When a BioBrick™ Contributor Agreement is submitted through the BioBrick Public™ Agreement website, the text of the agreement is immediately encoded and time-stamped by Digiprove Ltd. This third-party service, registered in Ireland number 414284, enables individuals and organizations to prove beyond doubt that they were in possession of digital content at a defined date and time.
The smallest change in any content already Digiproved will result in a change of code if that document is subsequently re-Digiproved. Digiprove can thus ensure that any content alteration is readily detectable.
Timestamping Process
Digiprove's WordPress plugin ("Copyright Proof") is installed on the biobricks.org webserver. When a Contributor submits an Agreement, the plugin contacts the Digiprove service, which performs a calculation (the "SHA256" algorithm) on the Agreement text to derive its “digital fingerprint”.
A certificate text is prepared which includes:
- the name of the Digiprove user ("BioBricks Foundation")
- the file name (a standardized title for each Agreement combined with a unique Agreement number, e.g., "BPA Contributor Agreement #1")
- descriptive text supplied by the BioBricks Foundation ("BioBrick(tm) Contributor Agreement")
- the current date and time
- the digital fingerprint of the Agreement (e.g., "D8222310E6D12CED6CB469CCDDD680C2721D02D996BA5A410827E3B2A5FA43A8"
- a unique certificate number (e.g., "P142923")
The plugin imports this data to the biobricks.org WordPress database. Separately, the certificate text is digitally signed by Digiprove and sent by email to the biobricks.org webserver, where it is stored and made available for download by the public.
Verification Process
Timestamp information is displayed at the top of every BioBrick™ Contributor Agreement (you can search for Agreements in "Find a Part"). With this information, you can verify a Digiproved BioBrick™ Contributor Agreement in 2 ways:
Quick verification: Digiprove Link
- At the top of the Agreement, click the graphic link (e.g., "This Agreement has been Digiproved © 2011"), which will take you to the Digiprove website.
- The certificate text is displayed for confirmation.
- Click the "Was published at:" link to see the original, permanent Agreement text on the biobricks.org webserver, without decorative graphics.
Detailed verification: Digiprove Certificate File
- At the top of the Agreement, click the "Digitally signed certificate" link, which will open a .p7s file ("Public-Key Cryptography Standard #7 Digital Signature", a type of asymmetric cryptography for messages sent through an insecure channel -- in this case, email, since the certificate was emailed by Digiprove).
- Download the file to your computer, where it can be stored indefinitely.
- Go to Digiprove's certificate verification tool.
- For "Select Certificate File", click "Browse" and find the .p7s file on your computer.
- Click "Digiprove Verify".
- The certificate text is displayed for confirmation.
Questions?
If you have any questions about this process, please contact us at info@biobricks.org.
Read how Digiprove's tamper-proof audit trail is constructed and verified.