Skip to content
All posts



Codenotary - Blockchain-Based Code Authentication


In DevOps, where teams can constantly be rearranged and sorted for different purposes, the ability to form groups or change their member status is important. Up until recently, Codenotary strictly offered the easy visualization and verification of containers and all other existing code/digital assets signed by an individual. Now, enterprises can guarantee the trust of all of their DevOps assets, deployed or in development, with the immutability of the blockchain.


What is an Organization in Codenotary?

An organization is actually an alias of a group of public keys belonging to its authorized members. Each member has their own unique pubkey that is then connected to the organization.


Just as individual code signers have to go through a KYC (Know Your Customer) authentication process, organizations have to go through a similar certification in order to prove they are who they say they are.


How Organizations Work in Codenotary

Organization names are created based on the email domain of the registered user who sets up the organization. (Within the command line, an organization name is known as an ‘organization ID’). Once created, the blockchain then stores the new organization’s ID and enables 100% verification transparency of all signed digital assets associated with the ID from that point forward.

Any enterprise user (i.e. a user with an enterprise license) can create an organization for their company. Once the organization is created, any user a part of the new organization can start signing assets under the organization’s name. By becoming the designated organizational admin and can add new users directly from their dashboard as shown below:


Codenotary Organizational Dashboard View


Verifying a Digital Asset Against an Organization

Verification of a digital asset’s signature against a specific organization’s name extends globally. From within the registered organization to beyond its walls, vcn users anywhere can verify a digital asset’s signature against a specific organization’s name. This way, when a digital asset indicates it was signed by, for example, Oracle, users outside of Oracle can know with confidence that Oracle indeed signed the digital asset they want to use.


Let’s look at an example.


Say is member of and uses his pubkey, that has been associated with the organization, to sign an asset.

A user can verify an asset against an organization by using the command:


vcn verify –org=


People can also verify the asset’s integrity by using the pubkey of with the command vcn verify --key. Alternatively, by users can verify an asset simply by using the organization’s name, i.e. its domain name, with the command:


vcn verify –org=


The benefits here of grouping public keys together and connecting them to a domain are huge. For instance, would you rather remember a long alpha-numeric string of random characters like the following:




…or something much simpler like


Verifying Against a Group of Signers (Keys)

Organizations and users are also able to internally verify against groups of signers or organizations such as several vendors like,, and This is particularly helpful when several contractors need to sign off on an asset before it is allowed to be used internally within the hiring organization or before passing the asset off to another contractor. (In the future, admins will be able to invite new users by email to join their organizations.)


Get a free trial account and try out Codenotary for yourself.



Start Free Trial