A sigchain is an ordered sequence of signed statements by a key.
This spec is similar to Keybase Sigchain or the Secure Scuttlebutt Feed.
A Statement describes signed data in a sigchain.
This is compatible as a JSON canonical format (ordered keys, no whitespace, with only string and integer values) with the signature in the beginning to make it easy to extract without having to parse JSON.
| Field | Type | Description |
|---|---|---|
| .sig | string | Signature (64 bytes, base64 encoded with padding, always 88 characters). |
| data | string | Data (base64 encoded). |
| kid | string | Key id used to sign. |
| prev | string | Hash (SHA-256, base64 encoded) of previous sigchain statement, or omitted for the root statement. |
| seq | int | Sequence number, starting at 1 for the root statement. |
| revoke | int | (Optional) Sequence number of a statement to revoke. |
| ts | int | (Optional) Unverified timestamp, number of milliseconds since 1 January 1970 00:00 UTC. |
| type | string | (Optional) Statement type ("", "revoke", "user"). |
The format for a statement:
{".sig":"<base64 signature>","kid":"<kid>","data":"<base64 data>","prev":"<base64 prev hash>","seq":<integer>,"ts":<integer>}
The format for a revoke statement:
{".sig":"<base64 signature>","kid":"<kid>","prev":"<base64 prev hash>","revoke":<integer>,"seq":<integer>,"ts":<integer>,"type":"revoke"}
The signature (.sig) is the signature bytes (64 bytes, base64 encoded, padded, 88 characters) of the specific serialization.
The specific serialization (or the bytes to sign) is the statement without the ".sig" value:
{".sig":"","data":"<base64 data>","kid":"<kid>","prev":"<base64 prev hash>","seq":<integer>,"ts":<integer>,"type":"<type>"}
It is important to verify the bytes match the specific serialization. You can do this by stripping out the .sig value in the range [9:97] and then verifying the signature on those bytes. This .sig is always 88 characters (64 bytes, base64 encoded with padding) in this range at the beginning of the statement.
Sig = b[9:97]
BytesToSign = b[0:9] + b[97:]
See How (not) to sign a JSON object on why this is important.
You can access sigchains via the /sigchain API.