Fingerprint

Understand the basics

Although the platform should show the Versions for almost all of the contents, it’d still be possible for a system administrator to manipulate the content by editing the database directly.

As mitigation for this risk, the platform shows a fingerprint for some important fields, for instance, a proposal body and title.

Its goal is to provide a way to give an informal "receipt" to a participant so they can detect tampering. A fingerprint is a hashed representation of the content. It’s useful to ensure the content hasn’t been tampered with, as a single modification would result in a totally different value. It’s calculated using a SHA256 hashing algorithm. In order to replicate it yourself, you can use a MD5 calculator online and copy-paste the source data.

Check fingerprint

  1. Go to the content for which you want to verify the fingerprint

  2. Click in the "Check fingerprint" link at the bottom of the page

  3. Copy the source field value

  4. Go to a MD5 calculator online (External link) and copy-paste the source data

  5. Check that fingerprint are the same

Check fingerprint link in page bottom

Check fingerprint modal

MD5calc.com screenshot

It’s also possible to verify the fingerprint with other tools, such as the sha256sum command line tool.

echo -n '{"body":{"en":"This proposal suggests creating a green corridor that connects the north and south districts of Chakar via a bicycle and pedestrian-only route. The corridor would pass through the city center and industrial areas, providing a safe, dedicated path for non-motorized transport, with shade trees, rest spots, and solar-powered lighting."},"title":{"en":"Green Corridor for Cyclists and Pedestrians"}}' | sha256sum