RubyGems - vchain_client - Versions diffs - 1.0.15 → 1.0.16 - Mend

vchain_client 1.0.15 → 1.0.16

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/vchain_client.rb +804 -737
data/lib/vchain_client/bitcoind_blockchain_adapter.rb +16 -2
data/lib/vchain_client/blockstack_client.rb +4 -0
data/lib/vchain_client/signatures.rb +73 -51
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f7cee1ed6c6a5984dc6a2895676e516a9ec6eeaa
-  data.tar.gz: e6579fd0ab9f8d7460f7d46dd98f6b9625ba675a
+  metadata.gz: d4d647625f6cb2ba6bd8783a3da98bd8a0845cb6
+  data.tar.gz: dcf9699f8907e8a5fdb3cfe73f62ef9f8a50a439
 SHA512:
-  metadata.gz: e94a3dd3e7327a2b007bf75588366ee8cbdd103f8f32cb356e1c6e31bb3e31d7c21f6391e27770919117df1fc46e95c5bc8facc99b875fd0dd7b6b34707c1f40
-  data.tar.gz: 2532de0a43e0de96ec538d27d1f13912fd0c33bb06aee3292789c765da8f8897cb8ad12cc51a8ecf2f74836b7f393a380899a4a97f73d480b73a496c9d47fd93
+  metadata.gz: 4ff4a4f2ebeccf0d056eaa9b8aae892716d179b19e3c28c793c1da5f9dbad4741abdd3923fbcb1afdcb0d93ca6b29675fdb3d4ae648c545f7ef51fd0c0e3d932
+  data.tar.gz: ca812c1e1f01704802606a27a7b8cf2e6996f8cacc4f9de9b86a442b41a5284cd716cffa2fb6958c8ace666bd43659df6e2f1445609e8468ae0e2c521d07a921

data/lib/vchain_client.rb CHANGED Viewed

@@ -15,7 +15,11 @@ module VChainClient
     require 'vchain_client/signatures'
     require 'vchain_client/blockstack_client'
-    FIELD_TYPE_HASHED = "fbb6889f44061c2a91e17a411cf168f9457981257a5e0a31fb706cd5cd1e64c263780a42a1fd858ee69429869ab2e2c53b9d94c4a26946f2b0c12f8ce2812d6b"
+    FIELD_TYPE_TRAVEL_DOCUMENT = "travel_document"
+    FIELD_TYPE_TEST_DOCUMENT = "test_document"
+    FIELD_TYPE_TRAVEL_DOCUMENT_HASHED = "fbb6889f44061c2a91e17a411cf168f9457981257a5e0a31fb706cd5cd1e64c263780a42a1fd858ee69429869ab2e2c53b9d94c4a26946f2b0c12f8ce2812d6b"
+    FIELD_TYPE_TEST_DOCUMENT_HASHED   = "e061cf61078d74025ab1d136e0a78785097b8ef721107e940cac1ca836ed5fa6af907344b761447274ce0558d95d4126e94e11f04eb70c3885afcc96f9cfe985"
     @config = nil
     @log = nil
@@ -32,23 +36,94 @@ module VChainClient
       }
   	end
+    def full_hash(arr)
+      output = {}
+      arr.each { |k, v|
+        if k != "doc_hash"
+          output[Digest::SHA512.hexdigest(k)] = Digest::SHA512.hexdigest(v)
+        else
+          output[k] = Digest::SHA512.hexdigest(v)
+        end
+      }
+      return output
+    end
     def cut(arr)
       arr.each { |k, v|
-        if k == "type" || k == "citizenship" || k == "first_name" || k == "last_name" || k == "birthdate" || k == "number" || k == "sex"
-          arr[k] = v
-        else
+        if arr["type"] == FIELD_TYPE_TRAVEL_DOCUMENT_HASHED
+          if k == "type" || k == "citizenship" || k == "first_name" || k == "last_name" || k == "birthdate" || k == "number" || k == "sex"
+            arr[k] = v
+          else
+            arr.delete(k)
+          end
-          arr.delete(k)
+        elsif arr["type"] == FIELD_TYPE_TEST_DOCUMENT_HASHED
+          if k == "type" || k == "a" || k == "b" || k == "c" || k == "d" || k == "e"
+            arr[k] = v
+          else
+            arr.delete(k)
+          end
         end
       }
     end
+    def get_doc_hash(arr)
+      if arr["type"] == FIELD_TYPE_TRAVEL_DOCUMENT_HASHED
+        what_to_hash = arr["type"] + arr["citizenship"] + arr["number"] + arr["first_name"] + arr["last_name"] + arr["birthdate"] + arr["sex"]
+        return Digest::SHA512.hexdigest(what_to_hash)
+      elsif arr["type"] == FIELD_TYPE_TEST_DOCUMENT_HASHED
+        what_to_hash = arr["type"] + arr["a"] + arr["b"] + arr["c"] + arr["d"] + arr["e"]
+        return Digest::SHA512.hexdigest(what_to_hash)
+      end
+    end
     def get_credentials_fields(type)
-      if type == FIELD_TYPE_HASHED
+      if type == FIELD_TYPE_TRAVEL_DOCUMENT_HASHED
         return ["type", "citizenship", "number", "first_name", "last_name", "birthdate"]
+      elsif type == FIELD_TYPE_TEST_DOCUMENT_HASHED
+        return ["type", "a", "b", "c"]
+      end
+      if @log.error?
+        @log.error("[get_credentials_fields] unknown document type: '"+ type +"'")
+      end
+      return nil
+    end
+    def get_similar_credential_sets(type)
+      if type == FIELD_TYPE_TRAVEL_DOCUMENT_HASHED
+        output = []
+        output.push(["type", "last_name", "birthdate", "number", "citizenship"])
+        output.push(["type", "first_name", "birthdate", "number", "citizenship"])
+        output.push(["type", "first_name", "last_name", "birthdate", "number"])
+        output.push(["type", "first_name", "last_name", "birthdate", "citizenship"])
+        output.push(["type", "first_name", "last_name", "number", "citizenship"])
+        output.push(["type", "last_name", "number", "citizenship"])
+        output.push(["type", "first_name", "number", "citizenship"])
+        output.push(["type", "birthdate", "number", "citizenship"])
+        output.push(["type", "first_name", "last_name", "birthdate"])
+        output.push(["type", "number", "citizenship"])
+        return output
+      elsif type == FIELD_TYPE_TEST_DOCUMENT_HASHED
+        output = []
+        output.push(["type", "a", "b"])
+        output.push(["type", "a", "c"])
+        output.push(["type", "b", "c"])
+        return output
       end
       if @log.error?
@@ -59,10 +134,16 @@ module VChainClient
     end
   	def get_credentials_hash(document)
-  		if document["type"] == FIELD_TYPE_HASHED
+  		if document["type"] == FIELD_TYPE_TRAVEL_DOCUMENT_HASHED
   			what_to_hash = document["type"] + document["citizenship"] + document["number"] + document["first_name"] + document["last_name"] + document["birthdate"]
   			return Digest::SHA512.hexdigest(what_to_hash)
+      elsif document["type"] == FIELD_TYPE_TEST_DOCUMENT_HASHED
+        what_to_hash = document["type"] + document["a"] + document["b"] + document["c"]
+        return Digest::SHA512.hexdigest(what_to_hash)
   		end
       if @log.error?
