(original analysis done by Eder Santana on August 19th, 2016)
The module python-opentimestamps is a modern reimplementation of opentimestamps where a self maintained timestamps server was replaced by using the blockchain.
python-opentimestamps works in 3 main steps: stamp, complete and verify.
A source file is stamped by running the first command:
./ots stamp <file>The stamping algorithm first generates a sha256 checksum of the file to be stampped and use that hash as a public key. A public key hash bitcoin address (P2PKH) is than generated using standard address generation algorithms. A transaction is submitted to the resulting address. In other words the hash and thus the proof of the document is on the receiver of the bitcoind transaction. This process occurs in this piece of the code.
A few interesting things to note here are that there is no server on python-opentimestamps. Each stamp is instantly converted into a transaction. If we stamp 100 documents, even if all that occurs in less than 10 min, there will be a total of 100 transactions submitted to the blockchain.
Each stamp call generates a document with extension .ots.pending while waiting for the bitcoin transaction to be completed.
The second step should be run after the transaction is completed and has been associated with a block in the blockchain. We call:
./ots complete <file>.ots.pendingThis will create the actual Timestamp object. A Timestamp object has two properties path (transaction id + associated block merkle root) and sig which is a signature generated by the BlockHeaderSig object. The BlockHeaderSig generates the signature from the the chain id (bitcoin-mainnet is the default) a prefix and sufix that are extracted from the block header. Here is how the prefix and sufix are extracted. Note that this is just slicing the serialized block header. The prefix are the first 35 bits of the hearder and the sufix are the last bits starting at bit 68.
The Timestamp is than saved to json. That json contains 2 strings -- one to describe the signature type (ex. block_header as described above), the second string is the chain id (ex. bitcoin-mainnet) -- and two hex encoded elements, the header prefix and sufix. All that is saved to the complete timestamp with extension .ots
Finally we can verify a complete timestamp with
./ots verify <file>.otsThis will load the json file, do some type checking and query the blockchain for the existence of the transaction described in the path + signature. Details are in this piece of code.
python-opentimestamps proposes a way to anchor data to the blockchain by converting document hashes into bitcoin addresses and submiting a transaction to that address. Each individual stamped file corresponds to a different address. Using that module, each stamp equals to a different transaction. A proof of existence is confirmed when the transaction is complete and the time associated with the block serves as the temporal reference.
Getting block header, signing and submitting transactions and all the operations with the blockchain are done using python-bitcoinlib, which is maintained by the same Peter Todd developer that proposed python-opentimestamps.
The code still have some bugs, I couldn't run all the steps myself. They show example files that are supposed to be generated by the pipeline. The code base is also not really well documented, although fairly understanble after sometime reading it.
My only concern was the necessity of a unified server to hash several transactions together and reduce the total number of stamps submitted to the blockchain.