e.firma: Why did Mexico lose 20 years in FinTech?

For years, I’ve been working in crypto mostly attracted by the promise of banking the unbanked and creating financial services to improve people’s lives. So far, this hasn’t happened in mass and the morale of my fellow engineers and researchers (including myself) is… down.

Like me, many others have (gratefully) dedicated their time to contribute to an open and decentralized ecosystem. Although the ecosystem is flooded with highly sophisticated scams and Ponzi schemes, the technology has delivered; we have transactions under a dollar, top-notch security, future-proof smart contracts, and interoperable protocols.

Similarly, when I speak to Mexican friends working in this industry, the most common pain is the lack of regulatory clarity. I’ve attended a couple of meetups with lawyers, accountants, and people related to the Mexican FinTech industry to form an opinion, concluding that regulation is there. We just haven’t been able to articulate the pieces correctly.

In this context, I started working on Plumaa ID almost a year ago (which means Pen in Spanish): A platform for digital signatures. That’s literally it. I’m convinced a single digital signature mechanism can change the entire economy if used interoperably with novel technologies like Account Abstraction; hence the “aa” at the end of Plumaa.

Plumaa ID is a non-custodial wallet that enables 23 million users with government credentials. Companies can use this distribution channel to onboard people to RWA projects.

My main motivation was to shape the future I wanted to see, instead of trying to convince everyone to use blockchain, store 12-word recovery passwords, and avoid non-privacy-preserving verification mechanisms where you hold your ID in front of the camera while rotating your face 360 degrees.

To do this, I developed a protocol framework to demonstrate that:

1. Mexican Regulation is ready for crypto: We have the tools, rules, and mechanisms to tokenize the economy in a healthy manner.
2. Crypto is mature enough: There are already plenty of protocols to provide financial services in crypto. Not only that but also government crypto is mature (perhaps too much).
3. México lost 20 years in FinTech innovation: Thanks to companies overcharging trust services and abandoning other high-promising technologies they got licensed to do, we ended up living in a world where Asia is king in QR payments while we’re still struggling to innovate, our most funded companies are predatory financial services, and we ask for email and password to login into digital signature services 🤦‍♂️.

In this article, I’ll explore my view of the financial system, blockchain technologies, and what has meant to build Plumaa ID as a bootstrapped technical entrepreneur. Beware, it’s a long reading, and if you’re unfamiliar with the terms it may feel nonsensical. I encourage you to get in touch if you want to discuss further.

About me

Hi, I’m Ernesto — a 26-year-old software engineer passionate about open-source technologies. For multiple reasons, I studied at business school for 2 years before moving to engineering, where I found myself at the intersection of economics, finance, and computer science after becoming a nerd in blockchain technology. Unfortunately, not a trader nerd, a bits-and-bytes-nerd; one of those I’ve heard someone calling a magician.

I started my journey at Blockchain Academy México, teaching about distributed technologies since 2019. Eventually, I moved out to yotepresto.com, where I learned tons from the FinTech industry while developing Zenfi; a tool to review your credit score and tax information for free.

Today I happily enjoy my job at OpenZeppelin, maintaining the most popular Solidity library and securing billions of dollars in value locked in smart contracts and token transfers amongst the major EVM-compatible blockchains.

I have co-written and co-developed a couple of major standards (EIPs) (mostly my colleagues, honestly) after traveling with friends to ~20 different countries while working and attending Ethereum conferences, where I collaborate on nurturing the infinite garden.

To be clear, I’m not a lawyer, but I’ve read enough laws and rules to feel confident that community processes like Ethereum Improvement Proposal (EIP) development are extremely similar to legislation in many ways. Those I’m experienced in.

Mexican Regulation is ready for crypto

Laws and regulations (similar to how community governance is run in DAOs) often compose a general specification for a particular topic. This specification is agreed on by representatives and members of our society, reaching a consensus.

Blockchains work in a similar way (or at least are supposed to); new rules are written on a canonical text (i.e. the code that runs Ethereum) and as much as validators upgrade (our representatives), we will consume services that depend on those rules.

Among these similarities, there’s one that in my opinion is key: electronic signatures. I mean literally, a digital signature produced by a key, which should’ve given us an idea back then.

Electronic Signatures: Rise and Fall

Starting in 2001, the United Nations Commission on International Trade Law (UNCITRAL) published a Model Law on Electronic Signatures, which included generalized definitions of mechanisms well-known to cryptographers.

