Blockchain, disruptive impact on skills’ certification process: Blockcerts’ case study

12 min readDec 2, 2020

Blockchain is the Buzz Word of the last decade. Usually surrounded by technicalities and tons of computer science’s stuff. So, let’s make this part easier and dive into some facts.

Introduction for Beginners

Blockchain technology is a shared and fully decentralized record of time-stamped transactions. The first introduction is referred to Satoshi Nakatomo’s paper (2008), which introduces the “Bitcoin: A Peer-to-Peer Electronic Cash System”.

Blockchain is the technology that allows people to exchange cryptocurrencies/crypto assets in a fully transparent and immutable way without the presence of third trusted parties (central authority such as Banks).

How does it work?

A blockchain maintains a growing list of ordered records, called blocks. Each block has a timestamp and is linked to the previous one by the hash algorithm.

Because of the linkage among blocks, data encrypted inside are immutable. If you attempt to change data entailed in a single block you should change the history of the entire chain (or at least 51%). The immutability of data has a huge potential in daily life (property rights, certification, supply chain, etc..). Let’s think of buying your car or house, a paper certificate or PDF file of property can be corrupted, lost, or altered by anyone else. Otherwise, once you encrypt this information in a block, it lasts forever, and none can change it without the permission of all other blocks. Each block created has a unique signature the changes completely if something inside the block changes.

Block’s structure linked by own single signature (Hash)

What we explained above means that if Bob and Alice (most famous people in blockchain literature) exchange on Bitcoin blockchain 100 BTC, we will have a block where the transaction balance will be Bob -100, Alice +100. This transaction has a unique hash signature linked with the signature of all other blocks coming after it. If someone tries to change the balance, the hash signature will change, therefore, Bob and Alice’s transaction will be no longer linked with the rest of the chain (unless all other blocks agree in changing their signature). Transactions among people occur in a fully decentralized way (no third/party interferences). So, who is responsible for network integrity and functionality? That’s the mining activity…

My name is…Miner

Once the unique signature is created how blocks are verified and added to the chain?

That’s Miner’s job!.. Miner is a person/computer (or even a group of people/computers) that “spend” computational power to maintain the whole network. Once a new block is created it must be added to the blockchain and linked to the others. To do that the hash signatures, have to start with a line of code that opens with a consecutive number of zeros (e.g. 0000000000T2). Thus, Miners must find the proper code string to link the new block to the others. That’s even the goal of the so-called nonce, a piece of code that has the only purpose to be changed continuously to find the right string to add blocks to the chain. Therefore, a Miner uses a huge amount of computational power (and so electricity) to find the right nonce which can link that block to the chain. Miners consume a lot of energy trying rapidly and randomly all possible nonces’ combination. The goal is finding the solution before other miners and gaining a fraction of cryptocurrency (let’s say bitcoin) as a reward for the energy consumed.

We can state that Miners have a huge power on their hands. So why should we rely on their activity? The first and simplest answer is that they have an economic incentive to do their best. Mining is the only way to create new bitcoins and Miners get a part of new bitcoins as a reward. Moreover, the average time to see a block added to the blockchain is 10 minutes, only once the block is linked to the others the transaction is considered immutable. That’s why, since the bitcoin transaction’s volume increased it is possible to add a transaction fee to the block as an extra reward for Miners. Blocks with higher fees get more attention from Miners, due to the possibility to win a higher reword (it’s a lottery). So, if we want our transactions to be validated faster, we have to charge higher fees. Nowadays, the transaction fee, in Bitcoin blockchain (even in others), is a default value added to the transaction. For more info on fees and the current average fees (i.e. what you should include in a transaction) see https://bitcoinfees.info.

The second reason is linked to the blockchain structure itself. If a Miner with malicious purposes alters a block, he must compete with other Miners to solve first the math problem of hash signature and add the subsequent block. Of course, competing with the whole network is very hard, but let’s assume that our “villain” Miner is lucky and wins the lottery first. The subsequent block is added to the chain, but to make this change last forever, he has to keep the altered block connected to all subsequent by calculating the nonces of all blocks coming after the corrupted one. A single Miner will never have the computational power to beat all other miners together in the network. So, the changes he made will never affect the rest of the network since he cannot compete to binding his blocks to all others.

To be honest, there is a little possibility of “Miners take over”. In order to, acquire more computational power and, thus, increase the possibility to “win the lottery”, the so-called Mining Farms raised. But this topic is for another table.

That was a very beginner overview about what blockchain is and how it works. If you want to go deeper on aspects such as mining process, consensus algorithm, private and public blockchain (I left you few links below this article).

Even from this initial blockchain’s introduction, it’s easy to realize how this technology is going to disrupt how we exchange, store, verify, and protect information.

