JWS: JSON Web Signatures

WebWallet uses JSON-based data structures to represent transaction requests and records, along with cryptographic hashes and digital signatures to secure them. It borrows some structures and naming conventions from the JavaScript Object Signing and Encryption specifications (JWS, JWT), but for the sake of extensibility and generality, it does not comply with the standards.

Record integrity is accomplished by including a hash of the record data in tamper-evident data structures such as block chains. Message authenticity is verified by checking that the signatures on the hash of the data listed in the sigs property are valid. Unsecured metadata can be added to the meta property without affecting the integrity of a record.

General JSON structure:

{
  "hash": { /*cryptographic hash*/
    "alg": "hash-algorithm", // "sha256"
    "typ": "hash-type",      // "stringify:data"
    "val": "hash-value"      // "09af..."
  },
  "data": { /*information to be hashed*/
    /*"key": "value pairs"*/
  },
  "sigs": [ /*digital signatures*/
    {
      "alg": "signature-algorithm", // "ed25519"
      "wid": "webwallet-address",   // "wALLetAddress"
      "key": "public-key-value",    // "03C7..."
      "kid": "public-key-index",    // when no 'key'
      "sig": "signature-value",     // "3045..."
    }
  ]
}

Optional metadata (not hashed):

{
  "meta": {
    "key": "value pairs"
  }
}