Indisputable GDPR compliant signatures in ContractChain

Abstract

Nowadays, entering into a contract with an overseas company still relies on postal services to send a printed contract, which is signed on paper. Lizard Global is developing an online platform for constructing, reviewing and signing digital contracts for one of their clients. In the original system, when a signee signed a contract, his personal information was used as a signature and stored in blockchain. However, this way of signing a contract does not enjoy the same degree of legal validity as a written signature. Moreover, the implications on privacy legislation, specifically the European Data Protection Regulation (GDPR) had not yet been taken into account by Lizard Global. This project describes how agile development was used to construct a high quality software solution to the problem, thereby implementing firstly an advanced e-signature to make signing a contract legally binding and secondly functionality to store this signature in blockchain such that it is compliant with the GDPR legislation. This is done by only storing hashed values in the blockchain and adding a user panel. In this panel, signees are able to control their personal data. High quality is obtained by testing thoroughly (100 per cent branch coverage), using the static analysis tool ESLint and requesting, receiving and implementing feedback from the software improvement group.