🇬🇧FAQ

SDK OPERATION AND USAGE

• What is the maximum size of a document to be certified?

SHA256 allows document hashing up to 258 bytes, or 288,000 terabytes.

• What is the maximum anchoring frequency on the Trust Registry?

This is done upon request from our clients, and is customized to their needs.

• How does versioning work?

A common ID for all versions of an object allows for retrieval of each instance of proof.

• How does Archipels verify that an issuer is authorized to certify a document?

This is done through the use of API keys, issuer identities, and public/private key pairs.

-API key: This key is provided by us and allows you to connect with the Trust Registry. The API key enables you to certify or verify data based on the access permissions granted to you.

-Issuer ID: This is a unique identifier that is specific to you and allows you to be recognized by the Trust Registry. You can have multiple issuer IDs per organization. Each issuer ID is linked to a public key and a private key. In case of compromise of the private key, it is possible to generate a new public/private key pair while retaining the same issuer ID.

• What is the process for assigning identities? How do you verify that a person can request an issuer ID on behalf of a company?

-The identity is assigned after discussion, so the person to whom we send it is known and has already been in meetings with their peers/colleagues. Therefore, it is impossible to send it to an unknown or identity thief.

-When sending the API key, we use Bitwarden, which allows it to be read only once. Once you receive the API key, you can create your ID and a public/private key pair. You then send us your ID and public key, and we verbally confirm with you that they are indeed yours before granting you access to create.

• What are the "searchable", "public", and "private" metadata?

When creating a new proof schema, each metadata has a publication flag that can take on the values of "searchable", "public", or "private".

-Searchable: The field is an entry used by the verifier to verify a proof. There can be multiple searchable fields, and the matching_conditions field allows you to establish the conditions for a proof verification to succeed with "or" and "and" operators. The metadata is encrypted.

-Public: A public metadata is not encrypted when transmitted, so it always appears in plain text during verification.

-Private: A private metadata is encrypted during certification and does not appear in plain text during verification.

How does Archipels Blockchain work?

• What is a permissioned blockchain?

In a permissioned blockchain, only certain actors can validate transactions. At Archipels, these actors are EDF, Engie, La Poste, La Caisse des Dépôts, and Archipels. The right to access transaction data can be public or limited to participants. The system is partially decentralized.

• What is the difference with a public blockchain?

Unlike Archipels Blockchain, a public blockchain is accessible to everyone for reading or writing. All users participate in the validation of blocks.

• What is the role of transaction and validation nodes?

In a permissioned blockchain, a validation node and a transaction node have different roles in the network. A validation node is responsible for validating and verifying transactions submitted to the network by transaction nodes. It acts as a kind of guardian for the blockchain network, ensuring that all transactions comply with the rules and criteria of the network before they are added to the blockchain. Validation nodes are managed by trusted parties, and their work is to maintain the integrity and security of the network. On the other hand, a transaction node is responsible for creating, signing, and submitting transactions to the blockchain network. Transaction nodes can be managed by anyone with authorization to access the network and participate in its activities. They are users of the network who want to participate in transactions, and their role is to initiate transactions that will eventually be validated by the validation nodes. In summary, validation nodes are responsible for ensuring that only valid transactions are added to the blockchain, while transaction nodes are responsible for initiating these transactions. Both types of nodes play important roles in a permissioned blockchain network and work together to maintain the security, integrity, and functionality of the network.

• Does Archipels allow for on-premise deployment?

Yes, Archipels allows for on-premise deployment.

• Where are Archipels nodes hosted?

100% of Archipels nodes are hosted in France and Europe.

• How is the Layer 1 of Archipels built?

There are 20 blockchain nodes participating in the consensus:

-100% are hosted in France -80% are hosted by cloud operators -Node configurations: 4 vCPU RAM: 16GB SSD: 512GB -Annual electricity consumption: 5920 kWh -Carbon footprint: 2767 eq. kgCO2/year

• How are the validation nodes distributed?

-Caisse des Dépôts et Consignations: 2 -EDF: 2 -Engie: 2 -La Poste: 2 -Archipels: 2

• How are the transaction nodes distributed?

