Proof Of Integrity
We have publicly unveiled the concept of Proof of Integrity in conjunction with our inaugural release of PSA Graded Pokémon cards as Connected Collectibles. Essentially, a Proof of Integrity serves as a tamper-evident seal, ensuring that each Cardtopia NFT is verifiably connected to a distinct physical counterpart secured in our vaults. Should any attempt be made to modify the NFT's fingerprint (that is, its unique identity), the Proof of Integrity will indicate that the token has been compromised.
1. Item identity and fingerprints
Every item stored at Cardtopia is identified by an accurate, human-readable description and a unique ID. The description enables quick visual identification, while the unique ID distinguishes between multiple copies of the same item. Items such as graded cards often come with a unique ID already imprinted. When an item lacks a unique identifier, we assign one and include it in the real-life (IRL) picture of the item linked to the NFT. Together, the precise description and the unique ID constitute the asset's fingerprint, which is both unique and human-readable:
Graded Pokemon TCG | PSA 23303316 | 1999 Pokemon Base Set Shadowless 1st Edition Red
Cheeks Pikachu #58 | PSA 9 MINTPrior to storing an asset, we consistently photograph it, ensuring the unique ID—which distinguishes it from similar items—is visible. This image is then linked within the NFT's metadata, accompanied by the 3D rendering.
2. From a fingerprint to a Proof of Integrity
The fingerprint of an item, which can vary in length, is encoded using the cryptographic function keccak256. This function is a standard on the Ethereum blockchain for securely encoding sensitive data. The outcome of this process is known as the Proof of Integrity, a string that begins with 0x and is followed by 64 hexadecimal characters, uniquely representing the associated physical item:
keccak256. This function is a standard on the Ethereum blockchain for securely encoding sensitive data. The outcome of this process is known as the Proof of Integrity, a string that begins with 0x and is followed by 64 hexadecimal characters, uniquely representing the associated physical item:0x0b58386d08014f001c1a37ca6b11afd2f3f3e3a578e69a8ed7e7acf68103258eThe on-chain function that is used to calculate the Proof of Integrity is the following:
/**
* @dev Generates a Proof Of Integrity as the keccak256 hash of a {fingerprint} and a {salt} value.
* - the fingerprint is a unique, human readable description of an item.
* - the salt value is a random number used to bring some further functionalities, like creating NFTs that can provably exist but remain "unrevealed" until the salt value is made public.
*/
function generateProofOfIntegrity(string memory fingerprint, uint256 salt) public pure returns (bytes32) {
return keccak256(abi.encodePacked(fingerprint, salt));
}A notable feature of the keccak256 function is that a single character change in the input results in a drastically different Proof of Integrity, which bears no resemblance to the original value. This characteristic enables us to detect any alterations to a fingerprint.
Example:
Graded Pokemon TCG | PSA 23303316 | 1999 Pokemon Base Set Shadowless 1st Edition Red Cheeks Pikachu #58 | PSA 9 MINT
0x0b58386d08014f001c1a37ca6b11afd2f3f3e3a578e69a8ed7e7acf68103258e
graded Pokemon TCG | PSA 23303316 | 1999 Pokemon Base Set Shadowless 1st Edition Red Cheeks Pikachu #58 | PSA 9 MINT
0x3533294d06d102c4e6c1c93b28d4dd9cfb62c80111053363950af2af9eebdd91
3. How does a Proof of Integrity relate to an NFT?
Once we obtained the Proof of Integrity of an item, we can use it to generate the corresponding NFT. We create the NFT using the Proof of Integrity as its token ID.
But wait... aren't token IDs on Ethereum numbers, and not hexadecimal strings?
Exactly! And this is where something special happens. We already established that a Proof of Integrity is a unique hexadecimal value of 64 characters. However, hexadecimal values are nothing more than numbers encoded in a way to save space on a computer. And as such, to every hexadecimal value corresponds an actual decimal number. For instance, the following hexadecimal value:
0x0b58386d08014f001c1a37ca6b11afd2f3f3e3a578e69a8ed7e7acf68103258ecorresponds to the very long number:
5131313313389071742384083343855484226773370949666220711435372176261821703566We store that number on-chain and use as the token ID of the NFT.
The tokenId and the Proof of Integrity are the same thing, just written differently. An NFT's token ID corresponds exactly to a Proof of Integrity that identifies a unique physical item stored at Courtyard, and vice-versa.
4. How is this tamperproof, and why does it matter?
In the realm of blockchain, it's a well-known fact that an NFT's token ID, once inscribed on the chain, remains permanent and unaltered. The same certainty does not apply to the NFT's metadata, which might be stored in decentralized storage and is potentially changeable over time. This could be due to the NFT creators' intention to enhance the holder's experience periodically, or due to unauthorized alterations by a malicious party, resulting in a complete transformation of the NFT's essence.
The Proof of Integrity ensures the NFT's tamper-proof nature at Cardtopia by incorporating three key properties:
Once an NFT's token ID is recorded on-chain, it will never change.
A Proof of Integrity of an NFT is exactly the same thing as its token ID, and so it will never change either.
The unique, human readable fingerprint of a physical asset stored with Courtyard corresponds exactly to the Proof of Integrity, and only that fingerprint corresponds to it.
Together, these 3 properties ensure that if the metadata changes as the result of a malicious attack to alter the identity of the underlying physical asset, the seal of integrity will be "broken", meaning that the Proof of integrity will invalidate the NFT.
Last updated