The law defined concepts like “certificate“, “data message“, “signature creation data“ and “signatory“. In their general meaning, they don’t say much. However, the PDF relies heavily on public key cryptography jargon, and it even has a section where it needs to explain that various other devices are also covered in the broad notion of electronic signatures.

In August 2003, Mexico incorporated these definitions in its Commerce Law. Most of the definitions were translated and lost their meaning, leading to the proliferation of services that try to simulate the properties of public-key-based digital signatures. Given the lack of a better technology for digital signatures, all were covered under the regulation.

Around the same time, the Mexican Tax Offices (SAT) started certifying public keys to their users under a program called “Tu firma“. Both the Bank of Mexico and SAT pushed efforts to introduce cryptographic services to the general population.

In 2005, the Bank of Mexico announced its Public Key Infrastructure called “Infraestructura Extendida de Seguridad“, which enables SPEI (money transfers) and other financial services between private banks using digital signatures today.

The efforts eventually led to the Advanced Electronic Signatures Law in 2012, which defined how cryptographic services would work and established the rules for private trust providers to offer 2 cryptographic services. Although they do more, these are the two that are entirely algorithmic, don’t require third-party validation, are truly self-sovereign, and use Banxico’s infrastructure:

• NOM-151 Certificate: A signed certificate from the trusted provider saying “Yes, I saw this message with hash [SOMETHING] at [SOMETIME]“
• Digital Signature Certificate: A signed certificate from the trusted provider saying “Yes, this is [SOMEONE] and their public key is [SOMETHING]“

If this happened around 2017 when everyone was doing ICOs (Initial Coin Offerings) we would’ve gone crazy. Unfortunately (or fortunately) the law came too soon and other trust providers were established in the country, mainly offering NOM-151 Certificates for legal firms. Perhaps only 1 or 2 still produced digital signature certificates.

We entered a Nash equilibrium; a game-theory phenomenon when no party has incentives to change their strategy although it would be better to do so.

Since SAT started offering digital signature certificates for free, there was no reason for trust providers to compete. And, given the simplicity of the remaining NOM-151 certificate, there were few ways to differentiate themselves other than building digital signature apps and offering services like international blacklists and facial recognition.

Currently, the use of digital signatures in Mexico is stronger than ever. However, one of the intentions of the 2012 law was to have an open market where trust providers would compete and the citizens would eventually select the most secure alternative. I think people are choosing crypto.

Crypto Bros vs. Fintech Guys

The pro-crypto crowd is a very diverse community. The technology is so equalitarian that anyone can participate. I’m not talking about specific technologies, but more in the broad sense that anyone can use blockchain as they want, and the properties that may be meaningful for me (such as decentralization) might not be for you. In any case, tools exist and enable us equally.

As a result, communities around blockchains have formed. Some consider themselves cultural extensions of others, sharing the same values and making it easier for people to develop new protocols.

Millions of dollars have been poured into this industry through Venture Capital, positively impacting the research and development around usability in crypto. Yes. using crypto assets is still a pain, but compare it to what using the Mexican e.firma is:

From my experience, the FinTech crowd in Mexico has a different culture. One where unicorns are not in the logo of the main companies and instead, where the startups were founded by people experienced in the financial sector who saw the 2008 crisis.

They are currently closing series A deals to accelerate the financialization of the economy by providing better access to credit and services. Some of them have claimed to be fighting against the banks, which I applaud to some degree.

These FinTech professionals are well-versed in technologies of our financial system, such as the “credit score”, SPEI, and providing physical cards to millions.

While both groups are extremely knowledgeable, they’ve failed at speaking because they fail to understand each other’s cultures. Especially, I’ve found the crypto crowd (particularly some self-claimed experts) to be unusually wary of using government technology. However, I understand the feeling after some countries have gotten tough against their pro-crypto community.

One would expect that the FinTech crowd will understand the benefits of using crypto and that the crypto community should be very well-versed in blockchain technologies. However, this is not that true, I’ve heard “they don’t want to do/use/try X“ from both sides. In my opinion, they should look for common ground.

