⚡ GENERAL
What is a blockchain?
Blockchain is a decentralized digital ledger shared among a distributed network of computers. It uses cryptography to
allow users to record transactions in a shared ledger within their group, without the need for a central authority. Each
blockchain transaction is shared among a number of users who verify the accuracy of the block, preventing unauthorized
transactions from being completed.
What is a private key?
A private key or secret key is an encrypted password. Private keys are also used to sign transactions and validate the
ownership of a blockchain address.
What is a crypto wallet address?
The crypto wallet address, also called the public key, is a unique string of numbers and letters that is used to send
you cryptocurrency and verify these transactions on the blockchain.
What is MetaMask?
Essentially, MetaMask is a cryptocurrency wallet that interacts with the Ethereum blockchain. You can run MetaMask as an
extension or add-on to your browser. MetaMask can hold your cryptocurrencies and crypto-assets, such as Ether, or any
other ERC-20 token. You can also use it to store non-fungible tokens, also known as NFTs. It is also used for user
authentication purposes that connects the user to their account and data.
What are the benefits of MetaMask?
The crypto wallet address, also called the public key, is a unique string of numbers and letters that is used to
send
you cryptocurrency and verify these transactions on the blockchain.
-
MetaMask is available as a mobile application
-
You can change different types of networks inside MetaMask
-
MetaMask allows you to interact with blockchain applications such as dApps and DeFi
apps
-
MetaMask also serves as an authentication module that connects you, as a user, to your
account and data. You’ll have
keys you can use to interact, access, and transact. You have the power to choose what you can share and what you
would
like to keep private. MetaMask authentication is secure and reliable.
How is MetaMask more secure?
When you create a MetaMask wallet, you are given your 12-word secret recovery phrase. MetaMask does not control any of
your personal or private data on their servers. Everything is encrypted in your browser and protected via your MetaMask
password.
⚡ DOCUMENT SIGNING WITH METAMASK
Are there any prerequisites for signing documents with MetaMask?
Yes. The user should have a MetaMask account.
How does signing with MetaMask enhance security?
When a user signs a document via MetaMask wallet, here are the four additional components added to the audit trail to
provide extra layers of security.
-
Public address: The public address of the Ethereum wallet.
-
Signature: The signature id that generates when a user confirms signing in to a wallet. It is the seal of approval. The signature
id can only be generated via the private key, i.e., only the wallet owner with access to the private key can perform
this task. Whereas the signature id can be verified with the public key.
-
Signed message: This is a unique message provided by Revv for every signer for each document. This message, created with
four parameters, looks like this.
Signer "email ID" is signing the document "Doc Name" with ID "Doc Number" on "Date time stamp"
The combination of these "parameters" is always unique. Any change in the document changes its Doc number and date and
time stamp, which eventually changes the signature id.
-
Metamask extension id: The unique address for that browser's store to the config file.
Are multiple tags allowed for the same signer in a document?
If a signer has to sign multiple sign tags, he has to authenticate on MetaMask only one time. From the next time
onwards, when he clicks on the tag, the tag gets autopopulated with the transaction detail.
Can signing with MetaMask wallet be used with all browsers?
MetaMask supports Google Chrome, Firefox, and Chromium-based browsers. Our application is currently available only for
Chrome and Firefox.
Are hybrid signatures allowed for multiple signers of the document?
Yes. The signers can choose either of the signing methods - text-based, draw their own, upload signature image, or via
MetaMask wallet. Based on the chosen method, the signing trail will appear in the audit trail. For example, if a
document ‘X’ has Signer A, B, and C wherein the Signer A chooses to authenticate using Metamask and the other signers
choose to authenticate with email/SMS, the audit trail will have A’s public address, and so on.
What are the details that go on the audit trail after signatures?
Along with the regular signer details (name, email, IP addresses, timestamp), if a signer uses MetaMask signing, their
Public Key and Signature ID will be available on the audit trail.
You can also validate the eSignature audit trail on Etherscan - a block explorer that lets users search, verify, and
validate any Ethereum blockchain transactions that are pending or confirmed.
If an ENS is associated with the public address, will that be shown on the audit trail?
Yes.
What parameters are being provided to validate the authenticity of the eSignature?
Authenticity of Signature | Who is signing?
The public address and account ID of the MetaMask account that was used for signing will be displayed in the audit
trail.
The authenticity of Signature | Who is signing?
The public address and the account ID of the MetaMask account that was used for signing will be displayed in the audit
trail.
The authenticity of Metamask app/plugin connected to sign | What is used for signing?
Internal API calls are made to connect to the MetaMask app:
-
const provider = new ethers.providers.Web3Provi (window.ethereum) // A Web3Provider
wraps a standard Web3 provider,
which is what MetaMask injects as window.ethereum into each page
-
await provider.send("eth_requestAccounts", []); // MetaMask requires requesting
permission to connect users accounts
This code helps to identify Metamask if multiple wallets are installed on chrome.
-
Also, we will provide the chrome extension link of the genuine Metam=Mask account where the user can verify the
MetaMask
chrome ID - ‘nkbihfbeogaeaoehlefnkodbefgpgknn,’ if some other phishing app is installed in its place.
Note: MetaMask on connection does not return any parameter so that these checks can be made
directly
Is signing with MetaMask wallet in Revv also an on-chain process?
Please note that only the audit trail’s hash is stored on the blockchain while the signing process happens without
blockchain involvement.
Is there any gas fee associated when signing with MetaMask wallet?
No. Signing documents with MetaMask wallet doesn’t require blockchain interaction. It is an off-chain process. Thus, no
gas fee is required to execute these electronic transactions.
⚡ BLOCKCHAIN-VERIFIED AUDIT TRAIL
What is the benefit of storing the hash of audit trail on blockchain?
It verifies that the eSignature transaction existed at a specific date and time. It is a method to prove a document’s
integrity and reinforce the signer’s accountability.
Is there any gas fee associated to store the audit trail hash on blockchain?
Yes. Storing the hash of the audit trail to the Ethereum blockchain is an on-chain transaction, which means it requires
blockchain interaction. In this case, the sender of the transaction will be charged a gas fee to perform it.
Will my document be exposed to the public with blockchain timestamping?
No. Only the hash of the audit trail will be stored on the public blockchain, not the documents.
⚡ OTHERS
Are these features available right now?
Document signing with MetaMask Wallet is available currently. The blockchain-verified audit trail timestamping will be
launched in the next release.
