Awesome Blockchain E-Signature

A curated list of resources on blockchain-based electronic signatures, eIDAS, ESIGN, and digital trust.

Electronic signatures are increasingly anchored on public or permissioned blockchains for tamper-evidence, time-stamping, and long-term verifiability. This list collects standards, legal frameworks, court cases, cryptographic primitives, tooling, and platforms that shape the field.

Contents

• Standards and Specifications
• Legal Frameworks by Region
• Academic Research and White Papers
• Cryptography and PKI Foundations
• Blockchain Anchoring Techniques
• Court Cases and Judicial Precedents
• Tools and Libraries
• Commercial Platforms
• Compliance Guides
• Developer Resources
• Glossary and Terminology

Standards and Specifications

EU and ETSI

• eIDAS Regulation (EU 910/2014) - EU framework for electronic identification and trust services.
• eIDAS 2.0 Regulation (EU 2024/1183) - 2024 amendment introducing the European Digital Identity Wallet.
• ETSI EN 319 122 - CAdES - CMS Advanced Electronic Signatures specification.
• ETSI EN 319 132 - XAdES - XML Advanced Electronic Signatures.
• ETSI EN 319 142 - PAdES - PDF Advanced Electronic Signatures.
• ETSI EN 319 162 - ASiC - Associated Signature Containers for packaging signed data.
• ETSI EN 319 411 - TSP policies - Policy and security requirements for trust service providers.
• ETSI EN 319 412 - Certificate profiles - Profiles for certificates issued to natural and legal persons.
• ETSI TS 119 182 - JAdES - JSON Advanced Electronic Signatures.
• ETSI TS 119 461 - Identity proofing - Policy and security requirements for identity proofing of trust service subjects.
• ETSI TS 119 612 - Trusted Lists - Format for trusted lists of qualified trust service providers.
• Implementing Regulation (EU) 2015/1501 - Interoperability framework for cross-border eID under eIDAS.
• Implementing Regulation (EU) 2015/1502 - Minimum technical specifications for eID assurance levels.

IETF RFCs

• RFC 3161 - Time-Stamp Protocol - Internet X.509 PKI Time-Stamp Protocol (TSP).
• RFC 4880 - OpenPGP Message Format - Detached and inline signature format used in PGP.
• RFC 4998 - Evidence Record Syntax - Long-term archival of cryptographic evidence.
• RFC 5280 - X.509 PKI Certificate Profile - Certificate and CRL profile for the Internet X.509 PKI.
• RFC 5652 - Cryptographic Message Syntax - Foundation for CAdES signatures.
• RFC 6283 - XML Evidence Record Syntax - XML representation of evidence records.
• RFC 6960 - OCSP - Online Certificate Status Protocol for revocation checking.
• RFC 6962 - Certificate Transparency - Public, append-only logs of issued certificates.
• RFC 7515 - JSON Web Signature (JWS) - Detached and compact JSON-based signatures.
• RFC 7518 - JSON Web Algorithms - Cryptographic algorithms for JOSE.
• RFC 8017 - PKCS #1 v2.2 - RSA cryptography primitives, encoding, and signature schemes.
• RFC 8032 - EdDSA - Edwards-curve Digital Signature Algorithm (Ed25519, Ed448).
• RFC 8410 - Algorithm IDs for Edwards curves - X.509 OIDs for Ed25519, Ed448, X25519, X448.
• RFC 8551 - S/MIME 4.0 - Secure/Multipurpose Internet Mail Extensions message specification.
• RFC 8809 - JOSE registries - Profiles and registries for JOSE algorithms.

NIST

• FIPS 180-4 - Secure Hash Standard - SHA-1, SHA-2 family hash algorithms.
• FIPS 186-5 - Digital Signature Standard - DSA, ECDSA, EdDSA signature schemes.
• FIPS 197 - AES - Advanced Encryption Standard block cipher.
• FIPS 202 - SHA-3 - Permutation-based hash and extendable-output functions.
• NIST Cybersecurity Framework - Risk-based controls referenced by trust service auditors.
• NIST SP 800-22 - RNG testing - Statistical test suite for random number generators used in signing.
• NIST SP 800-56A - DH/ECDH key establishment - Pair-wise key establishment using discrete-logarithm cryptography.
• NIST SP 800-56B - RSA key establishment - Pair-wise key establishment using integer-factorization cryptography.
• NIST SP 800-57 - Key management - General key-management recommendations including signing keys.
• NIST SP 800-78 - PKI cryptographic algorithms - Algorithms and key sizes for PIV credentials.
• NIST SP 800-89 - Digital signature assurances - Recommendation for obtaining assurances for digital signature applications.
• NIST SP 800-186 - Elliptic curves - Recommendations for discrete logarithm-based cryptography.
• NIST SP 800-208 - Hash-based signatures - Stateful hash-based signature schemes (LMS, XMSS).

