The ledger only accepts specific binary payloads ("signed statements") to be validated and stored. In addition to that the registration policies are used to verify the signed statements.
scitt-ccf-ledger implements registration for two kinds of Signed Statements:
- Statements signed with an X.509 certificate chain (schema), which make use of header parameters defined in RFC9360, and
did:x509issuers. - Statements signed with hardware-attested, ephemeral keys (schema), which are currently experimental, and make use
did:attestedsvcissuers.
Upon registration of signed statements, in addition to the expected verification, acceptance policies are executed against the data in the statements. Please refer to the configuration page and tests to understand how signed statement attributes are used.