Leibodex Signed Bundle Mode v1

Versioned specification document.

Back to Specifications View Raw Markdown

Leibodex Signed Bundle Mode v1

  • Version: v1
  • Status: active
  • Scope: optional metadata layer for capture and provenance bundles

Boundary

Leibodex may record the presence of submitted signature-related metadata at stamp time. Except as expressly stated in a separately signed enterprise agreement, Leibodex does not determine whether any signature, certificate, public key, WebAuthn credential, detached signature, or assertion is genuine, attributable to a particular person or device, authorized by any organization, created with intent to sign, legally binding, compliant with E-SIGN, UETA, or other law, or sufficient to establish identity, agency, assent, authorship, or ownership.

Technical checks only

Any cryptographic, formatting, or consistency checks described in this mode are technical observations only and do not constitute legal signature validation.

Display rule

User interfaces, badges, PDFs, and exports must refer to this material as signature-related metadata or submitted signature data, not verified signature or similar.

Signature Object Schema

manifest.json may include:

{
  "signatures": [
    {
      "type": "pgp | webauthn | detached",
      "public_key": "...",
      "fingerprint": "...",
      "signature_hash": "...",
      "signed_at_utc": "...",
      "attestation_statement": "...",
      "webauthn": {
        "rp_id": "...",
        "credential_id_hash": "...",
        "assertion_file": "signatures/webauthn_assertion.json",
        "public_key_present": true,
        "challenge_sha256": "..."
      }
    }
  ]
}

Fields are optional except type.

WebAuthn Assertion File

When type=webauthn, include:

  • signatures/webauthn_assertion.json

Shape:

{
  "type": "webauthn.assertion",
  "format_version": 1,
  "created_at_utc": "2026-03-01T00:00:00Z",
  "rp_id": "leibodex.com",
  "challenge_sha256": "...",
  "credential_id_b64url": "...",
  "client_data_json_b64url": "...",
  "authenticator_data_b64url": "...",
  "signature_b64url": "...",
  "signature_hash_sha256": "...",
  "user_handle_b64url": "...",
  "public_key_jwk": {
    "kty": "EC",
    "crv": "P-256",
    "x": "...",
    "y": "..."
  }
}

Binary values use base64url without padding.

Hashing Rules

  • signature_hash is SHA-256 over raw signature bytes, not base64 text.
  • credential_id_hash is SHA-256 over raw credential ID bytes.
  • challenge_sha256 is SHA-256 over raw challenge bytes.
  • If public key JWK is present, fingerprint = sha256(JSON(jwk_normalized_utf8)).

Determinism Rules

  • JSON objects should be stable-stringified with lexicographically sorted keys.
  • Browser output is best-effort deterministic.
  • CLI output is strict deterministic.

Verify UI display guidance

Recommended labels:

  • Signature-related metadata attached
  • Public key included
  • Signature-related metadata recorded at time of stamp

Prohibited labels:

  • Legally binding
  • Identity verified
  • Trusted signer
  • Verified signature