@@ -112,83 +193,36 @@ module VChainClient
   		return previous_parent
   	end
-  	def do_use(input, ignore_possible_matches = false)
-      client_id = @config["client_id"]
-      api_url = @config["api"]["url"] + "v0.1/use/";
-      document = input
-      document = self.cut(document)
-      document = self.hash(document)
+  	def add_data_point(point_type, input, weight)
-      if @log.debug?
-        @log.debug("[use] will call "+ api_url +" using vchain_client_id "+ client_id)
-        @log.debug("[use] hashed input:")
-        @log.debug(document)
-      end
-      document["client_id"] = client_id
-      document["ignore_possible_matches"] = ignore_possible_matches
-      if @log.debug?
-        @log.debug("[use] send_data:")
-        @log.debug(document)
-      end
-      begin
-        req = RestClient.post(api_url,
-        					            document.to_json,
-        					            {'Content-Type' => 'application/json'})
+    	client_id = @config["client_id"]
+    	api_url = @config["api"]["url"] + "v0.1/addDataPoint/"
-        if req.code != 200
+	  	time = Time.now.getutc
+	  	timestamp = time.to_i
-          if @log.error?
-            @log.error("[use] response with code "+ req.code.to_s)
-            @log.error("-> ignore_possible_matches: #{ignore_possible_matches}")
-            @log.error("-> client_id: #{client_id}")
-            @log.error("-> api_url: #{api_url}")
-            @log.error("-> document:")
-            @log.error(document)
-          end
+	    document = input
+      document = self.hash(document)
+      document = self.cut(document)
-        	return false
+      doc_hash = self.get_doc_hash(document)
-        end
+      if weight > 1
+        weight = 1
-        return true
+      elsif weight < 0
-      rescue => e
-        if @log.error?
-          @log.error("[use] RestClient.post raised exception")
-          @log.error("#{e.class}, #{e.message}")
-          @log.error("-> ignore_possible_matches: #{ignore_possible_matches}")
-          @log.error("-> client_id: #{client_id}")
-          @log.error("-> api_url: #{api_url}")
-          @log.error("-> document:")
-          @log.error(document)
-        end
+        weight = 0
-        raise e
       end
-  	end
-  	def do_verify(verification_type, input)
-    	client_id = @config["client_id"]
-    	api_url = @config["api"]["url"] + "v0.1/verify/"
-	  	time = Time.now.getutc
-	  	timestamp = time.to_i
-	    document = input
-      document = self.cut(document)
-	    document = self.hash(document)
       if @log.debug?
         @log.debug("[verify] will call "+ api_url +" using vchain_client_id "+ client_id)
-        @log.debug("-> verification_type: "+ verification_type)
+        @log.debug("-> point_type: "+ point_type)
+        @log.debug("-> weight: "+ weight.to_s)
         @log.debug("-> timestamp: "+ timestamp.to_s)
         @log.debug("-> hashed input:")
         @log.debug(document)
@@ -196,17 +230,18 @@ module VChainClient
       signaturesHelper = VChainClient::Signatures.new(@config)
-      verifications_data = nil
+      point_signatures = nil
       begin
-        verifications_data = signaturesHelper.signVerification(verification_type, document, timestamp)
+        point_signatures = signaturesHelper.signDataPoint(point_type, document, doc_hash, weight, timestamp)
       rescue => e
         if @log.error?
           @log.error("[verify] Signatures.signVerification raised exception")
           @log.error("#{e.class}, #{e.message}")
-          @log.error("-> verification_type: "+ verification_type)
+          @log.error("-> point_type: "+ point_type)
+          @log.error("-> weight: "+ weight.to_s)
           @log.error("-> timestamp: "+ timestamp.to_s)
           @log.error("-> client_id: #{client_id}")
           @log.error("-> api_url: #{api_url}")
@@ -217,10 +252,11 @@ module VChainClient
         raise e
       end
-      if verifications_data == nil
+      if point_signatures == nil
         if @log.error?
           @log.error("[verify] failed to Signatures.signVerification")
-          @log.error("-> verification_type: "+ verification_type)
+          @log.error("-> point_type: "+ point_type)
+          @log.error("-> weight: "+ weight.to_s)
           @log.error("-> timestamp: "+ timestamp.to_s)
           @log.error("-> client_id: #{client_id}")
           @log.error("-> api_url: #{api_url}")
@@ -232,8 +268,8 @@ module VChainClient
       end
       if @log.debug?
-        @log.debug("[verify] verifications_data:")
-        @log.debug(document)
+        @log.debug("[verify] point_signatures:")
+        @log.debug(point_signatures)
       end
 	    document = Hash[document.sort]
@@ -247,14 +283,15 @@ module VChainClient
       begin
-        whole_signature = signaturesHelper.signRequest(document, timestamp)
+        whole_signature = signaturesHelper.signRequest(document, point_type, weight, timestamp)
       rescue => e
         if @log.error?
           @log.error("[verify] Signatures.signRequest raised exception:")
           @log.error("#{e.class}: #{e.message}")
-          @log.error("-> verification_type: #{verification_type}")
+          @log.error("-> point_type: #{point_type}")
+          @log.error("-> weight: "+ weight.to_s)
           @log.error("-> timestamp: "+ timestamp.to_s)
           @log.error("-> client_id: #{client_id}")
           @log.error("-> api_url: #{api_url}")
@@ -270,7 +307,8 @@ module VChainClient
           if @log.error?
             @log.error("[verify] failed to sign request")
-            @log.error("-> verification_type: #{verification_type}")
+            @log.error("-> point_type: #{point_type}")
+            @log.error("-> weight: "+ weight.to_s)
             @log.error("-> timestamp: "+ timestamp.to_s)
             @log.error("-> client_id: #{client_id}")
             @log.error("-> api_url: #{api_url}")
@@ -291,9 +329,10 @@ module VChainClient
 		  send_data = {}
 		  send_data["client_id"] = client_id
 		  send_data["data"] = document
+      send_data["weight"] = weight.to_s
 		  send_data["timestamp"] = timestamp.to_s
-		  send_data["verification_type"] = verification_type;
-		  send_data["verifications_signatures"] = verifications_data
+		  send_data["type"] = point_type;
+		  send_data["point_signatures"] = point_signatures
 		  send_data["signature"] = whole_signature
       if @log.debug?
@@ -312,7 +351,8 @@ module VChainClient
             @log.error("[verify] response with code "+ req.code.to_s)
             @log.error("-> client_id: #{client_id}")
             @log.error("-> api_url: #{api_url}")
-            @log.error("-> verification_type: #{verification_type}")
+            @log.error("-> point_type: #{point_type}")
+            @log.error("-> weight: "+ weight.to_s)
             @log.error("-> timestamp: "+ timestamp.to_s)
             @log.error("-> send_data:")
             @log.error(send_data)
@@ -334,7 +374,8 @@ module VChainClient
           @log.error("#{e.class}, #{e.message}")
           @log.error("-> client_id: #{client_id}")
           @log.error("-> api_url: #{api_url}")
-          @log.error("-> verification_type: #{verification_type}")
+          @log.error("-> point_type: #{point_type}")
+          @log.error("-> weight: "+ weight.to_s)
           @log.error("-> timestamp: "+ timestamp.to_s)
           @log.error("-> send_data:")
           @log.error(send_data)
@@ -344,19 +385,22 @@ module VChainClient
       end
   	end
-    def do_check(input, is_already_hashed=false)
+    def check(input, is_already_hashed=false)
       client_id = @config["client_id"]
       api_url = @config["api"]["url"] + "v0.1/check/";
       document = input
-      document = self.cut(document)
       if (!is_already_hashed)
-      	document = self.hash(document)
+        document = self.hash(document)
       end
+      document = self.cut(document)
+      sent_document = document.clone
       document["client_id"] = client_id
       if @log.debug?
