Blockchain-backed timestamp proof for structured document sections
Project description
stramp
Timestamp a structured text document such that the content of any section or subsection can later be proved to have existed at (approximately) the time the document was stamped.
STRuctured text stAMP → STRAMP
This tool uses decentralized trusted timestamping technology that is backed by the Bitcoin blockchain. The protocol used is OpenTimestamps. Servers supporting this protocol are public and free to use.
The advantage of Stramp over using another OpenTimestamps client directly is that you can prove one or more chosen sections of your document selectively without revealing the content of the entire document. This is useful if you collect notes for a project in a large file where some sections may have information you don't want to reveal and other sections have text for which you might want timestamp proof at some later time.
It is intended for this command to be run periodically in the background with a service such as cron. I'd recommend setting it up to run once or twice a day.
Applications
This tool has the same applications as digital trusted timestamping in general, but the convenience and zero cost make it much more practical. Set it up to run in the background on your note files, and with practically no further effort you'll get the benefit in case you ever need it:
-
Patent documentation - This can't be directly used to win a patent since everyone has switched to first-to-file. However, it may still be useful for defensive publication to prevent someone else from patenting an idea you came up with.
-
Trade secrets - Prove that you had the idea of doing something a certain way.
-
Simple bragging rights - Write your idea or prediction in your notes so you can later prove you had it at a specific date.
Installation
Stramp requires Python 3.6 or newer. In addition to the Python library dependencies (automatically installed,
assuming you use pip
), you will also need the ots
command from
opentimestamps-client:
pip install opentimestamps-client
If Stramp is available from PyPI, you can install it with:
pip install stramp
Other options are to install it from the GitHub repository directly:
pip install -U "git+https://github.com/wonkyweirdy/stramp#egg=stramp"
or to install from a cloned git repository:
git clone https://github.com/wonkyweirdy/stramp.git
pip install ./stramp
How it works
-
Each document files is copied to create an archive copy. The archive copy is stored in the directory
~/.stramp/data
named based on the hash of the file. -
The text of each document, individual sections, and recursive subsections, is hashed using a secure hash algorithm to produce hexadecimal hash strings. These hash strings are collected into a JSON file along with the associated file paths and some other metadata. The JSON file goes in the
~/.stramp/new
directory. -
The generated JSON hash file is then timestamped using the
ots stamp
command. Once stamped, the JSON hash file and its associated*.ots
file are moved into the~/.stramp/stamped
directory. At this point, the stamp data will have been submitted to the public calendar servers. It will take time for the timestamp to be processed on the servers. -
The stamp file (
*.ots
) is upgraded usingots upgrade
. Once upgraded, the JSON hash file and its associated*.ots
file are moved into the~/.stramp/complete
directory. The upgraded stamp will contain all the information needed to trace the timestamp back to the specific transaction and block in the Bitcoin blockchain. Note that for a hash file stamped on the current run, the upgrade will happen on a subsequent run. It can take a few hours before the path is confirmed into a Bitcoin block. There is a built-in age limit that will prevent new (less than eight hours old) stamps from being upgraded; this is to help ensure that all the servers had enough time to process the stamp completely.
The new
and stamped
directories are used as queues. If the ots stamp
or ots upgade
command fails for a
hash file on one run, it will be retried on a later run.
Configuration
The configuration file is expected to be at ~/.stramp/config.json
.
Example content:
{
"ots_command_path": "/usr/local/bin/ots",
"documents": [
{
"path": "/home/joe/Documents/personal-notes.org",
"format": "org"
},
{
"path": "/home/joe/Documents/project1/project1.md",
"format": "commonmark"
}
]
}
The ots_command_path
specification is optional. It defaults to just "ots"
, expecting that command to be found
in the command search path.
Usage
Stramp will normally be called as:
stramp -x
The -x
option implies -p
, so the result of the above command would be to hash all the documents in the
configured list and then do any processing (see the How it works section above).
Command help is available with stramp --help
:
Usage: stramp [OPTIONS] [FILES]...
Options:
-x, --hash Hash the files listed in the configuration
-p, --process Stamp or upgrade any hash files that need processing
-c, --hash-only Just write generated hash file JSON to standard output
-v, --verbose Print more information
-V, --version Print the application version
--help Show this message and exit.
Stamp verification
Stramp does not implement anything to help with verification. The easiest way to check a stamp is to drop it onto the opentimestamps.org web page. If you want to check it locally, it is more involved since you need to run (or have access to) a server running Bitcoin Core.
Document formats
Org-mode
Org-mode format as UTF-8 is supported since this is what I use for my notes. The Org-mode support may not even be complete since have only implemented it to support the Org features I use.
Markdown
Markdown is supported. The specific variant of Markdown supported is CommonMark. Other variants may work as long as the headings can still be correctly interpreted using the rules of CommonMark.
Markdown support depends on Marko. Either install Marko separately
or specify commonmark
extra when installing with pip
:
pip install "stramp[commonmark]"
Future formats
I would consider adding support for other lightweight markup languages:
Maybe other structured document formats:
- HTML
- ENEX (Evernote)
Security
I am aware that the content of a section could be deduced from only a hash in a hash file if that text is short or predictable. For example, this would be a problematic in an Org-mode text file:
* Passwords:
** letmein
** YouCantGuessThis
I'm ignoring this for now in the interest of keeping things simple.
Legal
My opinion is that this tool should in principal allow creating indisputable proof that the text of a section of a document existed at a specific point of time. The proof will continue to be indisputable for as long as the cryptography involved can be trusted. However, we don't know for sure there isn't someone in a secret lab somewhere able to trivially forge an SHA-2 hash.
I can't promise this tool is appropriate for any certain use case. Users need to evaluate this for themselves. Quoth the LICENSE file:
The software is provided "as is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and non-infringement. In no event shall the authors or copyright holders be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the software or the use or other dealings in the software.
Similar and related projects
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file stramp-0.3.2.tar.gz
.
File metadata
- Download URL: stramp-0.3.2.tar.gz
- Upload date:
- Size: 21.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.1 CPython/3.8.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | a6c541045610a982e92de425c64593cf43170396743dbf192a166f38bc3684e3 |
|
MD5 | b92dc334518a5e27483aea3dad7ea1d6 |
|
BLAKE2b-256 | f2b9e5203ad8a2a8c55d8bf2e3f1b655b8a50a59686eb6ccb5a49c8029df579b |
File details
Details for the file stramp-0.3.2-py3-none-any.whl
.
File metadata
- Download URL: stramp-0.3.2-py3-none-any.whl
- Upload date:
- Size: 13.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.1 CPython/3.8.3
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 94384d30069b59ecca36170ca28c3f2bdfe298b02d1404c86af3228fc8dbbb49 |
|
MD5 | 2c7ccc1a5941284cb39b0b6765bf1077 |
|
BLAKE2b-256 | 5dd4bde4fd2354b651859cadad7f835924b03a2c2b1b3270a90bd9767f62ab3e |