transaction.
19. 19. The method any of claims 1 to 15, wherein the locking script further comprises the commitment to the document, wherein the locking script is configured to store the commitment to the document and the document signature requirement to the blockchain.
20. 20. The method of claim 19, wherein generating the document blockchain transaction comprises providing a second locking script configured, when executed together with an unlocking script of the signature blockchain transaction, to verify a signature provided in the unlocking script, wherein the signature provided in the unlocking script is generated based on a private key of the signer.

Description

BLOCKCHAIN TRANSACTION TECHNICAL FIELD The present disclosure relates to a computer-implemented method for requesting a document signature for a document, a computer-implemented method for generating a signature over the document, and computer equipment and programs to implement the methods. BACKGROUND Document signing applications (DSAs) provide a platform for users to digitally sign documents. One known application is DocuSign®. DocuSign has been integrated with assistive technologies, mobile signing, Microsoft™, Google™, and Dropbox®. It allows individuals and organizations to sign and manage documents electronically, eliminating the need for physical signatures and paper-based processes. The DocuSign makes use of the following technologies to help signature generation: • SMS two-factor authentication - DocuSign texts an authorization code to a recipient's mobile phone and the recipient enters the code to commence signing. This compliments existing DocuSign authentication options including email access code, phone, and knowledge based (KBA) authentication. • ePadlink Signature Pad Integration - The DocuSign Signature Pad option allows signing and signature adoption using signature pads. With the upcoming release, DocuSign adds support for ePadLink ePad-ink (VP9805) signature pad devices. • eWitness - allows users to add an electronic signature and act as a witness for an agreement. On DocuSign, an envelope is used as a container for documents that a user sends to a recipient to sign. An envelope can have one document or many documents, and one signer or many signers. Envelopes have statuses (i.e., sent, delivered, completed, voided) and contain information about the sender and timestamps that indicate the progress of the delivery procedure. • Sender: create, send, and manage DocuSign envelopes • Signer: an envelope recipient who is required to act on an envelope or documents within an envelope • Fields: Indicate where a Signer needs to act on the document. For example, filling in data, selecting or applying a signature. • viewing/signing session - session information However, the signatures in DocuSign are not generated using any signature scheme, in fact the DocuSign only stores the images of signatures. Users register their email addresses on DocuSign and upload documents to sign them with signature images. In addition, DocuSign centrally manages all documents for users. This puts documents at risk if customer's email addresses were lost in a hack and the lost addresses are used in a phishing attack. To reduce the risk, DocuSign uses various security measure to keep its servers secure: • Physical security for data centres • Network security measures like firewalls, intrusion detection systems • Encryption for both data storage and data transmission • Access controls to restrict unauthorized access • Regular security audits and penetration testing • Compliance with industry security standards (e.g., SOC 2, ISO 27001) Furthermore, DocuSign's Electronic Notary feature lets senders require that documents be notarized in person. This is also known as eWitness functionality (eWitness in UK, Notary in US). DocuSign provides the following APIs • eSignature API - 400 endpoints for signing workflow • Notary API - notary-specific endpoints • Click API - REST API for capturing consent to standard terms with a single click • Rooms API - streamline complex agreement through secure digital workspace Monitor API • Admin API • Salesforce Apex Toolkit The following describes the process for preparing and signing a document implemented in DocuSign: 1. Upload document: Users upload the document they need signed to the DocuSign platform. 2. Add recipients: The user adds the recipient's email address and specifies their signing role (e.g., signer, reviewer, etc.). 3. Customize signing order: The user can specify the order in which the recipients will sign the document. 4. Add signature fields: The user adds signature, initial, and other fields to the document as needed. 5. Send document: The user sends the document to the recipients for signature. 6. Signing process: Recipients receive an email with a link to the document and instructions on how to sign. They can review the document and add their electronic signature using a mouse, stylus, or their finger on a mobile device. 7. Completed document: Once all required signatures are obtained, the signed document is automatically returned to the sender and can be downloaded or stored in the DocuSign platform. There are a number of standards which have been introduced for eSignatures. The ESIGN Act is a US federal law passed in 2000. It grants legal recognition to electronic signatures and records if all parties to a contract choose to use electronic documents and to sign them electronically. Uniform Electronic Transactions Act (UETA) and ESIGN Act requirements state each electronically signed document needs to abide by the following: • Intent to sign - A signature on an