The Flow of an Action SIGN on a Verified Action

The vast majority of the individuals who have to deal with digital systems do not pay much attention to what is going on between the time at which the item has been submitted and the time at which they are assured of the information. You press a button, and something will happen, that is it. However when that is performed in the form of a credential, a qualification, an identity check, an agreement, a government record then what actually occurs in the middle of the process greatly matters. Under @SignOfficial , a well-defined, formal process is in place which accepts an input and converts it into something that can be independently verified, without calling anyone, without the need to maintain a centralized database, and without the verification going out of date as soon as it becomes inconvenient. It begins when no data is even provided. The definition of a schema has to be established first before any attestations can be made, essentially the blueprint of how the information will be structured, what type and in what form it will be. Treat a schema as going ahead to define what a credential is expected to look like prior to any signature of the same. A KYC check, a university degree, a compliance certificate - each of them is in a different shape, needs different fields, has different relations between the data points. Schema Registry is a publicly stored repository of these templates by $SIGN , thereby providing an attester operating with a particular schema with an agreed standard to work with. This is what that common ground renders readable and writable by any third party downstream the resultant attestation. When there is a schema, an attester, or a person, an institution, a smart contract, can produce an attestation. The validity of a claim is affirmed and attested. SIGN does this using digitally signed structured data meeting a registered schema, and secured on-chain or off-chain. The attester completes the necessary fields, signs the information with his/her own key with the help of the digital signature, and sends it. That is what distinguishes between an attestation and a bare record. It does not only demonstrate the existence of the data, but that a particular and identifiable party vouched it at a certain time. Once the attestation has been signed the protocol makes decisions on the location to store it depending on the size and usage. Smaller attestations can be stored in full on-chain to be as secure as possible, whereas larger ones store the primary data off-chain - on Arweave or IPFS - and have a cryptographic connection with the blockchain. This is a significant design decision. It is costly and unworkable to store all on-chain and credential-scale systems used by governments. SIGN will be able to operate on millions of credentials by isolating the proof anchor and data body to avoid committing all bytes to a cryptographic registry. The chain contains the most important item the verification fingerprint. The remainder is stored in non-volatile prudent storage. The validation occurs when attestation is created and not afterwards. Schema hooks known as ISPHooks are invoked after each attestation function and it enables other checks and logic to be invoked at the creation point. A hook rollback will bring it down to a rollback of the complete transaction and hence bad data will never be captured. This is a simpler model than the system most of them employ. Instead of taking it and marking it in the future, SIGN refutes invalid attestations when they are made. A whitelist check, a fee check, a format check, each of this occurs prior to any action committed. When an attestation gets on-chain it has already been checked. Attestations can be indexed and their locations can be searched using SignScan which is the indexing and explorer layer of SIGN. Sign Protocol provides an indexing service to find and access schema and attestation information in the shortest possible time, through REST and GraphQL interfaces and directly with the NPM SDK. A verifier is another smart contract, a government portal, a third-party application can retrieve any attestation by its ID, verify its signature, verify the schema, verify the timestamp, and verify it is not revoked. This will be without having to touch on the original issuer. The trust is done by the infrastructure. It is something more enduring than a document and more truthful than a database record that this flow creates. It is a chain of custody process, input, schema validation, cryptographic signature, storage and finally retrieval where each process can be traced and none of it requires a person living up to it afterward. The $SIGN token is circulated throughout this whole system, where transaction fees are processed, governance is powered and network incentives are provided to get the network running. It is the actual design of end-to-end verification, which is designed correctly. Not a PDF. Not a screenshot. Not a call to a helpdesk. A digitally-verified, schema-constrained, cryptographically anchored data that establishes itself, at any moment in time, to any party which requires examination. #SignDigitalSovereignInfra