docs: how does it work

Author: Nebulis

website/docs/component/oa-verify.md

@@ -91,7 +91,7 @@ verify(document, { network: "mainnet" }).then(fragments => {
 ```
 
 Let's try to understand the different results:
-- `isValid(fragments, ["DOCUMENT_INTEGRITY"])` returns true because the integrity of the document is not dependant on the network it has been published to.
+- `isValid(fragments, ["DOCUMENT_INTEGRITY"])` returns true because the integrity of the document is not dependent on the network it has been published to.
 - `isValid(fragments, ["DOCUMENT_STATUS"])` returns false because the document has not been published on Ethereum main network.
 - `isValid(fragments, ["DOCUMENT_STATUS"])` returns false because there is no [DNS-TXT record](/docs/verifiable-document/dns-proof) associated with the Ethereum main network's document store.
 - `isValid(fragments)` returns false because at least one of the above returns false.

website/docs/advanced/how-does-it-work.md …s/how-does-it-work/document-integrity.mdwebsite/docs/advanced/how-does-it-work.md renamed to website/docs/how-does-it-work/document-integrity.md website/docs/advanced/how-does-it-work.md renamed to website/docs/how-does-it-work/document-integrity.md

@@ -1,9 +1,10 @@
 ---
-id: how-does-it-work
-title: How does it work?
-sidebar_label: How does it work?
+title: Document integrity
+sidebar_label: Document integrity
 ---
 
+OpenAttestation ensures that the content of the document has not been modified since the document has been created, with exception of data removed using the built-in [obfuscation mechanism](/docs/component/open-attestation#obfuscating-data). Let's explore how it works.
+
 In the tutorial, we have learnt how to [wrap a document](/docs/verifiable-document/wrapping-document) and [issue it](/docs/verifiable-document/issuing-document) into a document store. However, we didn't explain what these actions were doing and why they are necessary.
 
 ## Wrapping a document
@@ -54,32 +55,19 @@ The first step of wrapping consists of transforming all the object properties pr
 ### The `signature` object
 
 #### targetHash
+See [issuance status](/docs/how-does-it-work/issuance-status#merkleroot).
 
 Once the `data` object has been computed we will be able to create an unique hash for the document that we will set into `targetHash`:
 
 1. List each properties' path from the `data` object and associate its value. The path follows the [flatley](https://github.com/antony/flatley) path convention. For instance: `name`, `issuers.0.tokenRegistry`, etc.
 1. For each properties' path, compute a hash using the properties' path and value. To compute the hash we use [keccak256](https://en.wikipedia.org/wiki/SHA-3).
 1. Sort all the hashes from the previous step alphabetically and hash them all together: this will provide the `targetHash` of the document. To compute the `targetHash` we also use [keccak256](https://en.wikipedia.org/wiki/SHA-3).
 
-> The `targetHash` of a document is an unique identifier.
-
-![Compute target hash](/docs/advanced/how-does-it-work/target-hash.png)
-
-Later on, during verification of the document, the same exact steps are performed again to assert that the contents of the document has not been tampered with. This works as the final targetHash will be completely different if any part of the wrapped document is different from the original.
-
-The [document store](/docs/verifiable-document/document-store) is a smart contract on the Ethereum network that records the issuance and revocation status of OpenAttestation documents. It stores the hashes of wrapped documents, which are the records of the owner of the document store having issued the documents.
-
-Imagine that you wrap thousands of files and had to issue the `targetHash` for each of them. It would be extremely inefficient. That's where the `merkleRoot` will come in handy.
-
-#### merkleRoot
-
-Once the `targetHash` of a document is computed, OpenAttestation will determine the `merkleRoot`. The `merkleRoot` value is the merkle root hash computed from the [merkle tree](https://en.wikipedia.org/wiki/Merkle_tree) using the `targetHash` of all the document wrapped together. Each `targetHash` is a leaf in the tree. After computing the merkle tree, the `merkleRoot` associated to a document will be added to it as well as the proofs (intermediate hashes) needed to ensure that the `targetHash` has been used to compute the `merkleRoot`. The proofs are added into the `proof` property.
+> The `targetHash` of a document is a unique identifier.
 
-In the document above we can notice that the `targetHash` and the `merkelRoot` are identical and that the `proof` is empty. This is normal and happen when you wrap only one document at a time. Try to wrap at least 2 documents at the same time, and you will see a difference between `targetHash` and the `merkelRoot`, and you will see proofs appended.
+![Compute target hash](/docs/how-does-it-work/target-hash.png)
 
-> The `merkleRoot` will always be the same for all the documents wrapped together (in a batch). It will be different for documents wrapped separately.
-
-Now that our batch of documents have a common identifier and that we can prove (thanks to the merkle tree algorithm) that the `targetHash` of a document was used to create a specific `merkleRoot`, we can use the `merkleRoot` in our document store and issue it.
+Later on, during verification of the document, the same exact steps are performed again to assert that the contents of the document has not been tampered with. This works as the final `targetHash` will be completely different if any part of the wrapped document is different from the original.
 
 #### Data Obfuscation
 
@@ -113,9 +101,7 @@ The content of `output.json` will be:
     "merkleRoot": "11d456db211d68cc8a6eac5e293422dec669b54812e4975497d7099467335987"
   },
   "privacy": {
-    "obfuscatedData": [
-      "9d22655fcee6bf3eb10ba280cfa40e662f004a819be0b64e2fe9d0cebba6788f"
-    ]
+    "obfuscatedData": ["9d22655fcee6bf3eb10ba280cfa40e662f004a819be0b64e2fe9d0cebba6788f"]
   }
 }
 ```
@@ -133,19 +119,10 @@ The hash added into `privacy.obfuscatedData` is the one used when computing the
 