@@ -380,7 +424,7 @@ module VChainClient
             @log.error("[check] response with code "+ req.code.to_s)
             @log.error("-> client_id: #{client_id}")
             @log.error("-> api_url: #{api_url}")
-            @log.debug("-> is_already_hashed: #{is_already_hashed}")
+            @log.error("-> is_already_hashed: #{is_already_hashed}")
             @log.error("-> sent data:")
             @log.error(document)
           end
@@ -395,7 +439,7 @@ module VChainClient
           @log.error("#{e.class}, #{e.message}")
           @log.error("-> client_id: #{client_id}")
           @log.error("-> api_url: #{api_url}")
-          @log.debug("-> is_already_hashed: #{is_already_hashed}")
+          @log.error("-> is_already_hashed: #{is_already_hashed}")
           @log.error("-> sent data:")
           @log.error(document)
         end
@@ -403,800 +447,823 @@ module VChainClient
         raise e
       end
+      res = JSON.parse req.body
       if @log.debug?
-        @log.debug("[check] response code is 200:")
+        @log.debug("response:")
         @log.debug(req.body)
       end
-      res = JSON.parse req.body
+      if res["status"].downcase == "error"
-      validated_verifications = {}
-      if res.key?("document")
+      	return {
+          "status" => "error",
+          "reason" => res["error_reason_code"]
+        }
-        res_document = res["document"]
+      else
-        if @log.debug?
-          @log.debug("[check] recieved verifications")
-        end
+        # success result
-        credentials_document = document
+        res_docs_index = {}
-        if res["status"] == "ERROR" || res["status"] == "error"
-          if res["error_reason_code"] == "DOCUMENT_POSSIBLE_MISTAKES"
-            credentials_document = {}
+        res["docs"].each { |res_doc|
-            credentials_fields = self.get_credentials_fields(document["type"])
+          res_doc_credentials_hash = self.get_credentials_hash(res_doc)
-            credentials_fields.each_with_index{ |field,index|
-              if document[field] != res_document["values"][field]
-                credentials_document[field] = res_document["values"][field]
-              else
-                credentials_document[field] = document[field]
-              end
-            }
+          if !res_docs_index.key?(res_doc_credentials_hash)
+            res_docs_index[res_doc_credentials_hash] = []
           end
-        end
-        credentials_hash = self.get_credentials_hash(credentials_document)
+          res_docs_index[res_doc_credentials_hash].push(res_doc)
+        }
+        validated_data_points = self.validate_data_points(res["data_points"], res["docs"])
+        if validated_data_points.length == 0
+          # not found
+          result = {}
+          sent_document.each { |field, value|
+            result[field] = 0
+          }
+          return {
+            "status"    => "success",
+            "validated" => result
+          }
-        if @log.debug?
-          @log.debug("[check] credentials_hash: "+ credentials_hash)
         end
-        blockchainConnection = VChainClient::BlockchainConnection.new(@config)
+        # analyse
-        blockstackClient = VChainClient::BlockstackClient.new(@config)
+        sent_doc_hash = self.get_doc_hash(sent_document)
-        signaturesHelper = VChainClient::Signatures.new(@config)
+        sent_credentials_hash = self.get_credentials_hash(sent_document)
-        res_document.each { |field, v|
-          if v.key?("verifications") && v["verifications"].length > 0 && field != "type"
-            if @log.debug?
-              @log.debug("[check] check recieved verifications for '"+ field +"', number of recieved verifications: "+ v["verifications"].length.to_s)
-            end
+        hashed_sent_doc = self.full_hash(sent_document)
-            v["verifications"].each { |verification|
+        hashed_sent_doc_hash = Digest::SHA512.hexdigest(sent_doc_hash)
-              if @log.debug?
-                @log.debug("[check] field '"+ field +"', verification:")
-                @log.debug(verification)
-              end
+        # trying to find exact match by doc_hash
-              if !verification.key?("blockchain_reciepts")
-                if @log.error?
-                  @log.error("[check] not a valid verification - no blockchain_reciepts key")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+        if validated_data_points.key?(hashed_sent_doc_hash)
+          # exact match found by doc_hash
-                next
-              end
+          result = {}
-              if verification["blockchain_reciepts"].length <= 0
-                if @log.error?
-                  @log.error("[check] not a valid verification - blockchain_reciepts is empty")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+          exact_match = validated_data_points[hashed_sent_doc_hash]
-                next
-              end
+          sent_document.each { |field, value|
+            hashed_field = Digest::SHA512.hexdigest(field)
-              # 1a. check credentials_hash
-              if credentials_hash != verification["credentials_hash"]
-                if @log.error?
-                  @log.error("[check] not a valid verification - credentials_hash mismatch ("+ credentials_hash +")")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+            if exact_match.key?(hashed_field)
-                next
-              end
+              result[field] = exact_match[hashed_field]
-              # 1b. check field_hash
-              field_hash = Digest::SHA512.hexdigest(field)
-              if field_hash != verification["field_hash"]
-                if @log.error?
-                  @log.error("[check] not a valid verification - field_hash mismatch ("+ field_hash +")")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+            else
-                next
-              end
+              result[field] = 0
-              # 1c. check data_hash
-              data_hash = Digest::SHA512.hexdigest(document[field])
-              if res.key?("document")
-                if res["document"].key?("values")
-                  if res["document"]["values"].key?(field)
-                    if res["document"]["values"][field] != document[field]
-                      data_hash = Digest::SHA512.hexdigest(res["document"]["values"][field])
-                    end
-                  end
-                end
-              end
-              if data_hash != verification["data_hash"]
-                if @log.error?
-                  @log.error("[check] not a valid verification - data_hash mismatch ("+ data_hash +")")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+            end
-                next
-              end
+          }
-              # 1d. check checksum
-              checksum_to_hash = credentials_hash + field_hash + data_hash
-              checksum = Digest::SHA512.hexdigest(checksum_to_hash)
-              if checksum != verification["checksum"]
-                if @log.error?
-                  @log.error("[check] not a valid verification - checksum mismatch ("+ checksum +")")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                  @log.error(credentials_hash)
-                  @log.error(field_hash)
-                  @log.error(data_hash)
-                end
+          return {
+            "status"    => "success",
+            "validated" => result
+          }
-                next
-              end
+        else
-              verification_hash = verification["verification_hash"]
-              if @log.debug?
