Verification

Validate your certificate

Independently confirm the authenticity of any Bernstein blockchain certificate. No server trust required.

Verify a certificate

Zero-trust verification

Our validator is designed so you never have to trust us. Everything happens in your browser.

100% client-side

Your files never leave your device. All hashing and verification happens locally in your browser.

Blockchain proof

Certificates are verified against the immutable Bitcoin blockchain—no server trust required.

Works offline

For maximum security, you can disconnect from the internet before uploading sensitive files.

Open verification

Anyone can verify certificates independently using standard cryptographic tools.

Capabilities

What you can verify

Our validator lets you prove both the existence of files and ownership of certificates.

Prove existence

Upload files to verify they match the certificate's fingerprint registered on the Bitcoin blockchain.

Prove ownership

Enter your private keys to cryptographically prove you own the certificate.

Generate signatures

Create cryptographic signatures to prove ownership to third parties like courts or investors.

Share proof

Export verification data that anyone can independently validate.

Technical

How verification works

Our certificates use standard cryptographic techniques that can be verified by anyone.

SHA-256 hashing

Files are hashed using the same algorithm as Bitcoin. The fingerprint is a unique identifier for your exact files.

Bitcoin anchoring

The fingerprint is embedded in a Bitcoin transaction, creating an immutable timestamp on the world's most secure ledger.

Qualified timestamps

Additional timestamps from EU and China government authorities provide legal recognition.

Fingerprint matching

Upload your original files. If the computed fingerprint matches the blockchain record, existence is proven.

Protocol

The Bernstein registration protocol

Understanding how Bernstein creates blockchain certificates from your files.

Bernstein helps you create verifiable proof of existence and ownership for any digital asset. When you upload files to a project, Bernstein generates a cryptographic fingerprint and records it on the Bitcoin blockchain.

Each project can contain multiple files and evolve over time. Every version you certify creates a new blockchain record, building a complete audit trail of your intellectual property.

Each Bernstein certificate corresponds to a Bitcoin transaction with three key properties:

Public — visible to anyone on the Bitcoin network
Timestamped — anchored to a specific block with a precise date and time
Immutable — cannot be altered or deleted once confirmed

Three cryptographic keys

Owner key

Derived from your account. Proves who owns the certificate. The corresponding public key is printed on your certificate PDF.

Data key

Derived from the SHA-256 hash of your project files. Proves which files are covered by the certificate.

Bernstein key

Bernstein's platform key, which co-signs the transaction. The corresponding public key is printed on your certificate PDF.

Registration steps

Your files are hashed individually using SHA-256, then combined into a single project fingerprint.

The project fingerprint is converted into a Bitcoin private key, from which a public key (the Data Key) is derived.

The Data Key, Owner Key, and Bernstein Key are combined into a 3-of-3 MultiSig Bitcoin address.

A Bitcoin transaction is created sending funds to this MultiSig address, permanently recording the certificate on the blockchain.

The resulting Bitcoin address encodes all three keys — proving who owned what, and when. Anyone with the original files and the public keys can independently reconstruct the address and verify it against the blockchain.

Advanced

Manual verification

You don't even need our tools. Follow these steps to independently validate a Bernstein certificate against the Bitcoin blockchain using standard open-source cryptographic software.

What you need before starting

All project files and the project cover file (downloadable from the Bernstein app)
The Transaction ID, displayed on the Bernstein certificate PDF
The Owner Public Key and Bernstein Public Key, also found on the certificate PDF
Basic familiarity with using a computer terminal

Compute the SHA-256 hash of each individual file included in the project. There are many utilities for this. On Linux or macOS, run the following command in your terminal:

Terminal command:

shasum -a 256 yourfile.pdf

You can also use online services such as SHA256 Online Checksum.

SHA-256 is a standard algorithm — it will always produce the same result regardless of the tool used.

Remember to also hash the project cover file. This is a text file containing the project title and description, downloadable from the Bernstein app.