The reform of the General Law of Negotiable Instruments and Credit Operations (LGTOC)

Back in March 2024, a change to the regulation that specifies how “Títulos de Crédito“ (ie. negotiable instruments) work formalized some practices that were already common within the FinTech industry: using the e.firma to sign documents and represent literal rights written on them, as well as transferring and validating digital signatures.

It specifies that endorsements (i.e. transfers) can be done by digital means, using technologies like electronic signatures in an *informational system. *This so-called informational system is purposely not defined to bring technological neutrality so that new players can innovate in services for these instruments.

As part of the requirements, the negotiable instruments required an uninterrupted chain of transfers, which is easy to provide using an event indexer of an ERC-721 deployed on the blockchain (aka. NFT). The whole reform smelled like blockchain technologies. Yet, the bridge was to be built.

When you sit down and hear the FinTech legal experts and the top-notch law firms on the new reform, all agree that the e.firma is the most secure identity technology in Mexico. Still, when it comes to usage, they’d rather keep verifying with an OBS camera and checking a photo with AI to make sure it’s the right person, effectively undermining its security. Wasn’t the e.firma that secure, folks?

Even the crypto crowd may argue that it’s not secure because it’s normal use to share it with your accountant. Although I agree that’s terrible, shouldn’t be the point that we don’t need to share it in the first place? We need better technologies and the trust providers have failed to enable us.

For some, it may seem dumb to put the e.firma in an application like we did at Plumaa ID. However, I believe it is the missing piece for making both worlds co-exist while providing regulatory clarity and respecting the best security practices in the crypto space.

Crypto is Mature enough

When friends and colleagues refer to regulation in the context of crypto, they often mean cryptocurrency. While I agree with this view, I’d rather focus on crypto as cryptography, since I believe we need to step back and reconsider the basics.

My take is that complaints about regulation usually come after expecting the authorities to define cryptocurrency formally within our laws. I don’t think that should happen, and we shouldn’t push for that. Otherwise, we’ll define a whole new category of things we should legislate on and the specifics will make regulation even tougher.

I claim crypto is mature enough because there are plenty of protocols with billions in value locked, ready to be consumed. In parallel, the community of researchers is currently working on novel mathematical models and technologies that defy our understanding of crypto. We just need to interface these protocols with our regulations.

Cryptography as a tool

Perhaps interfacing may sound a bit too technical for many. Let me reuse a common example I’ve heard multiple times among the crypto community:

Crypto is just a tool. You can kill someone with a hammer or build an entire house.

While I like this analogy, I think it’s too simplistic since there should be a screw to hammer in the first place. The surface of the screw where the hammer should hit is what I’m calling an interface.

Interfaces are special because they define the rules of interactions. As such, both the Crypto assets and FinTech companies are just a ton of interactions between services, in which we’re looking to provide the following informational properties:

• Integrity
• Authenticity

Whenever any of these informational properties are broken, our systems fork and an authority is needed (e.g. the largest chain, a first-instance jury) to resolve a dispute. On one hand, the Mexican legal system relies on very deficient oracles to resolve disputes. On the other, Blockchain has been proven to be a tool that very rarely violates these informational properties thanks to cryptography.

As opposed to the general understanding of cryptography, in the financial system, cryptography is not about secrecy but more about integrity and authenticity. I’m tired of hearing banking security experts recommending avoiding phishing and social-engineering attacks when these are only possible because we’re not using crypto at the user level.

The reality is that Banxico’s public key infrastructure provides so many guarantees that people only have to worry about secondary issues like having their passports leaked on the internet. Isn’t that beautiful? SPEI just works. Cryptography just works.

In the same way, the underlying reason Blockchain can keep these informational properties is that it depends on cryptographic guarantees rather than physical controls as most trust providers do (and are licensed for!).

As of now, multiple projects are interfacing blockchain with the real world. Some notable examples are the ZK Notary; a technology that allows creating website content proofs using the signature in the browser’s green lock. If you didn’t know, every time you see the green lock in your browser, you’re looking at a certificate and signature with the same format as your e.firma and Banxico’s Infrastructure.

As a result, shortly you’ll be able to trade anything on secondary markets. For example, you can create proof you own a Ticketmaster ticket and then resell the right to claim it on the website. Another example is that you can prove you have “X” credit score and get a loan on-chain. I’d be afraid if I were running a bank or a Fintech.

The potential of real-world cryptography is that we no longer have to convince anyone to use crypto. Instead, we can just take it and provide better financial services without permission. This is the spirit of Plumaa ID.