-                @log.debug("[check] verification_hash: "+ verification_hash)
-              end
+          # search by credentials_hash
+          found_docs = []
+          if res_docs_index.key?(sent_credentials_hash)
+            found_docs = res_docs_index[sent_credentials_hash]
+          end
-              # 2. check verification_hash to be in target_proof's
-              # first element
-              reciepts_validated = 0
-              verification["blockchain_reciepts"].each { |reciept|
+          if found_docs.length > 0
-                if @log.debug?
-                  @log.debug("reciept to check:")
-                  @log.debug(reciept)
-                end
+            # matches found by credentials
-                if !reciept.key?("target_proof")
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - no target_proof")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+            result = {}
-                  break
-                end
+            possible_mistakes = []
-                if reciept["target_proof"].length <= 0
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - target_proof length is <= 0")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+            cred_fields = self.get_credentials_fields(sent_document["type"]);
-                  break
-                end
+            non_cred_fields_index = {}
-                if reciept["target_proof"][0]["left"] != verification_hash && reciept["target_proof"][0]["right"] != verification_hash
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - no target element in target_proof.0")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+            found_docs.each { |cred_doc|
-                  break
+              cred_doc_hash = self.get_doc_hash(cred_doc)
+              cred_doc_hash = Digest::SHA512.hexdigest(cred_doc_hash)
+              cred_doc_exact_match = validated_data_points[cred_doc_hash]
+              # fill credential fields
+              cred_fields.each { |cred_field|
+                cred_field_hashed = Digest::SHA512.hexdigest(cred_field)
+                if !result.key?(cred_field)
+                  result[cred_field] = 0
                 end
-                # verification_hash is in tree
-                # and in right position
-                # now,
-                # 3. check tree convergence to root hash
-                # and compare this computed root hash
-                # with merkle_tree_root_hash from response
-                if @log.debug?
-                  @log.debug("will now build merkle tree with")
-                  @log.debug(reciept["target_proof"])
-                  @log.debug(reciept["timestamp"])
+                if cred_doc_exact_match.key?(cred_field_hashed)
+                  result[cred_field] += cred_doc_exact_match[cred_field_hashed]
                 end
-                computed_tree_root_hash = self.build_merkle_tree(reciept["target_proof"], reciept["timestamp"])
+              }
+              # fill non credential fields
+              cred_doc.each { |field, value|
-                if @log.debug?
-                  @log.debug("computed tree root hash = "+ computed_tree_root_hash)
-                end
+                if !cred_fields.include?(field) && field != "doc_hash"
-                if computed_tree_root_hash == nil
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - failed to compute tree root hash")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
+                  non_cred_field_hashed = Digest::SHA512.hexdigest(field)
+                  if !non_cred_fields_index.key?(field)
+                    non_cred_fields_index[field] = {}
                   end
-                  break
-                end
-                if computed_tree_root_hash != reciept["merkle_tree_root_hash"]
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - merkle tree root hash mismatch ("+ computed_tree_root_hash +", "+ reciept["merkle_tree_root_hash"] +")")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
+                  if !non_cred_fields_index[field].key?(value)
+                    non_cred_fields_index[field][value] = 0
                   end
-                  break
-                end
-                last_proof_index = reciept["target_proof"].length - 1
-                reciept_stored_last_parent = reciept["target_proof"][last_proof_index]["parent"]
-                if reciept_stored_last_parent != computed_tree_root_hash
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - last stored parent != computed_tree_root_hash ("+ reciept_stored_last_parent +", "+ computed_tree_root_hash +")")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
+                  if cred_doc_exact_match.key?(non_cred_field_hashed)
+                    non_cred_fields_index[field][value] += cred_doc_exact_match[non_cred_field_hashed]
                   end
-                  break
                 end
-                # 4. check OP_RETURN in Bitcoin's tx,
-                # compare it to computed root hash of a tree
-                # retrieve some info from tx to verify signature
-                tx = nil
-                begin
-                  tx = blockchainConnection.getTx(reciept["blockchain_txid"])
-                rescue => e
-                  if @log.error?
-                    @log.error("[check] BlockchainConnection.getTx raised exception:")
-                    @log.error("#{e.class}, #{e.message}")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> blockchain_txid: "+ reciept["blockchain_txid"])
-                  end
+              }
-                  raise e
-                end
+            }
+            non_cred_fields_index.each { |field, values|
-                if @log.debug?
-                  @log.debug("[check] tx ["+ reciept["blockchain_txid"] +"]:")
-                  @log.debug(tx)
-                end
+              if values.length == 1
-                if tx == nil
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - failed to retrieve TX from Blockchain")
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
+                values.take(1).each { |value, validated_count|
+                  if value == sent_document[field]
+                    result[field] = validated_count
+                  else
+                    possible_mistakes.push(field)
                   end
+                }
-                  break
-                end
+              else
+                possible_mistakes.push(field)
+              end
-                if tx["block_hash"] != reciept["blockchain_block_hash"]
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - block_hash mismatch")
-                    @log.error(tx)
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+            }
-                  break
-                end
+            return {
+              "status"            => "success",
+              "possible_mistakes" => possible_mistakes,
+              "validated"         => result
+            }
-                if tx["block_timestamp"] != reciept["blockchain_timestamp"]
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - timestamp mismatch")
-                    @log.error(tx)
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+          else
-                  break
-                end
+            # search for possible errors in credentials
-                if tx["op_return"] != computed_tree_root_hash
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - op_return mismatch")
-                    @log.error(computed_tree_root_hash)
-                    @log.error(tx)
-                    @log.error(reciept)
-                    @log.error("field '"+ field +"'")
-                    @log.error(verification)
-                    @log.error(document)
-                  end
+            similar_sets = self.get_similar_credential_sets(sent_document["type"])
-                  break
-                end
+            result = {}
+            possible_mistakes = []
-                blockchain_txid = reciept["blockchain_txid"];
-                blockchain_block_hash = tx["block_hash"];
-                blockchain_timestamp = tx["block_timestamp"];
-                if @log.debug?
-                  @log.debug(blockchain_txid)
-                  @log.debug(blockchain_block_hash)
-                  @log.debug(blockchain_timestamp)
-                end
+            other_fields_index = {}
-                # 5. check tree signature:
-                # a) federative server record in Blockstack (recursive)
-                # b) tree_signature
-                # a) federative server record in Blockstack (recursive)
-                begin
-                  if !blockstackClient.checkFederativeServer(reciept["federative_server_id"])
-                    if @log.error?
-                      @log.error("[check] not a valid blockchain reciept - failed to check federative server")
-                      @log.error("-> client_id: #{client_id}")
-                      @log.error("-> api_url: #{api_url}")
-                      @log.error("-> is_already_hashed: #{is_already_hashed}")
-                      @log.error("-> sent data:")
-                      @log.error(document)
-                      @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
-                    end
+            similar_sets.each { |lookup_set|
-                    break
-                  end
+              lookup_set_match_found = false
-                rescue => e
-                  if @log.error?
-                    @log.error("[check] Blockstack.checkFederativeServer raised exception:")
-                    @log.error("#{e.class}, #{e.message}")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
-                  end
+              res["docs"].each { |res_doc|
-                  raise e
-                end
+                is_matching = true
-                # b) check tree signature
-                federative_server_pubkey = nil
+                lookup_set.each { |lookup_field|
+                  sent_doc_val = sent_document[lookup_field]
+                  res_doc_val = res_doc[lookup_field]
-                begin
-                  federative_server_pubkey = blockstackClient.getPublicKey(reciept["federative_server_id"])
-                rescue => e
-                  if @log.error?