 The only difference with the [`targetHash`](#targethash) computation is the step 3.
 
-![Compute target hash with data obfuscation](/docs/advanced/how-does-it-work/target-hash-with-data-obfuscation.png)
+![Compute target hash with data obfuscation](/docs/how-does-it-work/target-hash-with-data-obfuscation.png)
 
 With the help of data obfuscation a user can decide to selectively disclose a subset of data he wants to share.
 
-### Document Store
-
-As discussed above, issuance of documents can happen individually or by batch. Issuing a batch documents is by far the more efficient way.
-
-When it comes to revocation both values can also be used:
-
-- `targetHash` will allow for the revocation of a specific document.
-- `merkleRoot` will allow for the revocation of the whole batch of documents.
-
 ## Additional information
 
 ### Data Obfuscation limitations

website/docs/how-does-it-work/introduction.md

@@ -0,0 +1,12 @@
+---
+title: Introduction
+sidebar_label: Introduction
+---
+
+To fully understand how OpenAttestation works, you need to dig into the different properties the framework provides to your documents:
+
+- [Document integrity](/docs/how-does-it-work/document-integrity): OpenAttestation ensures that the content of the document has not been modified since the document has been created, with exception of data removed using the built-in obfuscation mechanism.
+- [Issuance Status](/docs/how-does-it-work/issuance-status): OpenAttestation checks that the document has been issued and that its issuance status is in good standing (for instance, that it hasn't been revoked). As of today, OpenAttestation supports two ways to issue documents: DID Signing and Ethereum Smart Contracts.
+- [Issuance Identity](/docs/how-does-it-work/issuance-identity): OpenAttestation checks and returns the identity of the issuer. By default, OpenAttestation uses DNS to verify the identity but DID can be used optionally. It's important to note that OpenAttestation does not endorse any issuers. It only verifies that the issuing party in the document has provided some sort of proof that it is the same party as claimed - for example, proving ownership over a domain by the ability to create a DNS record.
+
+It's very important to note that, even if we split the verification, they are all complementary. For instance, if we can prove that the document has been issued, and the issuer is valid, that would make no sense if we can't prove that the document has not been tampered. That thinking works for any combination.

