What is proof of existence?

Use our service to anonymously and securely store an online distributed proof of existence for any document. Your documents are NOT stored in our database or in the Bitcoin blockchain, so you don't have to worry about your data being accessed by others.

All we store is a cryptographic digest of the file, associated to the time in which you uploaded the document. In this way, you can later certify that said data existed at that time. This is the first online service allowing you to publicly prove that you have certain information without revealing the data or yourself, with a decentralized certification based on the Bitcoin network.

The key advantages are anonymity, privacy, and getting a decentralized proof which can't be removed by third parties or governments. Your document's existence is permanently validated by the blockchain even if this site is compromised or down, so you don't depend or need to trust any central authority. All previous timestamping solutions lack this independence.

Common uses

Demonstrating data ownership without revealing actual data.
You can publicly reveal the digest and if conflict arises you can prove you had the data that generates the digest. Useful for copyrighted material, patents, etc.
Document timestamping.
You can prove certain data exists at a certain moment of time. As we use the Bitcoin blockchain to store the document proof, you can certify the existence of your document without the need of a central authority. Use the computing power of the whole Bitcoin network to certify your data.
Checking for document integrity.
If you store a proof for your document and later re-upload it, the system will only recognize it if it is completely and fully the same document. The slightest change, and we'll recognize it is different, giving you the security that certified data can't be changed.

Technical foundations

The document is certified via embedding its SHA256 digest in the Bitcoin blockchain. This is done by generating a valid bitcoin transaction to two specially crafted addresses which encode/contain the hash. The hash is cut in two fragments, each fragment contained in one of these addresses. The hash fragment is used as a replacement for the RIPEMD-160 hash of the public ECDSA key in the bitcoin address generation algorithm. This is why the bitcoins sent in this special transaction are unspendable, as the addresses are being generated from the document's hash fragments instead of from a private ECDSA key.

After the addresses are generated and the transaction is confirmed, the document is permanently certified and proven to exist since the transaction was confirmed. If the document hadn't existed at the time the transaction entered the blockchain, it would have been impossible to embed its digest in the two addresses and thus create the transaction (This is because of the hash function's property of being Second pre-image resistant). Embedding some hash and then adapting a future document to match the hash is also impossible (due to the Pre-image resistance of hash functions). This is why once the bitcoin blockchain confirms the transaction generated for the document, its existence is proven, with no trust in a central authority required.

If anyone wants to manually confirm the document's existence at the timestamped time, they should just follow this steps:

Developed by

Manuel Araoz - @maraoz .

Press