-                    @log.error("[check] Blockstack.getPublicKey raised exception:")
-                    @log.error("#{e.class}, #{e.message}")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
+                  if sent_doc_val != res_doc_val
+                    is_matching = false
+                    break
                   end
+                }
-                  raise e
-                end
+                if is_matching
+                  matching_doc_hash = self.get_doc_hash(res_doc)
+                  matching_doc_hash = Digest::SHA512.hexdigest(matching_doc_hash)
-                if federative_server_pubkey == nil
-                  if @log.error?
-                    @log.error("[check] not a valid blockchain reciept - failed to retrieve public key for federative server '"+ reciept["federative_server_id"] +"'")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
-                  end
+                  matching_exact_match = validated_data_points[matching_doc_hash]
-                  break
-                end
-                if @log.debug?
-                  @log.debug("federative server pubkey:")
-                  @log.debug(federative_server_pubkey)
-                end
+                  lookup_set.each { |lookup_field|
-                begin
-                  if !signaturesHelper.checkTreeSignature(computed_tree_root_hash, blockchain_txid, blockchain_block_hash, blockchain_timestamp, reciept["federative_server_id"], reciept["federative_server_version"], Base64.decode64(reciept["tree_signature"]), federative_server_pubkey)
-                    if @log.error?
-                      @log.error("[check] not a valid blockchain reciept - failed to verify tree signature")
-                      @log.error("-> client_id: #{client_id}")
-                      @log.error("-> api_url: #{api_url}")
-                      @log.debug("-> is_already_hashed: #{is_already_hashed}")
-                      @log.error("-> sent data:")
-                      @log.error(document)
-                      @log.error("--> computed_tree_root_hash: #{computed_tree_root_hash}")
-                      @log.error("--> blockchain_txid: #{blockchain_txid}")
-                      @log.error("--> blockchain_block_hash: #{blockchain_block_hash}")
-                      @log.error("--> blockchain_timestamp: #{blockchain_timestamp}")
-                      @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
-                      @log.error("--> federative_server_version: "+ reciept["federative_server_version"])
-                      @log.error("--> tree_signature: "+ Base64.decode64(reciept["tree_signature"]))
-                      @log.error("--> federative_server_pubkey: #{federative_server_pubkey}")
-                    end
+                    lookup_field_hashed = Digest::SHA512.hexdigest(lookup_field)
-                    break
-                  end
+                    result[lookup_field] = matching_exact_match[lookup_field_hashed]
+                  }
-                rescue => e
-                  if @log.error?
-                    @log.error("[check] Blockstack.checkTreeSignature raised exception:")
-                    @log.error("#{e.class}, #{e.message}")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.debug("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> computed_tree_root_hash: #{computed_tree_root_hash}")
-                    @log.error("--> blockchain_txid: #{blockchain_txid}")
-                    @log.error("--> blockchain_block_hash: #{blockchain_block_hash}")
-                    @log.error("--> blockchain_timestamp: #{blockchain_timestamp}")
-                    @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
-                    @log.error("--> federative_server_version: "+ reciept["federative_server_version"])
-                    @log.error("--> tree_signature: "+ Base64.decode64(reciept["tree_signature"]))
-                    @log.error("--> federative_server_pubkey: #{federative_server_pubkey}")
-                  end
+                  res_doc.each { |field, value|
+                    if !lookup_set.include?(field) && field != "doc_hash"
-                  raise e
-                end
+                      other_field_hashed = Digest::SHA512.hexdigest(field)
+                      if !other_fields_index.key?(field)
+                        other_fields_index[field] = {}
+                      end
-                reciepts_validated += 1
-              }
+                      if !other_fields_index[field].key?(value)
+                        other_fields_index[field][value] = 0
+                      end
-              if reciepts_validated != verification["blockchain_reciepts"].length
-                if @log.error?
-                  @log.error("[check] not a valid verification - not every reciept were validated")
-                  @log.error("field '"+ field +"'")
-                  @log.error(verification)
-                  @log.error(document)
-                end
+                      if matching_exact_match.key?(other_field_hashed)
+                        other_fields_index[field][value] += matching_exact_match[other_field_hashed]
+                      end
-                next
-              end
+                    end
-              # 6. check verification signatures:
-              # a) check verificator record in Blockstack (recursive)
-              # b) check validator record in Blockstack (recursive)
-              # c) verificator_sig
-              # d) validtor_sig
-              # a) check verificator record in Blockstack (recursive)
-              begin
-                if !blockstackClient.checkVerificator(verification["verificator_id"])
-                  if @log.error?
-                    @log.error("[check] not a valid verification - failed to check verificator record")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> verificator_id: "+ verification["verificator_id"])
-                  end
+                  }
-                  next
+                  lookup_set_match_found = true
                 end
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Blockstack.checkVerificator raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> verificator_id: "+ verification["verificator_id"])
+                if is_matching
+                  break
                 end
+              }
-                raise e
+              if lookup_set_match_found
+                break
               end
-              # b) check validator record in Blockstack (recursive)
-              begin
-                if !blockstackClient.checkValidator(verification["validator_id"])
-                  if @log.error?
-                    @log.error("[check] not a valid verification - failed to check validator record")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> validator_id: "+ verification["validator_id"])
-                  end
+            }
-                  next
-                end
+            other_fields_index.each { |field, values|
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Blockstack.checkValidator raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> validator_id: "+ verification["validator_id"])
-                end
+              if values.length == 1
-                raise e
+                values.take(1).each { |value, validated_count|
+                  if value == sent_document[field]
+                    result[field] = validated_count
+                  else
+                    possible_mistakes.push(field)
+                  end
+                }
+              else
+                possible_mistakes.push(field)
               end
-              # c) check verificator's signature
-              verificator_pubkey = nil
+            }
-              begin
+            return {
+              "status"            => "success",
+              "possible_mistakes" => possible_mistakes,
+              "validated"         => result
+            }
-                verificator_pubkey = blockstackClient.getPublicKey(verification["verificator_id"])
+          end
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Blockstack.getPublicKey raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> verificator_id: "+ verification["verificator_id"])
-                end
+        end
-                raise e
-              end
+      end
+    end
-              if verificator_pubkey == nil
-                if @log.error?
-                  @log.error("[check] failed to retrieve public key for verificator")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> verificator_id: "+ verification["verificator_id"])
-                end
+    def validate_data_points(data_points, documents)
-                next
-              end
+      output = {}
-              if @log.debug?
-                @log.debug("verificator pubkey:")
-                @log.debug(verificator_pubkey)
-              end
+      blockchainConnection = VChainClient::BlockchainConnection.new(@config)
-              begin
-                if !signaturesHelper.checkVerificationSignature(field_hash, data_hash, verification["type"], verification["timestamp"], verification["verificator_id"], verificator_pubkey, Base64.decode64(verification["verificator_sig"]))
-                  if @log.error?
