Csign: Public API

[GENERAL] Name and surname of main applicant

Jon Bauer

[GENERAL] Are you delivering this project as an individual or as an entity (whether formally incorporated or not)

Entity (Incorporated)

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

11

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language

No

[GENERAL] Summarize your solution to the problem (200-character limit including spaces)

Csign will create a public API, exposing its signing, certification, and verification functionality so developers can create powerful, private agreement signing features in their own applications.

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

Yes

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.”

Csign:

The Csign API depends on Csign, the private agreement signing platform. Csign is available now and will be continually developed and improved. The Csign API requires that the Csign platform remains available. We are committed to maintaining Csign for years to come.

Hyperledger Identus:

Csign is built on Hyperledger Identus, an open-source Self-Sovereign Identity (SSI) framework that is part of the Hyperledger suite of blockchain and identity projects. Hyperledger Identus, formerly known as Atala PRISM, provides components to develop decentralized identity solutions adhering to widely recognized SSI standards.

Csign has been working with Identus since its version 2 beta and has become an active participant in its developer and contributor community.

[GENERAL] Will your project’s output/s be fully open source?

No

[GENERAL] Please provide here more information on the open source status of your project outputs

Csign is not currently open source.

Our engineers, Roberto Carvajal and Jon Bauer are currently writing a developer-centric book about creating applications with Identus (Atala PRISM), funded by Catalyst Fund 11. “Mastering Identus: A Developer’s Handbook” contains advice, workarounds and tricks we learned by building the Csign proof of concept. We are choosing to give back to the community in the form of a book rather than make Csign open source for now. The book describes most of what’s required to build something similar to Csign, including open source example apps.

[METADATA] Horizons

Privacy

[SOLUTION] Please describe your proposed solution

Csign is a product anyone can use to securely and privately sign, certify, and verify agreements. Our team takes pride in crafting a smooth and delightful user experience for all, abstracting away all the complexities of technologies like Self-Sovereign Identity, managing identity wallets, cryptography, and encryption. However we have an even bigger vision for Csign. We want Csign to enable new, private and secure agreement signing functionality in YOUR apps. The Csign API is a service that other companies can use to leverage the power of Csign Core, in a fully custom branded flow of your own design. Want to add Csign capability to an internal tool at your company? We got you. Want to add secure and private multi-sig agreements into a DEX Onboarding flow? We’re here to help. 

The Csign API will be delivered in three phases, and we welcome developer input as we build the tools you’ll love to implement. In Phase One, we’ll document the Csign API spec, showing developers how they can interact with Csign Core as a RESTful web service. We’ll detail what’s possible so we can accept feedback and talk to developers about their exciting and interesting use cases. In Phase Two, we will set up the infrastructure required to supply API consumers with a scalable and secure web service based on demand we see from Phase One. Phase Three will give developers beta access to a playground server where they can try the service and try integrating the power of Csign into their own projects.

The Csign API will eventually be a paid service but pricing and availability will depend heavily on developer reaction to our beta API. We welcome input as we build so we can provide a truly valuable service for the Cardano community and beyond.

[IMPACT] Please define the positive impact your project will have on the wider Cardano community

Impact of Csign API:

CardanoNative Applications:

Our API will allow Cardano-native products and services to incorporate our core functionality into their workflows, adding privacy and integrity to their agreements.

Not only do we abstract away all the complexity of Self-Sovereign Identity for developers, but Cardano companies will not have to host Identus ( Atala PRISM ) infrastructure, which is a huge cost savings. If these services have agreement signing features, why build bespoke features when Csign can power them for you? Companies will be able to focus on what makes their applications special and not reinvent the wheel.. Whether they want to build custom wallets, retain their own branding, or offer verification services, Csign API will give them a huge lead and paves the way for future SSI interactions and integrations.

Non-Cardano Native Applications:

Csign API can also be integrated into Non-Cardano products as well. We believe other services certifying on Cardano via Csign will onboard multitudes more people, making Cardano the settlement and certification layer trusted throughout industry.

We measure success by number of agreements signed, and number of API integrations in Cardano-native products and services.

While privacy is our primary objective, we believe a number of community customers will allow us to publicize who uses the Csign platform and API. We look forward to sharing and celebrating their successful implementations with the rest of you!

[CAPABILITY & FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

Csign is functional and available now for testing and feedback: https://www.csign.io 

We have been active in the Identus (Atala PRISM) developer and contributor community and thanks to a Fund 11 Catalyst grant, Jon Bauer and Roberto Carvajal are writing “Mastering Identus: A Developer’s Handbook”, which is a developer-centric technical reference for developing with Identus ( Atala PRISM ). Csign was built with early versions of Identus, before it was open sourced and we have helped the project by reporting bugs and contributing fixes and workarounds.

Beyond Atala PRISM, our team is made up of highly experienced digital product designers and engineers. We have created applications for the world’s most famous brands, and are excited to be working together on cutting edge digital identity product ideas.

[PROJECT MILESTONES] What are the key milestones you need to achieve in order to complete your project successfully?

Csign API Phase 1: 

Duration: 1 Months

Spec Documentation:

• This will show developers how they will be able to make REST calls and interact with the Csign platform. 
• Proof will be API documentation of each API call and it’s JSON structure

Csign API Phase 2: 

Duration: 2 Months

• Set up API security and token management. Our engineering team will set up a secure and scalable API instance, ensuring we can properly offer Multi-Tenant Identus Wallets for all API subscribers. Proof will be a video showing an API endpoint working when supplied a valid token and the same endpoint failing when the token is invalidated

Csign API Phase 3:

Duration: 3 Months

• Building the REST Endpoints. This may be incomplete but all endpoints will provide at the very least hardcoded returns. Many endpoints will be providing real data but there might be some endpoints that need to be finished in Milestone 5. 

