Creating and verifying timestamps

Parallel Polis occasionally publishes information about corruption suspicions or other information requiring verification of the time of availability of published information. In order not to hurt anyone, but also to prove that the bidder, for example, was known beforehand, we publish this information in encrypted form using the memo.cash network that uses the BCH blockchain time stamps.

Because the number of characters is limited, the verification method is as follows:

Parallel Polis refers to a specific post. Here’s how to look at a specific example.

Parallel Polis has an official account on memo.cash network. By clicking on it you can see all posts. Some of them are encrypted. If Parallel Polis publishes some information, it will refer to a specific encrypted post. Let’s take a look at this test post. In full, this is what it says:

jA0ECQMC6ECFkYZkL5Hl0ocBWlVHiItoTM9kRTJxzoICodXNV9ckWoxEmxym7oyr
URwPDw+KZ3P02JCIhCAnAFbkoZftrrAuhMFwitP/o//NPYTg7LXN7pAiYwp2w73N
YvKjR3n3c25QO0RG7pJh3dgmb59gVSczH7nz58gdvbY0hVVDZLV0d3xTtJcN9Io9
JfvA525iIgY=
=ZzJc

In it’s URL https://memo.cash/post/e2209fe9e08d33056dbbf995c091097f59d5480b42f1fde5fe02600eb4d9394c there is a longer string e2209fe9e08d33056dbbf995c091097f59d5480b42f1fde5fe02600eb4d9394c. This is the transaction identifier. If you enter it into any Bitcoin Cash transaction viewer, such as blockchair.com, you will get information on when the tool was included in the blockchain. Information for this particular transaction is for example here. It is practically a timestamp that says that it was included by a miner to a block on June the 9th 2018, that means that this information was created on this day the latest. It could have been created sooner and included in the block later, but we know that it was available on this day or before with certainty.

The information itself is encrypted. When the time comes and we decide to publish the information (or confirm that it was available at an earlier time than it should be), we will publish the decryption key. For this transaction, the password is:

LuhajmoosAishyarHips

How do we decrypt this transaction? We used the GNU Privacy Guard (GPG) for encryption. We need to get the encrypted information in a form that is understandable for gpg, so we need to add a line before and after the message itself that says it is an encrypted PGP message (these lines are not part of the message because memo.cash in a similar fashion to Twitter has a limited message length). Note that there is one more empty line after the first row, but there is no empty line before the last line.

This is how the full message should look like:

-----BEGIN PGP MESSAGE-----

jA0ECQMC6ECFkYZkL5Hl0ocBWlVHiItoTM9kRTJxzoICodXNV9ckWoxEmxym7oyr
URwPDw+KZ3P02JCIhCAnAFbkoZftrrAuhMFwitP/o//NPYTg7LXN7pAiYwp2w73N
YvKjR3n3c25QO0RG7pJh3dgmb59gVSczH7nz58gdvbY0hVVDZLV0d3xTtJcN9Io9
JfvA525iIgY=
=ZzJc
-----END PGP MESSAGE-----

Let’s save the message to a new file called test-message.txt.asc and decrypt using command:

gpg -d test-message.txt.asc

After entering the password LuhajmoosAishyarHips we get this message:

Testovacie tvrdenie ktorého čas vypublikovania môžete overiť

(Which is a Slovak for “Test statement whose time of publication could be verified”)

What does this technology allow us to do? Let’s go backwards:

  • At the time the message was created, the information was available
  • The author of the message created an encrypted version and saved the password to himself, but did not give it to anyone. So the message remains confidential until the password is published.
  • The message (in abridged form without the first and last line) was published in the blockchain and it was verified that this message existed at the latest when the miner placed it in the block. This can be verified directly in a blockchain using one of Bitcoin Cash’s many blockchain explorers.
  • At the same time, the message was published by a public account of the Paralelná Polis, which is publicly known. In the case of Parallel Polis, it is the address qqkdzm49858w4c34p8tjtlkg4985p0hulue5zfegau or 155yd3e7bvx2qCqrTHvVSme93WmQLXKQDs (depending on the service you use, the address should be in one of the two formats of the same address and is interchangeable with the conversion tool – they both represent the same address). This message is also digitally signed, so you can be sure it comes from us.
  • When the right time comes, we will post a password to allow people to decrypt and verify that the information was available at the time the miner put it into block.
  • Please also note, that we don’t publish thousands of messages and we commit each transaction to a particular topic, so you can be sure we did not create and publish thousands of contradicting messages, publishing only the ones that are true. There is only one message concerning one topic, which can be verified on our profile and usually linked to an article.

How to create a publication and verification scheme like this?

If you would like to create a similar scheme and give the time stamped information to the public or to any third party, you need to do the following:

Sign up for memo.cash. Charge your account using Bitcoin Cash or Shapeshift with any cryptocurrency. You need just a few cents to make short posts, you do not have to send more than a dollar.

Publish an official memo.cash address on your site, set up your profile picture, name, and profile.

If you are publishing the information, publish the public part on your blog, to which you will put the link to the encrypted message.

The message itself is created using GNU Privacy Guard. If you have a message in message.txt, you can do so from the command prompt:

gpg -a -c message.txt

After entering the password twice, the file message.txt.asc will be created. Take the middle part of it (without the first and last line) and paste it into memo.cash as a message.

Insert a link to this blog.

Create another memo.cash message saying what the message is about (not the content) and link the transaction itself to the original message. For example like here (but do not publish passphrase if you do not want to reveal the information itself). This is important, because if every message is linked to one topic, there is no suspicion that you created contradictory messages saying opposite things.

If and when you choose to publish the message, publish the password you have entered. Anyone with access to this password can decrypt the message while verifying when you put it into a blockchain.

Conclusion

We believe that these tools let you publish information and verify its validity. We expect these tools to be used by journalists, non-profit organizations, and other people who want to increase transparency and provide time-stamped sensitive information. Blockchain is also an uncensorable medium where it is possible to publish information so that it can not be removed later.

FAQ

Q: Why did you not use opentimestamps or any other service?

There are many ways this could be done. We did not use opentimestamps in particular, because we want to be able to prove that we only published one version and store the information on blockchain, so it cannot be censored.

With opentimestamps, we could have created 365 of messages like:

“The war will start on January 1st”
“The war will start on January 2nd”

When the war starts, we publish time commitment of only one of those files. It does not prove we knew when the war starts, only that this information was available. If we want to prove that we knew, we put encrypted information on our profile and link this information (and only this information) via plaintext message saying (Transaction [transaction number] is about the date of the start of the war). You can see that there are no other messages by browsing the profile and seeing all the posts.

We love opentimestamps and we think it is a very useful an interesting project, but not for our purpose.