-                    @log.error("[check] not a valid verification - failed to check verificator signature")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> field_hash: #{field_hash}")
-                    @log.error("--> data_hash")
-                    @log.error("--> verification_type: "+ verification["type"])
-                    @log.error("--> verification_timestamp: "+ verification["timestamp"].to_s)
-                    @log.error("--> verificator_id: "+ verification["verificator_id"])
-                    @log.error("--> verificator_pubkey: "+ verificator_pubkey)
-                    @log.error("--> verificator_sig: "+ Base64.decode64(verification["verificator_sig"]))
-                  end
+      blockstackClient = VChainClient::BlockstackClient.new(@config)
-                  next
-                end
+      signaturesHelper = VChainClient::Signatures.new(@config)
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Signatures.checkVerificationSignature raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> field_hash: #{field_hash}")
-                  @log.error("--> data_hash")
-                  @log.error("--> verification_type: "+ verification["type"])
-                  @log.error("--> verification_timestamp: "+ verification["timestamp"].to_s)
-                  @log.error("--> verificator_id: "+ verification["verificator_id"])
-                  @log.error("--> verificator_pubkey: "+ verificator_pubkey)
-                  @log.error("--> verificator_sig: "+ Base64.decode64(verification["verificator_sig"]))
-                end
+      documents_index = {}
-                raise e
-              end
+      documents.each { |document|
+        hashed_doc = self.full_hash(document)
+        hashed_doc["original_doc_hash"] = self.get_doc_hash(document)
+        documents_index[hashed_doc["doc_hash"]] = hashed_doc
+      }
-              # d) check validator's signature
-              validator_pubkey = nil
+      data_points.each { |data_point|
-              begin
+        if !data_point.key?("blockchain_reciepts")
+          if @log.error?
+            @log.error("[check] not a valid data point - no blockchain_reciepts key")
+            @log.error(data_point)
+          end
-               validator_pubkey = blockstackClient.getPublicKey(verification["validator_id"])
+          next
+        end
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Blockstack.getPublicKey raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> validator_id: "+ verification["validator_id"])
-                end
+        if data_point["blockchain_reciepts"].length <= 0
+          if @log.error?
+            @log.error("[check] not a valid data point - blockchain_reciepts is empty")
+            @log.error(data_point)
+          end
-                raise e
-              end
+          next
+        end
-              if validator_pubkey == nil
-                if @log.error?
-                  @log.error("[check] failed to retrieve pubic key for validator")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> validator_id: "+ verification["validator_id"])
-                end
+        if !documents_index.key?(data_point["doc_hash"])
+          if @log.error?
+            @log.error("[check] not a valid data point - no such doc_hash in docs returned")
+            @log.error(data_point)
+          end
-                next
-              end
+          next
+        end
-              if @log.debug?
-                @log.debug("validator pubkey:")
-                @log.debug(validator_pubkey)
-              end
+        document = documents_index[data_point["doc_hash"]]
-              begin
-                if !signaturesHelper.checkVerificationSignature(field_hash, data_hash, verification["type"], verification["timestamp"], verification["validator_id"], validator_pubkey, Base64.decode64(verification["validator_sig"]))
-                  if @log.error?
-                    @log.error("[check] not a valid verification - failed to check verificator signature")
-                    @log.error("-> client_id: #{client_id}")
-                    @log.error("-> api_url: #{api_url}")
-                    @log.error("-> is_already_hashed: #{is_already_hashed}")
-                    @log.error("-> sent data:")
-                    @log.error(document)
-                    @log.error("--> field_hash: #{field_hash}")
-                    @log.error("--> data_hash")
-                    @log.error("--> verification_type: "+ verification["type"])
-                    @log.error("--> verification_timestamp: "+ verification["timestamp"].to_s)
-                    @log.error("--> validator_id: "+ verification["validator_id"])
-                    @log.error("--> validator_pubkey: "+ validator_pubkey)
-                    @log.error("--> validator_sig: "+ Base64.decode64(verification["validator_sig"]))
-                  end
+        doc_hash = Digest::SHA512.hexdigest(document["original_doc_hash"])
-                  next
-                end
+        # 1a. check doc_hash
+        if doc_hash != data_point["doc_hash"]
+          if @log.error?
+            @log.error("[check] not a valid data point - doc_hash mismatch ("+ data_point["doc_hash"] +")")
+          end
-              rescue => e
-                if @log.error?
-                  @log.error("[check] Signatures.checkVerificationSignature raised exception:")
-                  @log.error("#{e.class}, #{e.message}")
-                  @log.error("-> client_id: #{client_id}")
-                  @log.error("-> api_url: #{api_url}")
-                  @log.error("-> is_already_hashed: #{is_already_hashed}")
-                  @log.error("-> sent data:")
-                  @log.error(document)
-                  @log.error("--> field_hash: #{field_hash}")
-                  @log.error("--> data_hash")
-                  @log.error("--> verification_type: "+ verification["type"])
-                  @log.error("--> verification_timestamp: "+ verification["timestamp"].to_s)
-                  @log.error("--> validator_id: "+ verification["validator_id"])
-                  @log.error("--> validator_pubkey: "+ validator_pubkey)
-                  @log.error("--> validator_sig: "+ Base64.decode64(verification["validator_sig"]))
-                end
+          next
+        end
-                raise e
-              end
+        # 1b. check field_hash
+        if !document.key?(data_point["field_hash"])
+          if @log.error?
+            @log.error("[check] not a valid data point - field_hash mismatch ("+ data_point["field_hash"] +")")
+          end
+          next
+        end
+        # 1c. check data_hash
+        data_hash = document[data_point["field_hash"]]
+        if data_hash != data_point["data_hash"]
+          if @log.error?
+            @log.error("[check] not a valid data point - data_hash mismatch ("+ data_hash +")")
+          end
+          next
+        end
+        # 1d. check data_point_hash
+        checksum_to_hash = data_point["field_hash"] + data_point["data_hash"] + data_point["doc_hash"] + data_point["type"] + data_point["issuer_sig"] + data_point["issuer_id"] + data_point["validator_sig"] + data_point["validator_id"] + data_point["weight"] + data_point["timestamp"]
+        checksum = Digest::SHA512.hexdigest(checksum_to_hash)
+        if checksum != data_point["data_point_hash"]
+          if @log.error?