Combine the hashes into a single project fingerprint:

Sort all individual hashes alphabetically
Concatenate them into a single string
Compute the SHA-256 hash of the concatenated string

The result is your project fingerprint. You can verify it against the fingerprint shown in the Bernstein app under your project.

To use the project hash as a Bitcoin key, you need to convert it from HEX format to WIF (Wallet Import Format). We provide a Python script for this conversion.

Start by installing the required Python package:

pip install base58

Save the following Python script as hex2wif.py:

import sys, hashlib, base58

def hex_to_wif(hex_key):
    extended = "80" + hex_key + "01"
    first_sha = hashlib.sha256(bytes.fromhex(extended)).digest()
    second_sha = hashlib.sha256(first_sha).digest()
    checksum = second_sha[:4].hex()
    return base58.b58encode(bytes.fromhex(extended + checksum)).decode()

if __name__ == "__main__":
    if len(sys.argv) != 2:
        print("Usage: python hex2wif.py <your-project-hash-hex>")
        sys.exit(1)
    print(hex_to_wif(sys.argv[1]))

Then run the script with your project hash:

python hex2wif.py <your-project-hash-hex>

The script will output the corresponding key in WIF format. You can verify the result in the Bernstein app by clicking the key icon next to the blockchain certificate in your project.

In this step, you need to derive the compressed public key from the WIF private key obtained in Step 2. This is a standard Bitcoin cryptographic operation.

You can use this online tool: Bitcoin Key Compression Tool

Paste the WIF key from Step 2 and the tool will display the associated compressed public key. This is the Data Public Key — one of the three keys that make up the certificate address.

Now that you have derived the Data Public Key from your files, combine it with the Owner Public Key and Bernstein Public Key — both found on the certificate PDF — to construct the 3-of-3 MultiSig Bitcoin address.

Save and run the following Ruby script:

require 'digest'
require 'base58'
require 'bech32'

def decode_hex(hex)
  [hex].pack('H*')
end

def sha256(data)
  Digest::SHA256.digest(data)
end

def hash160(data)
  Digest::RipeMD160.digest(sha256(data))
end

def p2sh_multisig(keys)
  script = "\x53" # OP_3
  keys.sort.each { |k| script += [k.length / 2].pack('C') + decode_hex(k) }
  script += "\x53\xae" # OP_3 OP_CHECKMULTISIG
  h = hash160(script)
  version = "\x05"
  payload = version + h
  checksum = sha256(sha256(payload))[0..3]
  Base58.binary_to_base58(payload + checksum, :bitcoin)
end

def p2wsh_multisig(keys)
  script = "\x53"
  keys.sort.each { |k| script += [k.length / 2].pack('C') + decode_hex(k) }
  script += "\x53\xae"
  witness_hash = sha256(script)
  Bech32::SegwitAddr.new(hrp: 'bc', ver: 0,
    bytes: witness_hash.unpack('C*')).addr
end

puts "Select protocol version:"
puts "1 - Protocol 1 (P2SH)"
puts "2 - Protocol 2 (P2WSH SegWit)"
version = gets.chomp.to_i

keys = []
%w[Data Owner Bernstein].each do |name|
  print "Enter #{name} Public Key: "
  keys << gets.chomp
end

address = version == 1 ? p2sh_multisig(keys) : p2wsh_multisig(keys)
puts "\nBitcoin Address: #{address}"

Run the script from your terminal:

ruby multisig.rb

Follow the prompts: select your protocol version, then enter the three public keys one by one. The script will output the Bitcoin address.

Protocol 1 (legacy) generates a P2SH address. Protocol 2 (current) generates a SegWit P2WSH address. Check your certificate to determine which protocol version applies.

Finally, look up the Transaction ID from your certificate PDF on any blockchain explorer.

We recommend Blockstream.info orBlockchair.com.

Find the address in the transaction's output list and compare it with the address you computed in Step 4.

If the addresses match, verification is successful!

Congratulations — you have independently proven the existence and integrity of the information included in your project, without relying on any third party.