Cryptoassets as a tool

In case you didn’t know, there’s cryptography in cryptoassets, duh. In my opinion, democratizing the informational properties guaranteed by the cryptography behind cryptoassets is the most meaningful revolution.

Perhaps people demand regulation on cryptoassets because they don’t realize it’s just a tool that’s incredibly good at solving the very same problems the financial system is trying to solve at its deepest level. Those that are related to finality, identity, and liquidity.

To make it clear, let me define these 3 problems so I can share why I think they’re fundamentally the same for both cryptoassets and our financial system:

• Finality: The requirements needed to consider that an operation is in its final state and shouldn’t change.
• Identity: The guarantee that the user interacting with your system is whoever they say they are.
• Liquidity: A measurement of how many assets are available to use and operate, and how easy it is to do so.

Using these definitions, perhaps it’s easier to see banks are implementing annoying 2FA and physical devices to ensure finality, FinTechs are adding layers of AI and ID verification to ensure identity, and both are fighting to access sources of liquidity. Cryptoassets do better in all of these categories.

I know cryptoassets are a sensitive topic after many got scammed and lost their saving in past years. However, the narrative hasn’t changed much and everything in media has to do with how dead NFTs are, amongst various other bad news. I agree, but, can we revisit NFTs as a standard and not as a monkey JPEG? They’re great for tokenizing negotiable instruments under the current Mexican law

The most powerful tools are those already in use

So far I’ve shared that both cryptoassets and cryptography are just tools. I hope this helps to clarify my opinion that regulation shouldn’t define cryptoassets. The reasoning is that asking for cryptoassets regulation is like asking the law to recognize the paper on which bills are written.

For example, at one of the conferences with accountants I attended, I asked if a cryptoasset that represents a negotiable instrument should be counted in books as a cryptoasset or a negotiable instrument. The answer was clear: as a negotiable instrument. Then why do we need the authorities to provide more clarity on cryptoassets?

Honestly, this analogy of tools is not new, but I bring it up because the simplistic hammer example may justify the crypto community as they think they’re building houses. In that sense, it’s definitely exciting to know Bitcoin is legal tender in El Salvador because it feels like getting permission. Yey?

As someone who helps write Ethereum standards, I believe we misunderstood our tools and took a side. Similarly to how the Ethereum community produces multiple competing EIPs, FinTech in Mexico ended up competing with the services we wanted to deliver on crypto. The focus should be on interoperability instead.

As shown in previous paragraphs, the regulation is ready. And the most powerful tools we have to make this happen are those already in the hands of the people:

• General Law of Negotiable Instruments and Credit Operations (LGTOC): Mexico started creating bills and other financial instruments using these and other commercial laws. Let’s replace paper with cryptoassets and call it a day.
• Advanced Electronic Signature (e.firma): There are nearly 23 million valid certificates. Businesses no longer have to open a bank account to start receiving payments and negotiable instruments. Any FinTech would love to have such a user base.
• Ethereum Ecosystem: The Ethereum ecosystem and its layer 2’s are the most interoperable technologies to build with. Sure, there are still challenges, but the ecosystem ethos is about collaborating through standard interfaces. There’s no other thing like this.

At the beginning of the article, I mentioned that Plumaa ID literally only does digital signatures. As you can see, we just supercharged the e.firma and provided a programmable money framework for developers and lawyers to build on top. We didn’t invent anything, we just raised the questions people should be asking about the e.firma.

Mexico lost 20 years in FinTech innovation

The current digital signature providers out there failed to understand how technologies interoperate. Along with the trust providers, both created walled gardens and even patented some buzzwords to monetize even more. Shame on you guys, the technology is for the people.

The greatest failure to understand digital signatures in México is that we never left the mental model of paper with handwriting. That limited our perspective so we focused on monetizing artifacts like the NOM-151 certificate instead. As a result, lawyers think that the NOM-151 is the signature itself or some sort of certificate that proves the signature. That’s not the case, verifying a signature is free and done through pure math.

The potential of the e.firma today is not in charging almost 80 pesos per certificate. Its potential is to connect 23 million people to the biggest sources of liquidity on earth with the same finality and identity guarantees from the cryptography behind cryptoassets.

Someone had to do it, and trust providers seemed too stagnant to step up after 20 years.