-Caisse des Dépôts et Consignations: 0 -EDF: 1 -Engie: 1 -La Poste: 0 -Archipels: 1

• How is the Layer 2 of Archipels built?

There are 6 servers: -100% are hosted in France -100% are hosted by cloud operators -Node configurations: 4 vCPU RAM: 16GB SSD: 512GB -Annual electricity consumption: 919 kWh -Carbon footprint: 512 eq. kgCO2/year

• What is the energy consumption of Archipels Blockchain?

The total annual electricity consumption is 3279 eq. kgCO2/year.

• What is the energy consumption per transaction on Layer 1?

0.3 mgCO2 eq

• Why was a Layer 2 created?

Layer 1 does not allow for scaling the use of the blockchain, hence the use of a Layer 2. This Layer 2 is composed of Merkle trees.

• What scalability does Archipels' layer 2 provide?

The layer 2 allows for certifying a proof in 300 ms.

• Can the layer 2 be saturated? Will the anchoring speed decrease as anchors accumulate?

For each new Trusted Source (issuer), a Merkle tree is made available, ensuring that saturation is unattainable and anchoring speed never decreases.

ARCHITECTURE

• Why did Archipels implement a Docker system to interact with its certification APIs?

-It is easier to transmit as container technology allows for creating a ready-to-use environment. -It avoids processing data in clear text, as data is hashed on the client side. -The SDK is in TypeScript and some clients may not have the skills to develop in this language, so using an API is more common and simpler than using the CLI.

What is the container orchestration used by Archipels?

Kubernetes, which abstracts the use of cloud instances.

Which port is used?

The default port used is HTTPS - 443.

SECURITY

• Has the code of the smart contract(s) developed by Archipels been audited?

Our smart contracts have been developed using the OpenZeppelin library (https://www.openzeppelin.com/) and follow their reference smart contracts, which have been audited. The instances we have deployed have undergone internal security reviews.

• What level of TLS (Transport Layer Security) security does Archipels use?

Here is an independent analysis: https://www.ssllabs.com/ssltest/analyze.html?d=api.archipels.io

GDPR

• GDPR Who can see certified data on Archipels?

No one, as data does not transit in clear text on Archipels. Only hashes transit. However, the so-called "public" metadata is anchored off-chain, allowing verifiers to see them in case of successful verification.

• What happens if a user requests the deletion of their personal data?

Regarding the deletion of data, specifically the exercise of the right to erasure or right to be forgotten (Article 17 of the GDPR): individuals can indeed request the erasure of their personal data processed by Archipels if the legal conditions are met. If these conditions are met, exercising this right will not pose a problem for the client (the data controller) who can request Archipels (the data processor) to erase the relevant "off-chain" (Trust Registry) data, with the exception of the proofId and the commitment, which are necessary for the integrity of the cryptographic accumulator (these data are considered anonymous and therefore not subject to the scope of GDPR). The recorded proof "on-chain" can be revoked but not deleted, as it only contains anonymous hashes (Merkle Tree root).

• Where are personal data stored?

-Trust Registry API: storage of data sent via the schemas - if there are any personal data anchored, they will be stored in it. -Accumulator: storage of hashed data (cryptographic proofs) -Blockchain: recording of the Merkle tree root, which is a hash created from an accumulation of hashes. There are no raw data or proof hashes stored in the blockchain.

The anonymization of the Archipels blockchain has been confirmed by an analysis by EFREI Paris.

Comparison to other solutions

• Comparison with alternative solutions What are the differences between Archipels and Directed Acyclic Graphs (DAG)?

Both technologies are decentralized ledgers. The benefits of a DAG and Archipels are almost similar, thanks to the layer 2 of Archipels, which include: -Scalability -Speed -Controlled decentralization -Low energy cost

• What are the differences between Archipels and Visible Electronic Seals (CEV)?

CEV technology is useful when the object being handled (such as invoices, pay slips, etc.) is in paper form. However, many procedures can be digitized, and verification using CEV becomes more cumbersome due to the verification time and the inability to automate the CEV verification process. In comparison, Archipels allows for automated document verification, and even eliminates the need for documents (in the case of data certification/verification), thereby enabling flawless verification of a large number of documents.