OpenTimestamps

Last updated
OpenTimestamps
Developer(s) Open
Stable release
0.7.1 [1] / 26 August 2022;2 years ago (2022-08-26) [1]
Repository github.com/opentimestamps/
Written in Python, Java, JavaScript, Rust
Type Decentralized timestamping
License LGPL3
Website opentimestamps.org

OpenTimestamps (OTS) is an open-source [2] project that aims to provide a standard format for blockchain timestamping. [3] With the advent of systems like Bitcoin, it is possible to create and verify proofs of existence of documents (timestamps) without relying on a trusted third party; this represents an enhancement in terms of security, since it excludes the possibility of a malicious (or careless) trusted third party to compromise the timestamp. [4]

Contents

OTS defines a set of rules for conveniently creating timestamps and later independently verifying them. Currently, timestamping with Bitcoin is fully supported, however the format is flexible enough to support a variety of methods. [lower-alpha 1]

Anyone could create timestamps with the permissionless blockchain by paying the transaction fees, for convenience OTS built an infrastructure that aggregates timestamp requests from users and packs them into transactions funded by public calendar servers; as a result, users can timestamp for free, in a trust-minimized setting. [lower-alpha 2]

What is a timestamp

A timestamp is a proof that some data d existed prior to a certain point in time. [5]

To create such proof, it turns out that it is not necessary to publish d on the blockchain, which would be expensive, but it is enough to commitd to the blockchain. Such commitment proves that d existed prior to a certain block, in the sense that if d changes, then the proof becomes invalid and hence useless.

The proof consists in a sequence of commitment operations, such as sha256, append, prepend. [lower-alpha 3] These operations are the cryptographic path that proves that d commits to a certain block header. In other words, that d caused the block header to have its value, indeed, if d were different then, due to the mathematical properties of commitment operations, the block header would be different. To verify the commitment, the operations are applied in sequence to the data d, then the result, which should be the transaction merkle root, is checked to be equal to the one observed in the blockchain; if the check goes fine, then one can assert that d existed prior to the block.

For the timestamped file hello.txt, the OTS proof is encoded in a file named hello.txt.ots which contains:

With this information, a challenger can independently verify that hello.txt existed prior to a certain block.

Usage

OTS provides users multiple and easy ways to create and independently verify timestamps:[ citation needed ]

In the following sections it is shown an example of the usage of the Python client.

Timestamp creation

The stamp operation creates the first version of the timestamp. It is applied to the file for which you want to prove its existence (original file).

$ cathello.txt Hello World!$ otsstamphello.txt Submitting to remote calendar https://a.pool.opentimestamps.orgSubmitting to remote calendar https://b.pool.opentimestamps.orgSubmitting to remote calendar https://a.pool.eternitywall.com

The stamp operation calculates the SHA256 hash of the original file, concatenates a random 128-bit nonce to maintain privacy, and recalculates the SHA256 hash, sending this unique value to the calendar servers. Each of the calendar servers will add the received hash to its Merkle tree and return the necessary response to generate the initial OTS file. This OTS file is still incomplete because it does not yet contain the record in the blockchain. [6]

Once a reasonable time has elapsed, the user will run the upgrade operation on the same OTS file. This will communicate with the calendar servers and update the OTS file with the Bitcoin block header attestation. [5] 

$ otsupgradehello.txt.ots Success! Timestamp complete

It is also possible to create timestamps for several different files simultaneously. In that case, the stamp operation will send a single request to the calendar servers with a Merkle root derived from the original files, and later, that same operation will calculate the Merkle tree paths and create the timestamps for each one of the original files.

Timestamp verification

The verification of the OTS proof requires both the OTS file and the original file. The user must also have an up-to-date Bitcoin node [lower-alpha 6] on their own machine to perform the verification without relying on trusted third parties. [7] 

$ otsverifyhello.txt.ots Assuming target filename is 'hello.txt'Success! Bitcoin attests data existed as of Mon Apr 16 01:15:16 2018 CEST

Show timestamp information

OpenTimestamps
Filename extension
.ots
Magic number \x00 O p e n T i m e s t a m p s\x00 \x00 P r o o f\x00 \xbf \x89 \xe2 \xe8 \x84 \xe8 \x92 \x94
Website opentimestamps.org

The basic structure of a timestamp is divided into three main sections: [6]

  1. File hash
  2. Merkle tree construction
  3. Bitcoin block header attestation

The timestamp is saved in a binary file to save space and avoid problems of interpretation, encoding and compatibility between systems. [6] Generally, this file has a .ots extension and its magic number is \x00 O p e n T i m e s t a m p s\x00 \x00 P r o o f\x00 \xbf \x89 \xe2 \xe8 \x84 \xe8 \x92 \x94. [8]

The info operation presents the content of the timestamp on a human-readable format. In this case, a single attestation of the hello.txt file is shown, which hashes all the way to the Bitcoin block header at block 518387.

