keys icon indicating copy to clipboard operation
keys copied to clipboard

Published 20 hours ago verified publisher icon keys-pub

Timestamp sigchains

Open meeDamian opened this issue 5 years ago • 4 comments
trafficstars

Even simple sigchain timestamping allows to prove useful things like, ex:

  • key X exists since at least date D1
  • revocation of X has been issued before D2
  • etc…

The easiest way to achieve this would be:

  1. Hash sigchain Statements as they arrive
  2. Periodically:
    1. Construct merkle tree out of recent Statements
    2. Submit tree root to opentimestamps servers
    3. After some time, upgrade the timestamp.

AFAIR the implementation Keybase ~has, is~, used to have, was going a step further, by basically rolling the same UTXO, which ensured no sigchain history forks could occur. That's even better, but it is quite more involved to implement, and would incur small, but continuous cost.

meeDamian avatar May 08 '20 07:05 meeDamian

Yeah there is currently nothing stopping the server showing different sigchain states to different clients, it' something that has been on the back of my mind for awhile. I do want to eventually do something similar to Keybase but maybe your suggestion is a good first step.

Do you know of any other services that do this kind of thing other than Keybase? This is super helpful feedback thanks!

gabriel avatar May 09 '20 22:05 gabriel

Glad it's helpful :).

Just to note: The simple timestamping in itself doesn't protect against different sigchains being shown to different clients, as the server could trivially be constructing multiple different sigchains, timestamping all of them, and therefore be able to prove continuity of them all. What it does protect against is the server trying to fake history after the fact, and provides users with cryptographic proofs that ex. revocation has been issued before some point in time.

Implementation guaranteeing protection against these reality forks, would have to use something like Single-Use-Seals by @PeterTodd, where with each stamp the server commits to a specific UTXO, which can only ever be spent once (as guaranteed by obscene amounts of mining power, and tens of thousands nodes meticulously verifying history).

A simpler way, which could still give a decent amount of confidence, would be to publish all stamped Merkle roots on a public website, as well as on a Tor hidden service, which would have to be the same for everyone, as the server lacks the ability to identify Tor users.

I'm not aware of other projects doing it. http://opentimestamps.org website lists some logos, but I'm not sure any of those do sigchain stamping :).

meeDamian avatar May 10 '20 19:05 meeDamian

there is now timestamping service called woleet https://github.com/woleet/ with full opensource tools managing proofs, receipts, id and so on in standard way.

fix avatar Oct 01 '20 12:10 fix

It's a shame @meeDamian didn't mention us :) We are doing exactly this!

gill3s avatar Oct 01 '20 13:10 gill3s