+            @log.error("[check] not a valid data point - checksum mismatch ("+ checksum +")")
+          end
+          next
+        end
+        # 2. check verification_hash to be in target_proof's
+        # first element
+        reciepts_validated = 0
+        data_point["blockchain_reciepts"].each { |reciept|
+          if !reciept.key?("target_proof")
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - no target_proof")
+              @log.error(reciept)
+            end
+            break
+          end
+          if reciept["target_proof"].length <= 0
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - target_proof length is <= 0")
+              @log.error(reciept)
+            end
+            break
+          end
+          if reciept["target_proof"][0]["left"] != data_point["data_point_hash"] && reciept["target_proof"][0]["right"] != data_point["data_point_hash"]
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - no target element in target_proof.0")
+              @log.error(reciept)
+            end
+            break
+          end
+          # verification_hash is in tree
+          # and in right position
+          # now,
+          # 3. check tree convergence to root hash
+          # and compare this computed root hash
+          # with merkle_tree_root_hash from response
+          computed_tree_root_hash = self.build_merkle_tree(reciept["target_proof"], reciept["timestamp"])
+          if computed_tree_root_hash == nil
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - failed to compute tree root hash")
+              @log.error(reciept)
+            end
+            break
+          end
+          if computed_tree_root_hash != reciept["merkle_tree_root_hash"]
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - merkle tree root hash mismatch ("+ computed_tree_root_hash +", "+ reciept["merkle_tree_root_hash"] +")")
+              @log.error(reciept)
+            end
+            break
+          end
+          last_proof_index = reciept["target_proof"].length - 1
+          reciept_stored_last_parent = reciept["target_proof"][last_proof_index]["parent"]
+          if reciept_stored_last_parent != computed_tree_root_hash
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - last stored parent != computed_tree_root_hash ("+ reciept_stored_last_parent +", "+ computed_tree_root_hash +")")
+              @log.error(reciept)
+            end
+            break
+          end
+          # 4. check OP_RETURN in Bitcoin's tx,
+          # compare it to computed root hash of a tree
+          # retrieve some info from tx to verify signature
+          tx = nil
+          begin
+            tx = blockchainConnection.getTx(reciept["blockchain_txid"])
+          rescue => e
+            if @log.error?
+              @log.error("[check] BlockchainConnection.getTx raised exception:")
+              @log.error("#{e.class}, #{e.message}")
+            end
+            raise e
+          end
+          if tx == nil
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - failed to retrieve TX from Blockchain")
+              @log.error(reciept)
+            end
+            break
+          end
+          if tx["block_hash"] != reciept["blockchain_block_hash"]
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - block_hash mismatch")
+              @log.error(tx)
+              @log.error(reciept)
+            end
+            break
+          end
+          if tx["block_timestamp"] != reciept["blockchain_timestamp"]
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - timestamp mismatch")
+              @log.error(tx)
+              @log.error(reciept)
+            end
+            break
+          end
-              # 7. timestamps checking
-              # TODO
+          if tx["op_return"] != computed_tree_root_hash
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - op_return mismatch")
+              @log.error(computed_tree_root_hash)
+              @log.error(tx)
+              @log.error(reciept)
+            end
+            break
+          end
+          blockchain_txid = reciept["blockchain_txid"];
+          blockchain_block_hash = tx["block_hash"];
+          blockchain_timestamp = tx["block_timestamp"];
+          # 5. check tree signature:
+          # a) federative server record in Blockstack (recursive)
+          # b) tree_signature
+          # a) federative server record in Blockstack (recursive)
+          begin
-              if !validated_verifications.key?(field)
-                validated_verifications[field] = 0
+            if !blockstackClient.checkFederativeServer(reciept["federative_server_id"])
+              if @log.error?
+                @log.error("[check] not a valid blockchain reciept - failed to check federative server")
+                @log.error(reciept)
               end
-              validated_verifications[field] = validated_verifications[field] + 1
-            }
-          else
-            if @log.debug?
-              vers_count = 0
-              if v.key?("verifications") && v["verifications"].length > 0
-                vers_count = v["verifications"].length.to_s
+              break
+            end
+          rescue => e
+            if @log.error?
+              @log.error("[check] Blockstack.checkFederativeServer raised exception:")
+              @log.error("#{e.class}, #{e.message}")
+              @log.error(reciept)
+            end
+            raise e
+          end
+          # b) check tree signature
+          federative_server_pubkey = nil
+          begin
+            federative_server_pubkey = blockstackClient.getPublicKey(reciept["federative_server_id"])
+          rescue => e
+            if @log.error?
+              @log.error("[check] Blockstack.getPublicKey raised exception:")
+              @log.error("#{e.class}, #{e.message}")
+              @log.error(reciept)
+            end
+            raise e
+          end
+          if federative_server_pubkey == nil
+            if @log.error?
+              @log.error("[check] not a valid blockchain reciept - failed to retrieve public key for federative server '"+ reciept["federative_server_id"] +"'")
+              @log.error(reciept)
+            end
+            break
+          end
+          begin
+            if !signaturesHelper.checkTreeSignature(computed_tree_root_hash, blockchain_txid, blockchain_block_hash, blockchain_timestamp, reciept["federative_server_id"], reciept["federative_server_version"], Base64.decode64(reciept["tree_signature"]), federative_server_pubkey)
+              if @log.error?
+                @log.error("[check] not a valid blockchain reciept - failed to verify tree signature")
+                @log.error(reciept)
+                @log.error("--> computed_tree_root_hash: #{computed_tree_root_hash}")
+                @log.error("--> blockchain_txid: #{blockchain_txid}")
+                @log.error("--> blockchain_block_hash: #{blockchain_block_hash}")
+                @log.error("--> blockchain_timestamp: #{blockchain_timestamp}")
+                @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
+                @log.error("--> federative_server_version: "+ reciept["federative_server_version"])
+                @log.error("--> tree_signature: "+ Base64.decode64(reciept["tree_signature"]))
+                @log.error("--> federative_server_pubkey: #{federative_server_pubkey}")
               end
-              @log.debug("[check] skip '"+ field +"', number of recieved verifications: "+ vers_count.to_s)
+              break
+            end
+          rescue => e
+            if @log.error?
+              @log.error("[check] Blockstack.checkTreeSignature raised exception:")
+              @log.error("#{e.class}, #{e.message}")
+              @log.error(reciept)
+              @log.error("--> computed_tree_root_hash: #{computed_tree_root_hash}")
+              @log.error("--> blockchain_txid: #{blockchain_txid}")
+              @log.error("--> blockchain_block_hash: #{blockchain_block_hash}")
+              @log.error("--> blockchain_timestamp: #{blockchain_timestamp}")
+              @log.error("--> federative_server_id: "+ reciept["federative_server_id"])
+              @log.error("--> federative_server_version: "+ reciept["federative_server_version"])
+              @log.error("--> tree_signature: "+ Base64.decode64(reciept["tree_signature"]))
+              @log.error("--> federative_server_pubkey: #{federative_server_pubkey}")
             end
-          end
+            raise e
+          end
+          reciepts_validated += 1
         }
-        if @log.debug?
-          @log.debug("[check] temp validated verifications:")
-          @log.debug(validated_verifications)
+        if reciepts_validated != data_point["blockchain_reciepts"].length
+          if @log.error?
+            @log.error("[check] not a valid verification - not every reciept were validated")
+          end
+          next
         end
-        # check input fields
-        input.each_with_index { |field,index|
-          if field[0] != 'type' && field[0] != 'client_id'
-            if !validated_verifications.key?(field[0])
-              validated_verifications[field[0]] = 0
+        # 6. check verification signatures:
+        # a) check verificator record in Blockstack (recursive)
+        # b) check validator record in Blockstack (recursive)
+        # c) verificator_sig
+        # d) validtor_sig
+        # a) check verificator record in Blockstack (recursive)
+        begin
+          if !blockstackClient.checkVerificator(data_point["issuer_id"])
+            if @log.error?
+              @log.error("[check] not a valid verification - failed to check verificator record")
+              @log.error("--> verificator_id: "+ data_point["issuer_id"])
             end
+            next
           end
-        }
+        rescue => e
+          if @log.error?