$ otsinfohello.txt.ots File sha256 hash: 03ba204e50d126e4674c005e04d82e84c21366780af1f43bd54a37816b6ab340Timestamp:append 72d8a09f54b12580b48c2f7c7dea4ce0sha256 -> append fe0d089c9bfe5289c3ee579904af3551    sha256    prepend 5ad3d92b    append 8fefb42191040403    verify PendingAttestation('https://alice.btc.calendar.opentimestamps.org')    sha256    prepend f0e8b62a519b0b8fad763c33c558e0179a43b8d89cb4130b6dbaa91e3d3252f6    sha256    prepend beca183da3f86784a7d54778bc48e78c570245d51474f32475e6d1851989b140    sha256    append a95879c35c15ace7dc5fd1d2cf0a7d9b0e4110b5b8a74da4c64082835f6f6a2e    sha256    append cf9b259e4506235f97225706f3a675f51ecf2657814639d87e4e6f42d8581ae7    sha256    prepend e3b7ff694e1b14b4420556ca77ea8e9509e44b7fbed0dc9a3b67c00fcf016ca2    sha256    prepend 01000000017230dffb1edd7cae0c8feb3fec7c91c34b33b22fdfac071b83e790ce34254b340000000017160014a4282cbf0f17fd6d51b61da f7cf4d56e32183b60fdffffff02d7c062000000000017a914365c46ff772b9f1da73efeb2c559777e1a2c33b4870000000000000000226a20    append f2e80700    # Bitcointransactionid7e6e5aafa1fc9d933992621a7ac321dc7b9368d0e1baa72ff77665b07b75315f     sha256    sha256    append d67f1615f986694d707d7d044883c7885f3dded2ac9df5f6b9270a5bdda38aa3    sha256    sha256    append e551a80b2bdd88f417fc95014662f7a65d8c0c4d833b6df034bc12f1af35b953    sha256    sha256    append 0902830fc37fde4996c350de40c0ae621c739ce002a7be4b3725d7e281fc02a3    sha256    sha256    append 7ac1e262423598f1477825882f78ededc98b44bf0136f059e438391aa0e7a686    sha256    sha256    prepend 9ee83975bef756160275a336203059109fd4336572e5e47e9a3edadb82a8934c    sha256    sha256    append 7a3229b63fc7a88d4edde4aa5b855416265842120fde246462271e5418f895bd    sha256    sha256    prepend a4c712ca130f63862f329874f11466eb74ee7b505c191344ee11b30d14ca4946    sha256    sha256    append 13bf98cdb708ed3321b8d48ff290c5bdbefa6fb9be34717e97a3f3cfa9b87994    sha256    sha256    prepend d2aec8bd2edf2d6d10606df92f1b8b53a97362d7aba7d3fa15bf55c0aab94e35    sha256    sha256    verify BitcoinBlockHeaderAttestation(518387)    # Bitcoinblockmerklerootb4f71191dc633cfb125543211022b1059d78b42a359408da5958fc15231ef6de

Use cases

Applications include defensive publications. [9]

Notes

  1. As of now, it is possible to timestamp also with Litecoin and Ethereum, although verification is not supported.
  2. The worst thing that a calendar can do is not to timestamp the users data; if that happens, then users can timestamp by themselves.
  3. Note how, by conveniently combining these commitment operations, it is possible to traverse a Merkle tree. Similarly to Bitcoin, OTS makes use of this commitment structure to pack several timestamps in one transaction.
  4. A timestamps is in form of a tree: from the starting hash, multiple branches leads to different attestations. This provides the redundancy that protect users in case a calendar is down.
  5. The website is the easiest method to create and verify timestamps but it is the less secure: differently from the previous ones, users cannot verify independently the timestamp, since the verification is made by a third party.
  6. It is not strictly required a full node, indeed the attestation are on the block header, thus a pruned node is enough to verify a timestamp. Note that a SPV node has the whole block header chain, so, in theory, it could verify timestamps, however it does not verify blocks and thus has a much lower security compared to pruned nodes.