ISO/IEC

• ISO 14533-1 - Long-term signature CAdES profiles - Long-term signature profiles for CAdES.
• ISO 14533-2 - Long-term signature XAdES profiles - Long-term signature profiles for XAdES.
• ISO 14533-3 - Long-term signature PAdES profiles - Long-term signature profiles for PAdES.
• ISO/IEC 27001 - ISMS - Information security management systems requirements.
• ISO/IEC 27018 - Cloud privacy - Code of practice for protection of PII in public clouds.
• ISO 32000-2 - PDF 2.0 - Document management portable document format including signature dictionary.

W3C and others

• ITU-T X.509 - Public-key and attribute certificate frameworks.
• ITU-T X.660 - OID Tree - General procedures and top arcs of the international object identifier tree.
• Adobe Approved Trust List (AATL) - Adobe’s curated list of trusted CAs for Acrobat/Reader signature validation.
• BSI TR-03145 - Secure CA Operation - German technical guideline for secure CA operation.
• W3C DID Core 1.0 - Decentralized identifiers data model and syntax.
• W3C JSON-LD 1.1 - JSON for linking data, used in verifiable credentials.
• W3C Verifiable Credentials Data Model 2.0 - Core data model for cryptographically verifiable credentials.
• W3C Verifiable Credentials JOSE/COSE - Securing VCs with JOSE and COSE signature suites.
• W3C XML Signature 1.1 - Syntax and processing for XML digital signatures.

Legal Frameworks by Region

International

• UNCITRAL Model Law on Electronic Commerce (1996) - Model law influencing most national e-commerce statutes.
• UNCITRAL Model Law on Electronic Signatures (2001) - UN model law that shaped most national e-signature statutes.

Americas

• Argentina Ley 25.506 - Firma Digital - Argentine digital signature law of 2001.
• Brazil MP 2.200-2/2001 (ICP-Brasil) - Establishes the Brazilian Public Key Infrastructure.
• Canada PIPEDA - Personal Information Protection and Electronic Documents Act, Part 2 governs e-signatures.
• ESIGN Act (15 U.S.C. § 7001) - U.S. federal e-signature law enacted in 2000.
• ESIGN Act at U.S.C. Title 15 Chapter 96 - Full text of the Electronic Signatures in Global and National Commerce Act.
• Mexico DOF - NOM-151 publications - Mexican federal gazette publishing NOM-151-SCFI on data preservation.
• UETA - Uniform Electronic Transactions Act - Model U.S. state law on electronic transactions.

EU member states

• Belgium - Federal eJustice portal - Official portal publishing the 2016 Belgian trust services law implementing eIDAS.
• French Code civil articles 1366-1369 - French civil code provisions on electronic signature evidence.
• German BGB § 126a - Electronic form - Civil code section equating QES with handwritten signature.
• German BGB § 126b - Text form - Civil code section defining the text form requirement.
• German Vertrauensdienstegesetz (VDG) - German implementation of eIDAS trust services.
• Italy Codice dell’amministrazione digitale (D.Lgs. 82/2005) - Italian digital administration code covering electronic signatures.
• Netherlands Telecommunicatiewet - Dutch Telecommunications Act incorporating eIDAS provisions.
• Poland Ustawa o usługach zaufania (2016) - Polish trust services and electronic identification act.
• Spain Ley 6/2020 - Spanish law on electronic trust services complementing eIDAS.

Other Europe

• Swiss ZertES - Swiss federal act on electronic signatures.
• UK Electronic Communications Act 2000 - UK statutory basis for electronic signatures.
• UK Electronic Signatures Regulations 2002 - Implementing the EU 1999/93/EC Directive prior to retained eIDAS.

APAC

• Australia Electronic Transactions Act 1999 - Federal law giving legal effect to electronic communications.
• China NPC - Electronic Signature Law - National People’s Congress portal hosting the 2005 Electronic Signature Law (amended 2019).
• India IT Act 2000 - Indian Information Technology Act establishing digital and electronic signatures.
• Japan e-Gov - Act on Electronic Signatures - Act on Electronic Signatures and Certification Business (Law No. 102 of 2000).
• Singapore Electronic Transactions Act 2010 - Statute governing electronic records and signatures in Singapore.

MEA

• South Africa ECT Act 25 of 2002 - Electronic Communications and Transactions Act covering advanced electronic signatures.
• UAE legislation portal - Hosts Federal Decree-Law No. 46 of 2021 on electronic transactions and trust services.

Academic Research and White Papers

Cryptography and PKI Foundations

Blockchain Anchoring Techniques

Court Cases and Judicial Precedents

United States

• Berkson v. Gogo LLC, 97 F. Supp. 3d 359 (E.D.N.Y. 2015) - Modern framework for evaluating click-wrap conspicuousness.
• Forrest v. Verizon Communications Inc., 805 A.2d 1007 (D.C. 2002) - Click-wrap forum-selection clause held enforceable.
• Long v. Provide Commerce, Inc., 200 Cal. Rptr. 3d 117 (2016) - Found browse-wrap notice insufficient on the proflowers.com site.
• Meyer v. Uber Techs., Inc., 868 F.3d 66 (2d Cir. 2017) - Sign-in-wrap upheld; reasonable communication of terms.
• Specht v. Netscape Communications Corp., 306 F.3d 17 (2d Cir. 2002) - Browse-wrap unenforceable without unambiguous assent.
• Specht v. Netscape (Justia mirror) - Justia copy of the foundational browse-wrap opinion.

