The Clover.Protocols
  • The Clover.Protocols
    • Introduction to the Clover.Protocols
    • Governance for Social Organizations
    • Associating Assets with Social Interactions
    • Digital Social Assets
    • Organizational Transparency and Trust
  • Key Concepts
    • Social Organization
    • Social Infrastructure Layer
    • Sovereign DAO
    • Social Scenario
    • Social Element
    • SEI: Social Element Identifier
    • Digital Social Asset
    • Universal Tags
    • Social Index Service
    • Validation of Agent and Platform Certificates and Signatures
    • Audit Standards for Social Smart Contracts
Powered by GitBook
On this page
  • Agent and Platform Validation Mechanisms
  • Submission Process
  • Validation Process
  1. Key Concepts

Validation of Agent and Platform Certificates and Signatures

PreviousSocial Index ServiceNextAudit Standards for Social Smart Contracts

Last updated 6 months ago

Agent and Platform Validation Mechanisms

  • In a social interaction, agents and platforms, like social networks, Social DApps, and revenue streams (Google Ads), will interact through business contracts (BizContracts).

  • These business contracts require interactions to come from trusted platforms or agents, often asking the parties to sign any interaction.

  • Business contracts may be verified with a signature, but the signing parties must also provide their own public keys, which must be registered.

  • The Agent and Platform Validation Mechanisms are a set of rules that help platforms submit their own information, register a public key, and use that public key for contract authentication.

Submission Process

  • Platforms and agents need to deliver information to the Certificate Custodian and place their public key under their domain name to provide evidence of association. The following information needs to be provided:

Field
Type
Description

domain

string

Platform Domain Name

  • The agreed public key storage location is https://{domain}/pub/pubkey.pub, where {domain} represents the domain name of the submitting platform.

  • The Certificate Custodian reads the public key from the agreed storage location and verifies if the signature is correct. If correct, the domain and public key are sent to the Certificate Validator.

  • Platforms or Agents can also update their information directly with the Certificate Custodian.

  • Certificate Custodians can also provide off-chain verification methods.

//http request json 
{
    "signedInfo": "kahsfiu9379123", //name string of the signer,
    "signature": "Signature string",
    "domain": "clover.space"
}
// http response json
{
    "status": 1, // verify ok, != 1 failed,
    "msg": "why failed" // if failed, it will return some message
}

  • On-chain signature verification method:

function AddOrganizationInfo(string domain, string pubKey) external
function Verify(string signedInfo, string signature, string domain) external

Validation Process

The following is an example of the contract validation process following the Clover Protocols, where:

  • App represents the platform or agent;

  • BizContract is the contract deployed by the App and provides the smart contract the user interacts with;

  • Certificate Validator validates the contract;

The App first signs the relevant information and initiates the interaction. After receiving the information request, the BizContract verifies with the Certificate Validator whether the interaction has been initiated by a trusted platform or agent.