Speaking about personal data, sometimes people to increase their possibility to be selected in a recruiting process write down experiences, skills, attitudes which they do not hold or at least partially. As consequence, the hiring process must face trust issues on data that are not always verifiable during interviews or tests. It means that the decision-making process of HR managers could be twisted by a lack of trust and disinformation driven by malicious behavior.

Let’s get to know better how blockchain can be applied to solve the personal data’s lack of traceability and trust.

Blockcerts Open Standard

Blockcerts is a fully open standard for building apps that issue and verify blockchain-based certificates. Since certificates are recorded onto the blockchain, Recipients are the only holders of their records and sharing them in a completely transparent, traceable, and secure way. Certificates are cryptographically signed and tamper-proof.

The earliest prototype was developed at the MIT Media Lab and by Learning Machine, now Hyland Credentials. The ultimate project’s goal is to create an open-source basis for other developers/entrepreneurs for further development of decentralized solutions in the certification process.

Blockcerts idea starts from an issue that has struggled higher education so far: fake academic certificates. Moreover, there’s not a proven technical approach to protect authentic qualifications. The traditional approach is based on the dependency from a third party. For instance, if employers want to verify the authenticity or ownership of an employee’s certificate, they must rely on the original issuer. Here come some problems: First of all, adding/relying on a third party is time-consuming and costly sometimes, second, a single point of failure can cause the failure of the entire process (e.g. stopping the recruiting or valuation process, firing people, starting another selection path and so on), finally, it’s completely decentralized, so, no third party involved and hacking risks is almost entirely overcome. As matter of fact, the lack of trust in the verification of personal and professional achievements results in companies’ higher costs, time spending, and organizational misfunction. Blockcerts aims to address these issues by using cryptographic protocols and blockchain technology.

How it Works

Certification process powered by Blockcerts

That’s a graphic and simple explanation of how the certification process is enforced in a decentralized environment. Blockcerts’ technical standard is capable to work on every blockchain. When the project began (2016), it was run on the Bitcoin blockchain. Nowadays Blockcerts can work on public chains and extended on private ones.

Let’s picture in your mind having complete control over your records such as academic certificates, personal documents, or government records. Blockcerts allow you to receive and share those kinds of records in a fully decentralized, secure, and transparent way. If you want to store and make your certificates verifiable onto the blockchain you have to:

The student (Recipient) applies for his/her digital cert after finishing the course. Asking issuer authority (school) to download Blockcerts and add them as an Issuer.
The issuer verifies the Recipient identity and issues the digital cert. Now, Issuer invites Recipient to receive blockchain’s credentials through some means such as URL, email, QR Code.
Once connected Issuer can hashes Recipient’s credentials onto the blockchain and linking them to a specific certificate.
After hashing Recipient’s credentials onto the blockchain. The Issuer broadcast academic results entailed in the cert to the rest of the network and miners verify and add this transaction to the blockchain as well as any other transaction.
The Recipient will hold his/her entire record of achievements on Blockcerts mobile app, being able to share his/her records everywhere and with everyone.
If someone such as an employer wants to verify the validity or ownership of your certs, it is possible by a click compering the digital unique signature of your document against the version stored onto the blockchain.

Verifying certs on Blockcerts mobile app

Entering the URL connected to the certificate for a verifier it’s possible to check immediately if that URL is linked to a certain Public Key and Blockchain Address. That’s it, ownership is proven.

7. Since certificates are stored on the blockchain you no longer need the original issuer or any other third party to prove records’ existence and ownership.

Tamper-Proof certificates & handling personal data

Every certificate issued is recorded on an immutable and distributed store of transactions, they cannot be altered or removed from the network. Data related to the certificate are collapsed into a hash and encrypted on the blockchain. After that, it’s generated a “receipt” that can always be checked further forward in time. When the Issuer hashes credentials onto the blockchain (step 3), the Issuer signature will be verified (the verification process depends on blockchain’s kind we are work on). The Issuer’s signature certification is also needed to ensure that the certificate has not been revoked or expired.

It has to be clear that no private information is available once the certificate is stored on the blockchain. Everything is stored on the blockchain is a 1-way hash. It’s needed only for verification purposes; in this way, a Recipient can reveal a certificate only to intended third parties (step 6).

Since it is necessary to separate general information from personal ones, it is possible that Bob desires showing to an employer (let’s say Alice) that he’s graduated from a certain University with a specific grade. Nevertheless, he is not willing to disclose any other personal information entailed in the certificate (For instance, place of residence). Blockcerts overcomes this issue allowing the generation of separate certs: the first one with general info you want to disclose, the second one with personal data to keep hide until you wish. Blockcerts aims to apply the Zero-Knowledge Proof to protect users’ privacy, nevertheless, it is still an on-going process and Zero-Knowledge is not available for Blockcerts’s current version.