website/docs/how-does-it-work/issuance-identity.md

@@ -0,0 +1,6 @@
+---
+title: Issuance Identity
+sidebar_label: Issuance Identity
+---
+
+TODO

website/docs/how-does-it-work/issuance-status.md

@@ -0,0 +1,141 @@
+---
+title: Issuance Status
+sidebar_label: Issuance Status
+---
+
+OpenAttestation checks that the document has been issued and that it's issuance status is in good standing (for instance, that it hasn't been revoked). As of today, OpenAttestation supports two ways to issue documents: DIDs and Ethereum Smart Contracts.
+
+## Ethereum Smart Contracts
+
+The [document store](/docs/verifiable-document/document-store) is a smart contract on the Ethereum network that records the issuance and revocation status of OpenAttestation documents. It stores the hashes of wrapped documents, which are the records of the owner of the document store having issued the documents. Before we explain the verification process in detail, we need to introduce a new concept: the `merkleRoot`.
+
+Let's imagine that we need to wrap thousands of files and had to issue the `targetHash` for each of them. It would be extremely inefficient because Ethereum is slow, and we would have to pay for each transaction.
+
+That's where the `merkleRoot` will come in handy.
+
+### merkleRoot
+
+Once the `targetHash` of a document is computed, OpenAttestation will determine the `merkleRoot`. The `merkleRoot` value is the merkle root hash computed from the [merkle tree](https://en.wikipedia.org/wiki/Merkle_tree) using the `targetHash` of all the document wrapped together. Each `targetHash` is a leaf in the tree. After computing the merkle tree, the `merkleRoot` associated to a document will be added to it as well as the proofs (intermediate hashes) needed to ensure that the `targetHash` has been used to compute the `merkleRoot`. The proofs are added into the `proof` property.
+
+On a side note, when we wrap only one document at a time, the `targetHash` and the `merkelRoot` are identical and the `proof` is empty. This is completely normal. When we wrap at least 2 documents at the same time, we will notice a difference between `targetHash` and the `merkelRoot`, and proofs appended.
+
+> The `merkleRoot` will always be the same for all the documents wrapped together (in a batch). It will be different for documents wrapped separately.
+
+### Issuance
+
+Now that our batch of documents has a common identifier and that we can prove (thanks to the merkle tree algorithm) that the `targetHash` of a document was used to create a specific `merkleRoot`, we can use the `merkleRoot` in our document store and issue it.
+
+### Revocation
+
+As discussed above, issuance of documents can happen individually or by batch. Issuing a batch documents is by far the more efficient way. When it comes to revocation both values can also be used:
+
+- `targetHash` will allow for the revocation of a specific document.
+- `merkleRoot` will allow for the revocation of the whole batch of documents.
+
+### Issuance process and verification
+
+To issue a document, an institution or individual :
+
+- [Deploys a new document store](/docs/verifiable-document/document-store) on Ethereum and get the address of the deployed contract. (this action needs to be performed only once)
+- Adds the address of the deployed contract into the document (before wrapping).
+- Wraps a document (or a batch of documents) and get a `merkleRoot`. The wrapped documents can be shared to the recipients.
+- Issues the `merkleRoot` by calling the `issue` function from the document store contract.
+
+An OpenAttestation verifier:
+
+- Checks the `merkleRoot` of the document has been issued:
+  1. Gets back the document store contract address from the document itself.
+  1. Ensures that the `targetHash` and the `proof` matches the `merkleRoot`.
+  1. Checks the `merkleRoot` is in the document store provided, by calling the `isIssued` function from the deployed contract.
+- Checks the `merkleRoot` of the document has been issued:
+  1. Gets back the document store contract address from the document itself.
+  1. Checks the `targetHash` is **not** in the document store provided, by calling the `isRevoked` function from the deployed contract.
+  1. Checks the `merkleRoot` is **not** in the document store provided, by calling the `isRevoked` function from the deployed contract.
+
+## DIDs
+
+Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. DID document associated with DIDs contains a verification method, often a public key. The owner of a DID can use the private key associated and anyone can verify that the owner control the public key.
+
+At the moment, OpenAttestation only supports one DID method: `ethr`.
+
+### Issuance
+
+DIDs [are significantly faster and incur not costs](/docs/verifiable-document/comparison). They could directly use the `targetHash` of the document (which is unique) and sign it using the private key associated. However for consistency with our initial design, we sign the `merkleRoot`.
+
+The information about the signature are added to the document, into the `proof` property. That's it, the document has been issued.
