Certificate is valid even if we change the additional fields data in blockchain certificate

Support
1

@lemoustachiste
I have created the certificate using the cert-tools
and here is my unsigned certificate

{"@context": ["https://www.w3.org/2018/credentials/v1", {"alumniOf": {"@id": "http://schema.org/alumniOf", "@type": "http://www.w3.org/1999/02/22-rdf-syntax-ns#HTML"}, "certificate_title": {"@id": "http://schema.org/image", "@type": "@id"}, "certificate_description": {"@id": "http://schema.org/url", "@type": "@id"}, "criteria_narrative": {"@id": "http://schema.org/image", "@type": "@id"}, "validity": {"@id": "http://schema.org/url", "@type": "@id"}}, "https://w3id.org/blockcerts/v3"], "type": ["VerifiableCredential", "BlockcertsCredential"], "issuer": "https://raw.githubusercontent.com/sreenumalae/DataStorage/main/issuer.json", "issuanceDate": "2022-11-11T14:10:00Z", "id": "urn:uuid:ab6bdbfd-9af4-4854-918f-60a1c52553b2", "credentialSubject": {"id": "ecdsa-koblitz-pubkey:mtr98kany9G1XYNU74pRnfBQmaCg2FZLmc", "alumniOf": {"id": "https://www.human-logic.com/"}}, "certificate_description": "this is to certify so and so for falana dimkana", "certificate_title": "Course Completion @ Marketing and sales", "criteria_narrative": "Nibh iriure ei nam, modo ridens neglegentur mel eu. At his cibo mucius.", "validity": "3months"}

using cert-issuer i signed the above certificate using the ethereum_sepolia

Signed Certificate

{"@context": ["https://www.w3.org/2018/credentials/v1", {"alumniOf": {"@id": "http://schema.org/alumniOf", "@type": "http://www.w3.org/1999/02/22-rdf-syntax-ns#HTML"}, "certificate_title": {"@id": "http://schema.org/image", "@type": "@id"}, "certificate_description": {"@id": "http://schema.org/url", "@type": "@id"}, "criteria_narrative": {"@id": "http://schema.org/image", "@type": "@id"}, "validity": {"@id": "http://schema.org/url", "@type": "@id"}}, "https://w3id.org/blockcerts/v3"], "type": ["VerifiableCredential", "BlockcertsCredential"], "issuer": "https://raw.githubusercontent.com/sreenumalae/DataStorage/main/issuer.json", "issuanceDate": "2022-11-11T14:10:00Z", "id": "urn:uuid:ab6bdbfd-9af4-4854-918f-60a1c52553b2", "credentialSubject": {"id": "ecdsa-koblitz-pubkey:mtr98kany9G1XYNU74pRnfBQmaCg2FZLmc", "alumniOf": {"id": "https://www.human-logic.com/"}}, "certificate_description": "this is to certify so and so for falana dimkana", "certificate_title": "Course Completion @ Marketing and sales", "criteria_narrative": "Nibh iriure ei nam, modo ridens neglegentur mel eu. At his cibo mucius.", "validity": "3months", "proof": {"type": "MerkleProof2019", "created": "2022-11-11T14:12:19.302024", "proofValue": "znKD4YGVqA8textxySpp1sELjvYVAyFoEqUaCBtTKrN4UYbf4XtpvqqDoC4H9nzvZKNNkpRfqvZzEsPkFC65JfrpSQXRGPz9euwHAqCEiEYddj96P6XZUkycVR41xRDpKDr9pH71anHSJfPeWMUNvsdKPAQSjhAms1XjkTC2j5skH7Qw4shwsxG6B9TJVWjWDp2ELALBWJiqN52Lo2Kyza4nBSCgEQpP1d7NauFtK27dqw94QS5fNDQY7ZSBEGeifaEMmf1GC7pJ2JatNunsf4PmTe7TJwsmHot9P3fRzfNfxBPKsq79X7jTZSV", "proofPurpose": "assertionMethod", "verificationMethod": "URL"}}

The above certificate is valid even if I change the text in the additional fields.

How can we avoid this?

2

it might be because the RDF normalization does not pick up correctly your terms.

This tool proved useful for me when I was working on the terms for blockcerts v3: FHIR JSON-LD Playground. With that you can adjust the values and get to a point where your data is being normalized (and then hashed).

I’m honestly still struggling with JSONLD at times, so I cannot be of much more help.