Documentation

How Bit-Sign verification works

Identity Verification

Bit-Sign creates a verifiable identity token by combining a HandCash cryptographic handshake with multi-factor evidence — passport photos, video statements, and hand-drawn signatures.

This identity token is portable and uniquely yours. It serves as an on-chain root for secure commit signing, IP registration, and document verification.

How It Works

1. Client-Side Encryption

All sensitive operations — file hashing, encryption key derivation, and document locking — happen entirely in your browser. Bit-Sign never sees your plaintext data.

2. Blockchain Witnessing

We use the HandCash SDK to trigger signing requests. Your signature locks and unlocks your secure assets on the Bitcoin SV blockchain.

Permission Scopes

When you authorize Bit-Sign via HandCash, we request the following permissions:

  • USER_PUBLIC_PROFILE: To display your handle and avatar.
  • USER_PRIVATE_PROFILE: To link your identity across sessions.
  • PAY: To process the $0.01 attestation fee.
  • SIGN_DATA: To derive encryption keys locally for document security.

End-to-End Encryption

Bit-Sign supports true end-to-end encrypted document sharing. Documents are encrypted in your browser before upload and can only be decrypted by authorized recipients.

Keypair Generation

Each user generates an ECDH P-256 keypair in their browser. The public key is stored on the server for sharing. The private key is encrypted with a key derived from your HandCash wallet signature (AES-256-GCM) before server backup — the server never sees your private key in plaintext.

Document Encryption

Each document is encrypted with a random AES-256-GCM envelope key. The envelope key is then wrapped for each authorized recipient using ECDH key agreement (with HKDF derivation and AES-KW wrapping). One encrypted document, multiple key wrappings.

Sharing Flow

To share a document: enter the recipient's HandCash handle → their public key is fetched → ECDH key agreement produces a shared secret → the envelope key is wrapped with that secret → only the recipient can unwrap and decrypt. The server facilitates transport but never has access to the plaintext.

What the Server Sees

The server stores: encrypted document blobs, encrypted private key backups, public keys, and wrapped key grants. It cannot see: plaintext documents, private keys, or envelope keys. Even a complete server breach reveals no readable content.

Private Key Backup

Your E2E private key is backed up on the server, but encrypted with a key derived from your HandCash wallet signature. To unlock your private key, you must sign a specific challenge with your HandCash wallet. This means:

  • Your private key travels encrypted — protected at rest on the server
  • Only your HandCash wallet can unlock it — the server cannot derive the protection key
  • Loss of HandCash access = loss of private key — there is no recovery mechanism

Storage Policy

Important

We never store your signatures or private keys in plaintext. Bit-Sign is an interface. Your data lives on the blockchain; your keys stay in your wallet. If you lose access to your HandCash account, you lose access to your encrypted documents and your E2E private key. There is no password reset.