• Proof will be a video of a Postman session showing each endpoint working as described in the API Documentation created in Milestone 1.

Csign API Phase 4: 

Duration: 2 Months

• We will make the Csign API available to developers in a controlled BETA, issuing API tokens to developers who are interested in playing with and testing the API. Proof will be a public sign up form. *We can not guarantee developer interest but we are very keen to allow others to use the API and give us feedback.

Csign API Phase 5: 

Duration: 2 Months

• We will run the controlled BETA and make adjustments as feedback is submitted. It’s possible that based on feedback we may introduce breaking changes to the API. 

Csign API Phase 6:

Duration: 1 Months

• Csign API will enter “GA” (General Availability) for registered developers outside of the private beta.

• Proof will a video showing how developers can request an API token without being part of the private beta.

[RESOURCES] Who is in the project team and what are their roles?

Matthew Merino - CEO

x: https://x.com/matthewbmerino

linkedin: https://www.linkedin.com/in/matthewbmerino/

Jon Bauer - Product Lead

x: https://x.com/coveloper

linkedin: https://www.linkedin.com/in/jonbauer/

Roberto Carvajal - Lead Engineer

x: https://x.com/netkrash

linkedin: https://www.linkedin.com/in/robertocarvajal/

Mal Som - Product Design

x: https://x.com/errthangisalive

linkedin:

We have worked together on Csign for well over a year and have been present at both Rare Bloom 2023 in Denver and Rare Evo 2024 in Las Vegas.

Matthew graduated from New York University’s Stern School of Business in 2020, where he earned a double major in Finance and Data Science. In addition to co-founding and investing in Csign, he actively manages his investment portfolio.

Jon is an iOS developer that has been building software products since 1995, from the early days of the web, through the e-commerce revolution, and to modern day mobile and large-scale platform deployments. Jon has worked on number one app store titles like Pandora Music, and built applications for major brands such as Visa, Gatorade, and the Grammys.

Roberto is a full stack developer with a background in security and encryption. He has crafted advanced SSI applications and is currently co-authoring a definitive resource for identity software developers with Jon, titled, “Mastering Identus: A Developer’s Handbook”.

Mal has lead the design efforts for major companies like Zalando, Edmunds, and BlockFi.

[BUDGET & COSTS] Please provide a cost breakdown of the proposed work and resources

*Budget Calculated in ADA at today’s ADA price of $0.36 USD

Total: 219,547 ADA / ~$78,895 USD

Milestone 1:  26,665 ADA / ~$9,582 USD

Spec Documentation: 

• Install / Configure / Automate API Documentation: 12 hours: 2,666 ADA
• Design API Interface for all REST API endpoints: 60 hours: 13,333 ADA
• Project Management: 20 hours: 4,444 ADA
• Infrastructure - Server Hardware: 1,778 ADA
• Infrastructure - Server Admin: 20 hours: 4,444 ADA

Milestone 2: 30,666 ADA / ~$11,020 USD

• Backend Engineering: 100 hours: 22,222 ADA
• Project Management: 10 hours: 2,222 ADA
• Infrastructure - Server Hardware: 1,778 ADA
• Infrastructure - Server Admin: 20 hours: 4,444 ADA

Milestone 3: 46,221 ADA / ~ $16,610 USD

• Backend Engineering: 160 hours: 35,555 ADA
• Project Management: 20 hours: 4,444 ADA
• Infrastructure - Server Hardware: 1,778 ADA
• Infrastructure - Server Admin: 20 hours: 4,444 ADA

Milestone 4: 26,221 ADA / ~$9,423 USD

• Backend Engineering: 80 hours: 17,777 ADA
• Project Management: 10 hours: 2,222 ADA
• Infrastructure - Server Hardware: 1,778 ADA
• Infrastructure - Server Admin: 20 hours: 4,444 ADA

Milestone 5: 28,443ADA / ~$10,221 USD

• Backend Engineering and Scaling: 60 hours: 13,333 ADA
• Project Management: 40 hours: 8,888 ADA
• Infrastructure - Server Hardware: 1,778 ADA
• Infrastructure - Server Admin: 20 hours: 4,444 ADA

Final Milestone: 61,784 ADA / ~$22,202 USD

• Backend Engineering: 40 hours: 8,888 ADA
• Project Management: 20 hours: 4,444 ADA
• Infrastructure - Server Hardware: 12 months prepaid 21,333 ADA
• Infrastructure - Server Admin: 120 hours, 12 Months prepaid: 26,666 ADA
• Misc: 453 ADA (Remainder of total / Buffer)

[VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

Identus (Atala PRISM) Infrastructure is too complex and expensive for companies to run in-house.

Unlike traditional “web2” applications, Self-Sovereign Identity applications require multiple servers and services interacting as Issuers, Holders and Verifiers, as well as dedicated servers for Horizontally scaled Mediators which negotiate secure messages between peers. 

By abstracting the complexity away into Csign and Csign API, the Cardano community will be able to leverage the power and privacy of SSI at a much lower cost, on a per agreement or subscription cost.

With Fund 13 funding, we will keep our API service available for a 12 month minimum, using the Infrastructure budget listed here to pay our hosting provider. We will continue to perform server admin monthly to ensure a healthy and secure platform for 12 months. After 12 months, we will continue to support the Csign API for as long as there is sufficient demand and/or a sustaining business model.

We hope making this technology accessible to everyone will add tremendous value to a variety of Cardano-based applications.

We believe in the future of the Cardano Ecosystem and we want to partner with you all!

Thank you for your consideration!