Commoditizing the NOM-151

With nearly 23M users of the “e.firma”, we can safely say it’s a commodity. As proof, very few trust providers continue to provide digital signature certificates given the SAT was giving certificates away for free.

Regardless of whether people use it or not. It’s just another ID we can carry with us, except that it’s too easy to lose it or get it duplicated so the regular people just don’t pay too much attention to it.

Note that of the 2 cryptographic services trust providers offer (including the SAT), one was commoditized: the digital signature certificate. This should give us strong evidence that the NOM-151 certificate should be commoditized too.

To prove how easy it is to produce a certificate under the NOM-151 requirements, it’s important to clarify 2 main aspects of the certificate:

• They preserve nothing: The market bought the idea that these are “certificates of preservation”; giving the false sense that they “preserve” the document. The 49th article of the Commerce Law specifies that merchants must keep their data messages for 10 years. As you can see, trust providers can safely lose your documents and everything will be fine.
• Trust providers only give timestamp assurance: The reasoning behind the NOM-151 certificate was that things expire in crypto and legal systems. For example, the digital signature certificate is only valid for a period. Thus, a trusted source of time was required. Same for commercial acts, I think they prescribe in 5 years when it’s in good faith.

So, if they preserve nothing, how do they work? Well, it turns out that they work more like a witness who gives trust about having watched something in particular at a certain date.

Back in 2021 (I believe), I met Sina while doing my second internship at Google. He was working on a 20% project related to Ethereum and Merkle Trees. Today he’s founded Witness Protocol with his partner Joe (and perhaps I’m missing someone) to bring a service that fully replaces the NOM-151 certificate for free.

In Witness, there’s a set of smart contracts deployed in multiple blockchains that register values in a tree. Why a tree? Because it’s a nerdy technology to make things faster and easier to query.

By giving the document’s fingerprint to Witness (its hash), we can get more than six trusted timestamps (from different blockchains) and guarantee it remains uncensorable.

So the thing is: a trusted provider may start giving users NOM-151 certificates signed by an expired key from the trusted provider (i.e. a no longer valid signature) without them noticing. I’m not saying they’ll do that but rather that they’re a single point of failure. This is why they require too many physical controls specified within their licensed operation.

As such, we encourage every small business in Mexico to certify their documents for free using open-source tools like Witness and their interfaces (not necessarily through Plumaa ID). That’d be helpful if you want to prove a certain date to the authorities; very required in the accounting sector.

To remove this single point of failure, Plumaa ID uses Witness Protocol to provide NOM-151 certificates with better preservation guarantees than the trusted providers for free since I believe the market should stop glorifying hashes. We still sell cheap NOM-151 certificates if you like them.

Interoperability with the financial system

Some may say we don’t need blockchain for digital signatures in México. In my opinion, although this may be true, it’s also true that there’s no other technology that’s optimized for interoperability.

What these people are missing is that they’re rebuilding everything that Blockchain already solved.

• Need a detailed list of non-repudiable financial operations? Query the blockchain
• Need accounting tools for cryptoassets? Query the blockchain
• Need to automate financial operations? Use the blockchain

Sure, who wants to pay for a transaction and wait 10 minutes for settlement when a private trusted provider can do it privately? The problem arises when the number of services trusted providers need to build on top to satisfy your needs will make them charge you twice.

It may be crazy but I think paying less than a dollar to make our data interoperable with multiple systems makes more sense than paying for a NOM-151, but you choose (did you?).

I recognize that blockchain technology is newer than 20 years. However, we didn’t even think about reconciling both in recent times; if the trusted providers were competing in an environment where they could’ve charged for digital signature certificates, perhaps Plumaa ID would’ve existed 10 years ago and Mexico would’ve provided financial services to millions using the e.firma even before blockchain was invented. Perhaps.

Today, banks and institutions are demanding services based on crypto. Several have shown interest in providing **crypto-based infrastructure and are exploring international settlements **among other experiments. However, by being permissive in the e.firma usage, we’ve justified additional verification mechanisms that are now fake “digital signatures“ and are just a centralized system taking the date and a drawing from the screen.

Even worse: we’ve justified a 4-digit PIN as a digital signature.

Looking into the future

Not everything is lost. All of this research has brought my excitement for the industry back and made my work more meaningful than memecoins.