+
+Let's dig a bit more to understand how it works.
+
+An [`ethr` DID document](https://dev.uniresolver.io/1.0/identifiers/did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69) looks like ::
+
+```json
+{
+  "@context": "https://w3id.org/did/v1",
+  "id": "did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69",
+  "publicKey": [
+    {
+      "id": "did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69#controller",
+      "type": "Secp256k1VerificationKey2018",
+      "controller": "did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69",
+      "ethereumAddress": "0x6813eb9362372eef6200f3b1dbc3f819671cba69"
+    }
+  ],
+  "authentication": [
+    {
+      "type": "Secp256k1SignatureAuthentication2018",
+      "publicKey": "did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69#controller"
+    }
+  ]
+}
+```
+
+Three important information can be found:
+
+- the DID identifier (here `did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69`). It's used to identify the DID and must be added into the `issuer.id` property of the document.
+- The DID controller (here `did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69#controller`). It's used to identify which public key control the DID and must be added into the `issuer.identityProof.key` property of the document. It's also worth to note that the value is equal to the DID identifier, appended with `#controller`.
+- The ethereum address associated to the DID controller (here `0x6813eb9362372eef6200f3b1dbc3f819671cba69`). We will use it to verify the signature.
+
+> You can find an example of document using DID in our [guide](/docs/verifiable-document/did/raw-document).
+
+A proof of signature looks like:
+
+```json
+{
+  "proof": [
+    {
+      "type": "OpenAttestationSignature2018",
+      "created": "2020-10-05T09:05:35.171Z",
+      "proofPurpose": "assertionMethod",
+      "verificationMethod": "did:ethr:0x6813Eb9362372EEF6200f3b1dbC3f819671cBA69#controller",
+      "signature": "0x6d0ff5c64b8230cdc471f38267495002f2c762acf7a80250599809ee32b4255377f1adcb56fb712dee66bfeb21be6b5d802f299aea1f1edca129e88e4c1742ce1c"
+    }
+  ]
+}
+```
+
+- `signature` is the signed `merkleRoot`
+- `verificationMethod` is the DID controller.
+
+That's all the information that we need to verify that the document has been signed with the correct private key. Indeed,`ethr` DID uses [ECDSA](https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm) with [Secp256k1](https://en.bitcoin.it/wiki/Secp256k1) as parameter of the elliptic curve which provides an interesting property: when we verify a signature, using the initial value (`merkleRoot`), and the signed value (`signature`) it will recover the ethereum address associated with the private key used. We can then compare the ethereum address from the DID document, with the ethereum address returned by the verification. If it matches, the signature is valid.
+
+If you want to dig more on ECDSA, you can read this guide from [Yos Riady](https://yos.io/2018/11/16/ethereum-signatures/).
+
+### Revocation
+
+At the moment, there are no ways to revoke documents issued using DIDs.
+
+### Issuance process and verification
+
+To issue a document, an institution or individual :
+
+- [Creates a new ethr DID](/docs/verifiable-document/did/create) (this action needs to be performed only once) and get the private key and the public address.
+- Adds the DID address and controller into the document (before wrapping).
+- Wraps a document and get a `merkleRoot`.
+- Sign the `merkleRoot` using the private key. The signature must be appended into the wrapped document.
+- The wrapped document can be shared to the recipients.
+
+An OpenAttestation verifier:
+
+- Retrieves the ethereum address associated with the DID identifier and DID controller from the document.
+- Retrieves the ethereum used to sign the merkle root.
+- Makes sure both addresses match.

website/docs/verifiable-document/going-further.md

@@ -6,7 +6,7 @@ sidebar_label: Going Further
 
 Now that you have completed the getting started guide to create your own `Verifiable Document`, here you will find list of topic that you might be interested on to discover more
 
-- [How it works ?](/docs/advanced/how-does-it-work)
+- [How does it work?](/docs/how-does-it-work/introduction)
 - [Configuring DNS](/docs/advanced/configuring-dns)
 - [Creating a Custom Renderer](/docs/advanced/custom-renderer)
 

website/sidebars.json

@@ -41,6 +41,11 @@
       "transferable-record/issuing-transferable-record",
       "transferable-record/going-further"
     ],
+    "How does it work ?": [
+      "how-does-it-work/introduction",
+      "how-does-it-work/document-integrity",
+      "how-does-it-work/issuance-status"
+    ],
     "Components": [
       "component/overview",
       "component/open-attestation-cli",
@@ -51,7 +56,6 @@
     ],
     "Advanced": [
       "advanced/overview",
-      "advanced/how-does-it-work",
       "advanced/verification-methods",
       "advanced/identity-proofs",
       "advanced/custom-renderer",