Ed Davies on Nostr: npub16jupx…ry8u7 AIUI, the essential purpose of DocSign is to issue some sort of ...
npub16jupxu70nh0pg0wt4maseaf2fg3kv2tgcjal2kaaunms2ltdaxysdry8u7 (npub16ju…y8u7) AIUI, the essential purpose of DocSign is to issue some sort of cryptographic certificate to say the document in question was “signed” by a particular account holder at a particular date and time. To make things simpler for users they also actually store and transfer the document issuing some sort of URL so recipients can read and verify the document.
However, they don't actually need to see the document to do the core function. They could just sign a SHA256 hash of the document and either give the user that certificate or store it so that recipients could check if the version they've received matches.
The fact that they didn't choose such an architecture is an indication that they had some idea of fishing around in the documents' contents from the beginning. That should have alerted people.
npub198t8kgwqas59rvmnghzcdn6krzhxhpkyt2mt53e4g9sdnj74sszss5hasj (npub198t…hasj)
However, they don't actually need to see the document to do the core function. They could just sign a SHA256 hash of the document and either give the user that certificate or store it so that recipients could check if the version they've received matches.
The fact that they didn't choose such an architecture is an indication that they had some idea of fishing around in the documents' contents from the beginning. That should have alerted people.
npub198t8kgwqas59rvmnghzcdn6krzhxhpkyt2mt53e4g9sdnj74sszss5hasj (npub198t…hasj)