I want to see a world where people use cryptography as a public good, and where math provides us the primitives we need to trust each other in this modern society. Although I’ve shared a couple of things about Plumaa ID, I’d like to emphasize we didn’t invent anything: our ultimate goal is to make a business we can comfortably live off while bringing real value to society.

I encourage other companies to build their version of an e.firma signer if they believe it makes sense. If Plumaa ID demonstrates that services can be better and other providers start leveraging what we’ve built permissionlessly, we will accomplish our initial motivations. In the meantime, remember we have an API and are eager to make our technology as open as possible.

¡Bienvenido a Plumaa ID! - Plumaa ID

To conclude, I share some concrete actions we can take as a society to make crypto services and FinTech co-exist better.

Not software, not hardware: systems.

Considering that the recent negotiable instruments reform mentions an informational system, I’d like to invite everyone to reconsider what a system means. So far, my conversations with notaries and lawyers suggest that they’re all building yet another software to store digital documents. Please stop, that’s incredibly cheap if we create a bucket in the cloud like Amazon S3.

For digital signatures in the traditional sense, there’s a popular project that replaces Docusign called Documenso. I’ve been thinking about offering this setup in Plumaa ID for an extremely cheap subscription, since it’s open source it can have the client’s logo and all that. This is yet another example of how easily the signature can be commoditized.

The point is that we have enough tools and we don’t need more software. Instead, if we focus on making our formats interoperable with each other, we can create informational systems that rely on guarantees over the data instead of software.

Even in hardware, we’ve seen examples of innovations in the financial sector that bring trusted devices where we share our 4-digit PIN there to sign a negotiable instrument called IOU. This is unnecessary if we sign the IOU with a QR code and our e.firma instead.

The e.firma is dying

RSA is a digital signature algorithm that’s not recommended anymore by the National Institute of Standards and Technology (NIST) in the United States. This is the same algorithm that your “e.firma” depends on.

The issue I’d like to raise is not that we’ll be hacked, or that the e.firma is not secure. In my opinion, the real issue is that nobody is talking about this. Quantum computing is a latent threat to the cryptography our financial systems rely on, and it should be considered a national security threat.

For now, the Bank of Mexico’s keys are 4096 bits, which doubles people’s e.firma (2048 bits). I haven’t found any recovery mechanism in case of a catastrophe to our financial system, and we’ll start to see hidden attacks when the cost of breaking a 2048-bit e.firma becomes lower than the richest target.

Imagine you’re a millionaire and suddenly somebody takes unpayable loans in your name after cracking your e.firma with quantum computing. Scary, right? Now imagine explaining that to the judge.

The concrete action to take is demanding the Mexican Secretary of Economy to recognize Elliptic Curve Digital Signature Algorithms, which have proven strong against quantum attacks. Currently, the specification for the advanced signatures law allows for RSA keys starting in sizes of 1024 bits (but allowing for more).

Surprisingly, these elliptic curve keys are the same ones used in the Ethereum ecosystem. By doing this, the government may start certifying Ethereum addresses as part of Banxico’s infrastructure since they’d operate under the same algorithms. Since day one, Mexico could use all the tooling and infrastructure the crypto community has built.

Plumaa ID and other digital signature services would become irrelevant immediately. But, honestly, I’ll be happy if that happens.

Throughout this article, I shared my reasoning for believing that the regulation is ready; after sharing a brief history of the e.firma and why it never took off as a payment system, I also gave my perspective on how I see a division between traditional FinTech and blockchain technologies. I closed with the recent changes to the negotiable instruments legislation and why a really portable e.firma was missing.

Similarly, I provided the rationale behind my opinion that crypto is mature enough already. Both cryptography and cryptoassets are already good enough when you see them as tools. I explored examples of what the use cases may be; closing with a list of the main tools I believe are already available and must be used to empower the next generation of FinTech innovation.

Using Mexican regulation and cryptography, we could’ve democratized financial services after the authorities had put private keys in the hands of 23 million businesses. Regardless, we still have hope if we make sure of commoditizing cryptographic services and making new applications interoperable with both the government’s and blockchain’s cryptography.

To conclude, I share some concrete actions we can take to make the regulation even better, like building systems instead of software and encouraging readers to demand a change to the advanced digital signature specification to allow for more advanced cryptographic keys, improving our technology and giving us drastic guarantees in the foreseeable future.