+            @log.error("[check] Blockstack.checkVerificator raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> verificator_id: "+ data_point["issuer_id"])
+          end
+          raise e
+        end
+        # b) check validator record in Blockstack (recursive)
+        begin
+          if !blockstackClient.checkValidator(data_point["validator_id"])
+            if @log.error?
+              @log.error("[check] not a valid verification - failed to check validator record")
+              @log.error("--> validator_id: "+ data_point["validator_id"])
+            end
+            next
+          end
+        rescue => e
+          if @log.error?
+            @log.error("[check] Blockstack.checkValidator raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> validator_id: "+ data_point["validator_id"])
+          end
+          raise e
+        end
+        # c) check verificator's signature
+        verificator_pubkey = nil
+        begin
+          verificator_pubkey = blockstackClient.getPublicKey(data_point["issuer_id"])
+        rescue => e
+          if @log.error?
+            @log.error("[check] Blockstack.getPublicKey raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> verificator_id: "+ data_point["issuer_id"])
+          end
+          raise e
+        end
+        if verificator_pubkey == nil
+          if @log.error?
+            @log.error("[check] failed to retrieve public key for verificator")
+            @log.error(document)
+            @log.error("--> verificator_id: "+ data_point["issuer_id"])
+          end
+          next
+        end
         if @log.debug?
-          @log.debug("[check] resulted validated verifications:")
-          @log.debug(validated_verifications)
+          @log.debug("verificator pubkey:")
+          @log.debug(verificator_pubkey)
         end
-      end
-      if res["status"] == "ERROR" || res["status"] == "error"
+        begin
-        if res["error_reason_code"] == "DOCUMENT_POSSIBLE_MISTAKES"
+          if !signaturesHelper.checkVerificationSignature(data_point["field_hash"], data_point["data_hash"], data_point["doc_hash"], data_point["type"], data_point["weight"], data_point["timestamp"], data_point["issuer_id"], verificator_pubkey, Base64.decode64(data_point["issuer_sig"]))
+            if @log.error?
+              @log.error("[check] not a valid verification - failed to check verificator signature")
+              @log.error("--> field_hash: "+ data_point["field_hash"])
+              @log.error("--> data_hash: "+ data_point["data_hash"])
+              @log.error("--> doc_hash: "+ data_point["doc_hash"])
+              @log.error("--> type: "+ data_point["type"])
+              @log.error("--> weight: "+ data_point["weight"].to_s)
+              @log.error("--> timestamp: "+ data_point["timestamp"].to_s)
+              @log.error("--> verificator_id: "+ data_point["issuer_id"])
+              @log.error("--> verificator_pubkey: "+ verificator_pubkey)
+              @log.error("--> verificator_sig: "+ data_point["issuer_sig"])
+            end
-          possible_mistakes_output = {}
+            next
+          end
-          if res.key?("possible_mistakes")
-            res["possible_mistakes"].each_with_index { |field,index|
+        rescue => e
+          if @log.error?
+            @log.error("[check] Signatures.checkVerificationSignature raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> field_hash: "+ data_point["field_hash"])
+            @log.error("--> data_hash: "+ data_point["data_hash"])
+            @log.error("--> doc_hash: "+ data_point["doc_hash"])
+            @log.error("--> type: "+ data_point["type"])
+            @log.error("--> weight: "+ data_point["weight"].to_s)
+            @log.error("--> timestamp: "+ data_point["timestamp"].to_s)
+            @log.error("--> verificator_id: "+ data_point["issuer_id"])
+            @log.error("--> verificator_pubkey: "+ verificator_pubkey)
+            @log.error("--> verificator_sig: "+ data_point["issuer_sig"])
+          end
-              possible_mistakes_output[field[0]] = validated_verifications[field[0]]
+          raise e
+        end
-              validated_verifications.delete(field[0])
-            }
+        # d) check validator's signature
+        validator_pubkey = nil
+        begin
+         validator_pubkey = blockstackClient.getPublicKey(data_point["validator_id"])
+        rescue => e
+          if @log.error?
+            @log.error("[check] Blockstack.getPublicKey raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> validator_id: "+ data_point["validator_id"])
           end
-          return {
-            "status"            => "error",
-            "possible_mistakes" => possible_mistakes_output,
-            "validated"         => validated_verifications,
-            "reason"            => res["error_reason_code"]
-          }
+          raise e
         end
-      	return {
-          "status" => "error",
-          "reason" => res["error_reason_code"]
-        }
+        if validator_pubkey == nil
+          if @log.error?
+            @log.error("[check] failed to retrieve pubic key for validator")
+            @log.error("--> validator_id: "+ data_point["validator_id"])
+          end
-      else
-        # success result
-    		return validated_verifications
+          next
+        end
-      end
+        if @log.debug?
+          @log.debug("validator pubkey:")
+          @log.debug(validator_pubkey)
+        end
+        begin
+          if !signaturesHelper.checkVerificationSignature(data_point["field_hash"], data_point["data_hash"], data_point["doc_hash"], data_point["type"], data_point["weight"], data_point["timestamp"], data_point["validator_id"], validator_pubkey, Base64.decode64(data_point["validator_sig"]))
+            if @log.error?
+              @log.error("[check] not a valid verification - failed to check validator signature")
+              @log.error("--> field_hash: "+ data_point["field_hash"])
+              @log.error("--> data_hash: "+ data_point["data_hash"])
+              @log.error("--> doc_hash: "+ data_point["doc_hash"])
+              @log.error("--> type: "+ data_point["type"])
+              @log.error("--> weight: "+ data_point["weight"].to_s)
+              @log.error("--> timestamp: "+ data_point["timestamp"].to_s)
+              @log.error("--> validator_id: "+ data_point["validator_id"])
+              @log.error("--> validator_pubkey: "+ validator_pubkey)
+              @log.error("--> validator_sig: "+ Base64.encode64(data_point["validator_sig"]))
+            end
+            next
+          end
+        rescue => e
+          if @log.error?
+            @log.error("[check] Signatures.checkVerificationSignature raised exception:")
+            @log.error("#{e.class}, #{e.message}")
+            @log.error("--> field_hash: "+ data_point["field_hash"])
+            @log.error("--> data_hash: "+ data_point["data_hash"])
+            @log.error("--> doc_hash: "+ data_point["doc_hash"])
+            @log.error("--> type: "+ data_point["type"])
+            @log.error("--> weight: "+ data_point["weight"].to_s)
+            @log.error("--> timestamp: "+ data_point["timestamp"].to_s)
+            @log.error("--> validator_id: "+ data_point["validator_id"])
+            @log.error("--> validator_pubkey: "+ validator_pubkey)
+            @log.error("--> validator_sig: "+ Base64.encode64(data_point["validator_sig"]))
+          end
+          raise e
+        end
+        # 7. timestamps checking
+        # TODO
+        if !output.key?(data_point["doc_hash"])
+          output[data_point["doc_hash"]] = {}
+        end
+        if !output[data_point["doc_hash"]].key?(data_point["field_hash"])
+          output[data_point["doc_hash"]][data_point["field_hash"]] = 0
+        end
+        output[data_point["doc_hash"]][data_point["field_hash"]] += 1
+      }
+      return output
     end
     def self.generateBlockstackCommand(config)