How agreements are recorded on blockchain within a data space

Last week, we explained how Decentralized Identifiers (DIDs) enable the creation of digital identities that do not depend on a single intermediary. However, in a data space it is not only important to know who each participant is, but also how to reliably record the agreements established between them.

When multiple organizations exchange data, they usually define specific conditions: who can use that information, for what purpose, and for how long. To ensure that these agreements are securely and verifiably recorded, our data space uses a smart contract on blockchain.

Its function is to act as a public registry that makes it possible to prove that an agreement exists and has been signed by the involved parties, without the need to publish its content.

Instead of storing the full agreement—which may contain sensitive or confidential information—only its cryptographic fingerprint, known as a hash, is recorded on the blockchain, along with the participants’ signatures. In this way, the system creates verifiable proof that the agreement has taken place, without revealing its details.

The main function of the smart contract carrying out this process is to store agreement hashes, the JWT signatures associated with each of them, and to record the data transfers linked to those agreements.

The digital fingerprint of an agreement

Before being recorded, the agreement identifier is transformed into a unique digital fingerprint using the SHA-256 cryptographic function. This process generates a hash that unequivocally represents that specific agreement.

One of the most important properties of these hashes is that any change in the agreement’s content would produce a completely different result. This makes it easy to detect whether a document has been modified.

Once the hash is generated, each participant digitally signs the agreement using a JWT (JSON Web Token) that contains both the agreement hash and the serialized agreement itself. These JWT signatures make it possible to prove who has accepted a given agreement and link each organization to its commitment.

The role of the Clearing House

Within the data space, the Clearing House acts as the intermediary responsible for registering agreements on the blockchain.

When an agreement is reached, the Clearing House records the hash and signatures in the blockchain smart contract, creating a permanent and immutable record. The contract generates public events that form a history that can be queried at any time, allowing any participant to later verify whether a specific agreement is registered by using its hash. This verification process does not modify the information stored on the blockchain and can be freely carried out by ecosystem participants.

A balance between transparency and confidentiality

The design of this system aims to balance two fundamental needs in data spaces: trust between organizations and the protection of sensitive information.

On the one hand, blockchain provides a public, verifiable, and immutable record that ensures agreements cannot be altered once recorded. On the other hand, the actual content of the agreements is never published on the network.

This way, organizations can prove that they have reached and signed an agreement without disclosing information such as commercial terms, pricing, or contractual details. This mechanism enables data spaces to operate with greater security, transparency, and trust among their participants.