Available only in Enterprise Edition
Blockchain-based timestamping allows Zoho Sign to offer an additional measure of document verification, and publicly establish signer accountability. In this, a public decentralized blockchain captures the document signing event in the form of an entry and this is accessible to all and immune to change. Since the blockchain is, by design, resistant to tampering, this feature creates an immutable record of document integrity and non-repudiation. Presently, blockchain-based timestamping is done on the Bitcoin blockchain network through an integration with a third-party service called
OpenTimestamps
.
Note:
- Presently available at no additional cost. May be subject to additional pricing in the future.
How does blockchain timestamping work in Zoho Sign?
Whenever a document is signed digitally using Zoho Sign, if blockchain timestamping is enabled, a timestamp request along with the document hash will be sent to the OpenTimestamp servers. The server aggregates these requests and records them periodically on the Bitcoin network by initiating a very small Bitcoin transaction and placing the aggregated information in the transaction block. Once this transaction block is committed to the blockchain, a proof is generated for the timestamp and mapped against the respective documents in Zoho Sign for independent verification.
Note:
- Documents that were blockchain timestamped prior to November 2021 were timestamped onto the Ethereum public blockchain.
- The steps to verify the timestamps of these documents are given at the end of this page.
- Zoho Sign no longer uses the Ethereum network for blockchain-based timestamping.
Will my document be exposed to the public with blockchain timestamping?
No, it will not. Only the hash of the signed document, in a modified format, is finally added to the public blockchain, and not the document itself. A hash is a unique, unintelligible, alphanumeric value generated by performing an algorithmic action on the contents and properties of the document as a whole. Hashing is a strictly one way, irreversible process. The signed and unsigned versions of the same document will generate different hash values. Adding the signed document's hash to the blockchain does not expose the document data or its contents to those accessing the blockchain.
How do I enable blockchain timestamping in Zoho Sign?
To enable blockchain timestamping:
- Hover over Settings in the left navigation panel on your Zoho Sign dashboard.
- Select Account settings under Admin from the dropdown menu.
- Click the Blockchain tab and toggle Blockchain time-stamping to ON.
How do I verify a document timestamp on the Bitcoin blockchain?
- Upon successful completion of all signing activity in a document, the status of its timestamp or associated transaction on the Bitcoin blockchain will be in the document details page.
- Typically, this Bitcoin transaction may take up to eight hours from the time of document completion to be completed depending on the length of the transaction queue at the time. During this period, the status of the transaction will show as PENDING on the document details page.
- Upon the completion of the Bitcoin transaction, the transaction block is added to the blockchain and the status of the transaction changes to SUCCESS in the document details page. Is transaction ID and transaction commit time, the associated document's sign completion time, and document hash (SHA-256) can be viewed by clicking View more.
- For further verification, click the link icon in the transaction details box. This will take you to the website of the OpenTimestamps service, where you can view details such as the Bitcoin block ID where the aggregated document hashes were recorded.
- Click the Bitcoin block ID to view a list of the document hashes committed to the blockchain in that block.
- The hash of the current document should be present in the list.
How do I verify a document timestamp on the Ethereum blockchain?
For documents completed prior to November 2021
- For documents with successfully completion of all signing activity, the status of the associated Ethereum blockchain transaction can be seen in the document details page.
- Click View more to see the details of the transaction. This displays the timestamp's transaction block commit time and transaction ID, as well as the associated document's sign completion time and document hash (SHA-256).
- For further verification, click the link icon in the transaction details box. This will take you to the Transaction Details page of the associated transaction on the Ethereum Blockchain Explorer website.
- Expand the Click to see more option to view the Input Data field. This field lists the aggregated document hashes, each separated by 0000, added to the data field of that transaction block.
How can I generate the hash of a document myself to compare with the hash from its blockchain timestamp?
You can generate the hash (SHA-256) for a signed document using any SHA-256 hashing tool. Alternatively, you can also generate the document hash from the terminal of your operating system using the following commands
Once the hash has been generated, you can see if it matches the hash of the document retrieved from the blockchain transaction details. If the hashes match, then the signing of the document at the recorded time is taken to be verifiably true.