Making Digital Artifacts on the Web Verifiable and Reliable

TL;DR

This paper introduces trusty URIs with cryptographic hashes to ensure verifiability and immutability of digital artifacts on the Web, enhancing reproducibility and reliability across various digital resources.

Contribution

It proposes a novel method using trusty URIs for verifying and making digital artifacts immutable, compatible with existing Web standards and applicable to large files.

Findings

Trusty URIs enable independent verification of artifacts.

The approach ensures immutability of content and dependencies.

Implementation remains practical for large digital files.

Abstract

The current Web has no general mechanisms to make digital artifacts --- such as datasets, code, texts, and images --- verifiable and permanent. For digital artifacts that are supposed to be immutable, there is moreover no commonly accepted method to enforce this immutability. These shortcomings have a serious negative impact on the ability to reproduce the results of processes that rely on Web resources, which in turn heavily impacts areas such as science where reproducibility is important. To solve this problem, we propose trusty URIs containing cryptographic hash values. We show how trusty URIs can be used for the verification of digital artifacts, in a manner that is independent of the serialization format in the case of structured data files such as nanopublications. We demonstrate how the contents of these files become immutable, including dependencies to external digital artifacts and thereby extending the range of verifiability to the entire reference tree. Our approach sticks to the core principles of the Web, namely openness and decentralized architecture, and is fully compatible with existing standards and protocols. Evaluation of our reference implementations shows that these design goals are indeed accomplished by our approach, and that it remains practical even for very large files.