I am working on a college project for blockchain certifications, and I am using Blockcerts as a main reference. However, I am not sure I perfectly understand the whole proccess of certificate issuing and verification, and I must have it clearly because I intent to develop a similar tool. I am going to describre here what I understand, and if possible I would like you to check if it is right. Keep in mind I am trying to describe the process in general, and not exactly how it is implemented on Blockcerts:
Okay, imagine my school wants to issue a digital certificate on the blockchain saying that I have completed a Machine Learning course, for example. For that to happen, these would be the steps:
- The school is going to create a JSON file with the information regarding the certificate (description of the course, number of credits, name of issuer, name of recipient etc).
- The school has a blockchain address (a public key and a private key). First they calculate the hash (SHA-256 for example) of the JSON created above in order to make sure it won’t be tampered with.
- I (the student) also have a blockchain address. So now, the school is going to issue a blockchain transaction from their address to mine
- Now there is a blockchain transaction with an “attached” hash.
Suppose an employer wants to make sure I did a Machine Learning course on that school.
- I am going to show the employer a JSON file containing the data regarding the certificate itself, so he understands what that certificate is about.
- Then, I also give him the address of the transaction on the blockchain.
- With that information, he will be able to get the hash that is “attached” to the transaction, calculate the hash of the JSON I showed him and thus verify that the certificate I showed him is the same that the university issued through that transaction.
So, how accurate are the steps described above? I am having some difficulty understanding the following:
1 - What exactly is the certificate file? Is it an image or a JSON?
2- Do I have to digitally sign the certificate file too? Or do I just hash it before issuing on the blockchain? (Meaning, do I have to use my blockchain private key to encrypt the certificate before issuing it?)
3 - Does my certificate file itself need to have the public key address of myself/the issuing institution?