In early deployments, Issuers and Recipients agreed on making original certificates available on a certified web site. This is because most certs do not contain personal data and Recipients have an interest in promoting their achievements. That’s why for those certs containing personal data it has been inhibited the browsing capability of certificates. It works like the Proof of Existence (PoE), in which users can avoid data disclosure until they choose to do so.

Why blockchain, Editing, and Revoking:

So far, trusted third parties have been fundamental to ensure proof of ownership and revoking rules in digital certificates. Blockchain technology makes this completely decentralized (no third parties and upfront issuance’s costs needed), reducing the possibility of hacking, improving traceability, and giving Recipient full ownership of its certificates. From a Verifier perspective, the encryption of certificates onto the blockchain makes it easier and faster to gain proof of ownership, assessing Recipient’s skills, and reducing misinformation.

To get more details, Issuers use their digital signature to provide a credential to a Recipient (identified by the recipient’s public key) and issued on the blockchain. Blockcerts uses the same Merkle Tree mechanism adopted to verify the transaction in a blockchain. The Recipient’s credential entails the Merkle proof linking the credential with a specific blockchain transaction, it is used to establish the integrity of the credential. Moreover, the Recipient is the public key’s owner contained in the credentials, and that allows the Recipient to prove ownership. Also, blockchain’s timestamp proof is needed to ensure that the Issuer owns the issuing key at the time the credential was issued. Of course, this kind of verification can be done through a TSA (timestamping authority) or using PKI infrastructure, nevertheless, it would mean relying on a trusted third party. Otherwise, blockchain ensures trusted timestamping by design. Issuer and Recipient have a strong cryptographic claim on their association with a specific certificate: from the wallet (mobile app) will provide the capability to prove ownership if requested. The issuer may provide a link to credentials shared with the Recipient in the certificate, and the standard validation process performs a cryptographic check to verify that the public key at that link signed the certificate.

Standard Validetion Process on Blockcerts

Furthermore, Blockcerts allow for the original Issuer the possibility to revoke the certificate for reasons such as certs accidentally issued, students cheating during the tests, and so on. Moreover, some certificates have a limited validity over time, so even if they have been hashed onto the blockchain expiration and revoking must be enforced somehow. The Issuer has a revocation URL with a list of certificates’ credentials to be revoked. Like said before, Blockcerts also support expiration without the need to perform the manual revocation by the Issuer.

Verification’s outcome for a revoked certificate

Once hashed onto the blockchain certificates are immutable as well as any other transaction operated on the blockchain. Thus, certificates cannot be altered or edited without the majority’s consensus of the network. Certs are organized in batches and for every batch of certificates, a Bitcoin transaction is needed. There is no limit to the number of certificates that may be included in a batch. The transaction fee is determined by the size of the transaction (tx) as well as any other Bitcoin tx and by the transaction fee paid to miners to ensure the timely mining of transactions. Fee’s price change constantly and drivers leading these changes are off-topic relative to this story (if you want to learn more, let’s find some useful link below). Blockcerts’ transactions are small and relatively cheap, therefore, transaction’ costs are largely influenced by the transaction fee.

Conclusion: Pros & Cons

Blockcerts is an open standard adopting blockchain technology allowing to overcome the traditional problems in the educational market regarding personal achievements tracking: fraud, fake certificates, centralized verification process, and disinformation between student and verifier.

That’s why among Pros, we can account for:

Open source: being an open standard allow corporates, startups, institutions, and all other players to apply in different scenario Blockcerts model and make it even more scalable
Decentralized: no need for trusted third party and thus reduction of time consumption and related costs
Ease of use: UX and application development aimed to make easier and user-friendly blockchain functionalities

Nevertheless, there are some Cons to work on:

Zero-Knowledge Proof to be implemented yet
Certs cannot be broadcasted individually to the blockchain but they must be organized in batches (greater transactions’ size, higher fees)
Some centralized procedure is still enforced such as the revocation URL

Can’t wait to see others’ evolution in Blockcerts standard.

Useful Links:

Blockcerts application as pilot for University of Melbourne: https://www.newswire.com/news/university-of-melbourne-first-in-asia-pacific-to-issue-recipient-owned-19980513

Blockcerts introduction by Daniel Paramo (thanks so much for reviewing this article) and Anthony Ronning: https://www.youtube.com/watch?v=2drjOUeO-IA&t=1672s

Public vs Private Blockchain: https://www.blockchain-council.org/blockchain/public-vs-private-blockchain-a-comprehensive-comparison/

Transaction fees introduction: https://cryptocurrencynews.com/bitcoin-transaction-fees/

Consensus Algorithms: https://openledger.info/insights/blockchain-consensus/

I’d like to keep writing on blockchain-based topics, maybe focusing more on blockchain for social good. So, let me know if you would appreciate that. :)