Related Research Articles

Hashcash is a proof-of-work system used to limit email spam and denial-of-service attacks. Hashcash was proposed in 1997 by Adam Back and described more formally in Back's 2002 paper "Hashcash – A Denial of Service Counter-Measure". In Hashcash the client has to concatenate a random number with a string several times and hash this new string. It then has to do so over and over until a hash beginning with a certain number of zeros is found.

Proof of work (PoW) is a form of cryptographic proof in which one party proves to others that a certain amount of a specific computational effort has been expended. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was first implemented in Hashcash by Moni Naor and Cynthia Dwork in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. The concept was adapted to digital tokens by Hal Finney in 2004 through the idea of "reusable proof of work" using the 160-bit secure hash algorithm 1 (SHA-1).

<span class="mw-page-title-main">Merkle tree</span> Type of data structure

In cryptography and computer science, a hash tree or Merkle tree is a tree in which every "leaf" node is labelled with the cryptographic hash of a data block, and every node that is not a leaf is labelled with the cryptographic hash of the labels of its child nodes. A hash tree allows efficient and secure verification of the contents of a large data structure. A hash tree is a generalization of a hash list and a hash chain.

<span class="mw-page-title-main">Cryptographic nonce</span> Concept in cryptography

In cryptography, a nonce is an arbitrary number that can be used just once in a cryptographic communication. It is often a random or pseudo-random number issued in an authentication protocol to ensure that each communication session is unique, and therefore that old communications cannot be reused in replay attacks. Nonces can also be useful as initialization vectors and in cryptographic hash functions.

A hash chain is the successive application of a cryptographic hash function to a piece of data. In computer security, a hash chain is a method used to produce many one-time keys from a single key or password. For non-repudiation, a hash function can be applied successively to additional pieces of data in order to record the chronology of data's existence.

Transient-key cryptography is a form of public-key cryptography wherein keypairs are generated and assigned to brief intervals of time instead of to individuals or organizations, and the blocks of cryptographic data are chained through time. In a transient-key system, private keys are used briefly and then destroyed, which is why it is sometimes nicknamed “disposable crypto.” Data encrypted with a private key associated with a specific time interval can be irrefutably linked to that interval, making transient-key cryptography particularly useful for digital trusted timestamping. Transient-key cryptography was invented in 1997 by Dr. Michael Doyle of Eolas, and has been adopted in the ANSI ASC X9.95 Standard for trusted timestamps.

Trusted timestamping is the process of securely keeping track of the creation and modification time of a document. Security here means that no one—not even the owner of the document—should be able to change it once it has been recorded provided that the timestamper's integrity is never compromised.

In the BitTorrent file distribution system, a torrent file or meta-info file is a computer file that contains metadata about files and folders to be distributed, and usually also a list of the network locations of trackers, which are computers that help participants in the system find each other and form efficient distribution groups called swarms. Torrent files are normally named with the extension .torrent.

Double-spending is the unauthorized production and spending of money, either digital or conventional. It represents a monetary design problem: a good money is verifiably scarce, and where a unit of value can be spent more than once, the monetary property of scarcity is challenged. As with counterfeit money, such double-spending leads to inflation by creating a new amount of copied currency that did not previously exist. Like all increasingly abundant resources, this devalues the currency relative to other monetary units or goods and diminishes user trust as well as the circulation and retention of the currency.

<span class="mw-page-title-main">Bitcoin protocol</span> Rules that govern the functioning of Bitcoin

The bitcoin protocol is the set of rules that govern the functioning of bitcoin. Its key components and principles are: a peer-to-peer decentralized network with no central oversight; the blockchain technology, a public ledger that records all bitcoin transactions; mining and proof of work, the process to create new bitcoins and verify transactions; and cryptographic security.

<span class="mw-page-title-main">Ethereum</span> Open-source blockchain computing platform

Ethereum is a decentralized blockchain with smart contract functionality. Ether is the native cryptocurrency of the platform. Among cryptocurrencies, ether is second only to bitcoin in market capitalization. It is open-source software.