United Kingdom and EU

• Bassano v. Toft (2014) EWHC 377 (QB) - Electronic signature on lender agreement satisfies statutory form.
• Goodman v. J. Eban Ltd (1954) 1 QB 550 - Common law definition of signature, foundational precedent.
• Mercury Tax Group Ltd v. HMRC (2008) EWHC 2721 (Admin) - Execution of deeds and the validity of split signature pages.
• Neocleous v. Rees (2019) EWHC 2462 (Ch) - Automatic email footer can constitute a binding signature.

Aggregators

• BAILII - British and Irish Legal Information Institute - Free database of UK and Irish judgments cited above.
• CourtListener - Free Law Project - Free database of U.S. federal and state opinions used for the citations above.

Tools and Libraries

Commercial Platforms

Compliance Guides

Developer Resources

Glossary and Terminology

Each term links to the canonical defining specification. Sections, articles, or anchors are used where they pin the exact passage.

• AATL term - Adobe Approved Trust List of CAs trusted by Acrobat for signature validation.
• AdES family - Advanced Electronic Signature umbrella covering CAdES, XAdES, PAdES, JAdES, ASiC.
• AES cipher - Advanced Encryption Standard, FIPS 197 symmetric block cipher.
• ASiC container - Associated Signature Containers for packaging signed data, ETSI EN 319 162.
• CA role - Certificate Authority, defined in RFC 5280 section 3.2.
• CAdES profile - CMS Advanced Electronic Signatures, ETSI EN 319 122.
• Certificate Transparency log - Public append-only logs of issued X.509 certificates.
• CMS structure - Cryptographic Message Syntax, the basis of CAdES.
• CRL revocation - Certificate Revocation List defined in RFC 5280 section 5.
• DID identifier - Decentralized Identifier, W3C DID Core 1.0.
• DSA algorithm - Digital Signature Algorithm specified in FIPS 186-5.
• ECDSA algorithm - Elliptic Curve Digital Signature Algorithm in FIPS 186-5.
• EdDSA algorithm - Edwards-curve Digital Signature Algorithm, RFC 8032.
• eIDAS regulation - EU Regulation 910/2014 on electronic identification and trust services.
• e-seal type - Electronic seal under eIDAS Article 35, the organisational analogue of an e-signature.
• ESI committee - Electronic Signatures and Infrastructures, ETSI’s standards committee.
• ESIGN statute - U.S. Electronic Signatures in Global and National Commerce Act.
• HSM device - Hardware Security Module for protected key storage, see NIST SP 800-57.
• JAdES profile - JSON Advanced Electronic Signatures, ETSI TS 119 182-1.
• JOSE registry - JavaScript Object Signing and Encryption umbrella registries.
• JSON-LD format - JSON for Linking Data, W3C Recommendation used by Verifiable Credentials.
• JWS object - JSON Web Signature, RFC 7515.
• LTV mode - Long-Term Validation, PAdES Part 4 / ETSI EN 319 142-2.
• OCSP responder - Online Certificate Status Protocol for revocation lookup.
• OID arc - Object Identifier, ITU-T X.660 hierarchical identifier scheme.
• PGP signature - OpenPGP Message Format for inline and detached signatures, RFC 4880.
• PAdES profile - PDF Advanced Electronic Signatures, ETSI EN 319 142.
• PKI architecture - Public Key Infrastructure framework specified in RFC 5280.
• QES level - Qualified Electronic Signature, eIDAS Article 3(12).
• QSCD device - Qualified Signature Creation Device, eIDAS Annex II.
• QTSP role - Qualified Trust Service Provider, eIDAS Article 3(20).
• SHA-2 family - Secure Hash Algorithm 2 family, FIPS 180-4.
• SHA-3 family - Permutation-based hash family, FIPS 202.
• S/MIME spec - Secure/Multipurpose Internet Mail Extensions, RFC 8551.
• TSA service - Time-Stamp Authority, RFC 3161.
• TSP entity - Trust Service Provider, eIDAS Article 3(19).
• UETA framework - Uniform Electronic Transactions Act, U.S. model statute on electronic transactions.
• VC credential - Verifiable Credential, W3C VC Data Model 2.0.
• X.509 certificate - Public-key certificate format, ITU-T X.509 / RFC 5280.
• XAdES profile - XML Advanced Electronic Signatures, ETSI EN 319 132.
• XML Signature spec - W3C XML Signature 1.1 syntax and processing.
• ZertES statute - Swiss Federal Act on Electronic Signatures.

Contributing

Contributions welcome - see CONTRIBUTING.md. To propose a new resource, open an issue using the New Resource template. By participating you agree to the Code of Conduct.

---

Maintained by Chaindoc team.