Offline-verifiable Data from Distributed Ledger-based Registries

TL;DR

This paper presents a method to provide verifiable, trustworthy data from distributed ledger-based registries that can be validated offline, enhancing privacy and reliability for trust management systems.

Contribution

It introduces ledger state attestations that enable offline verification, extending existing APIs and demonstrating practical implementation on Ethereum.

Findings

Attestations enable offline verification of ledger data.

The approach preserves user privacy during verification.

Implementation on Ethereum shows practical feasibility.

Abstract

Trust management systems often use registries to authenticate data, or form trust decisions. Examples are revocation registries and trust status lists. By introducing distributed ledgers (DLs), it is also possible to create decentralized registries. A verifier then queries a node of the respective ledger, e.g., to retrieve trust status information during the verification of a credential. While this ensures trustworthy information, the process requires the verifier to be online and the ledger node available. Additionally, the connection from the verifier to the registry poses a privacy issue, as it leaks information about the user's behavior. In this paper, we resolve these issues by extending existing ledger APIs to support results that are trustworthy even in an offline setting. We do this by introducing attestations of the ledger's state, issued by ledger nodes, aggregatable into a collective attestation by all nodes. This attestation enables a user to prove the provenance of DL-based data to an offline verifier. Our approach is generic. So once deployed it serves as a basis for any use case with an offline verifier. We also provide an implementation for the Ethereum stack and evaluate it, demonstrating the practicability of our approach.