Vertcoin is an open-source cryptocurrency created in early 2014, that focuses on decentralization. Vertcoin uses a proof-of-work mechanism to issue new coins and incentivize miners to secure the network and validate transactions. Vertcoin is designed to be mined via graphics cards instead of through ASICs.

A blockchain is a distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. Since each block contains information about the previous block, they effectively form a chain, with each additional block linking to the ones before it. Consequently, blockchain transactions are irreversible in that, once they are recorded, the data in any given block cannot be altered retroactively without altering all subsequent blocks.

<span class="mw-page-title-main">InterPlanetary File System</span> Content-addressable, peer-to-peer hypermedia distribution protocol

The InterPlanetary File System (IPFS) is a protocol, hypermedia and file sharing peer-to-peer network for storing and sharing data in a distributed file system. By using content addressing, IPFS uniquely identifies each file in a global namespace that connects IPFS hosts, creating a resilient system of file storage and sharing.

<span class="mw-page-title-main">Ethereum Classic</span> Blockchain computing platform

Ethereum Classic is a blockchain-based distributed computing platform that offers smart contract (scripting) functionality. It is open source and supports a modified version of Nakamoto consensus via transaction-based state transitions executed on a public Ethereum Virtual Machine (EVM).

Proof of space (PoS) is a type of consensus algorithm achieved by demonstrating one's legitimate interest in a service by allocating a non-trivial amount of memory or disk space to solve a challenge presented by the service provider. The concept was formulated in 2013 by Dziembowski et al. and by Ateniese et al.. Proofs of space are very similar to proofs of work (PoW), except that instead of computation, storage is used to earn cryptocurrency. Proof-of-space is different from memory-hard functions in that the bottleneck is not in the number of memory access events, but in the amount of memory required.

Hash-based cryptography is the generic term for constructions of cryptographic primitives based on the security of hash functions. It is of interest as a type of post-quantum cryptography.

Segregated Witness, or SegWit, is the name used for an implemented soft fork change in the transaction format of Bitcoin.

Hashgraph is a distributed ledger technology that has been described as an alternative to blockchains. The hashgraph technology is currently patented, is used by the public ledger Hedera, and there is a grant to implement the patent as a result of the Apache 2.0's Grant of Patent License so long as the implementation conforms to the terms of the Apache license. The native cryptocurrency of the Hedera Hashgraph system is HBAR.

A blockchain is a shared database that records transactions between two parties in an immutable ledger. Blockchain documents and confirms pseudonymous ownership of all transactions in a verifiable and sustainable way. After a transaction is validated and cryptographically verified by other participants or nodes in the network, it is made into a "block" on the blockchain. A block contains information about the time the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered. This technology rose to popularity after the creation of Bitcoin, the first application of blockchain technology, which has since catalyzed other cryptocurrencies and applications.

References

  1. 1 2 "OpenTimestamps client, latest version". GitHub . Retrieved 26 August 2022.
  2. "OpenTimestamps code repository". GitHub . Retrieved 7 June 2018.
  3. "OpenTimestamps website" . Retrieved 7 June 2018.
  4. Gao, Yuefei; Applications, Hajime (2017). "A Decentralized Trusted Timestamping Based on Blockchains". IEEJ Journal of Industry Applications. 6 (4): 252–257. doi: 10.1541/ieejjia.6.252 .
  5. 1 2 Todd, Peter (September 15, 2016). "OpenTimestamps: Scalable, Trust-Minimized, Distributed Timestamping with Bitcoin" . Retrieved May 5, 2018.
  6. 1 2 3 Weilbach, William Thomas (December 11, 2017). "Practical Application of Distributed Ledger Technology in Support of Digital Evidence Integrity Verification Processes" (PDF). Archived from the original (PDF) on 18 April 2018. Retrieved May 5, 2018.
  7. "OpenTimestamps client repository". GitHub . Retrieved June 7, 2018.
  8. "Header magic definition in python-opentimestamps". GitHub . Retrieved 7 June 2018.
  9. Douglas Heaven (February 4, 2019). Nature (ed.). "Bitcoin for the biological literature". Nature. 566 (7742): 141–142. Bibcode:2019Natur.566..141H. doi: 10.1038/d41586-019-00447-9 . PMID   30718888. S2CID   256769716.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.