How vtimestamp Works

vtimestamp creates cryptographic proof that a document existed at a specific point in time. The proof is stored permanently on the Verus blockchain, tied to your VerusID. Your documents never leave your device.

Creating a Timestamp

1

Hash Your Document

Your browser computes a SHA-256 hash of your file or text using the Web Crypto API. This happens entirely on your device — the document is never uploaded, transmitted, or stored anywhere.

Document: quarterly-report.pdf (2.1 MB)
SHA-256:  a7f3b2c1d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1

SHA-256 is a one-way function. Given the hash, no one can reconstruct your document. Given a different document, no one can produce the same hash. The hash is a unique fingerprint — nothing more.

2

Add Metadata

You provide a title (required) and optionally a description. If you uploaded a file, the filename and file size are captured automatically.

Title:       "Q4 Financial Report"
Description: "Final approved version"
Filename:    quarterly-report.pdf
File Size:   2,097,152 bytes

The system also checks for duplicates — if you've already timestamped this exact hash on your identity, you'll see a warning before proceeding.

3

Sign with Your VerusID

vtimestamp constructs an identity update request containing your hash and metadata, packaged as VDXF data. The service identity signs this request — so your wallet knows it's a legitimate vtimestamp request — then presents it to you as a QR code (or deep link on mobile).

You approve the request in Verus Mobile or a compatible wallet app. This proves your identity — only you can sign for your VerusID — and broadcasts an updateidentity transaction to the Verus blockchain. The service never has control of your identity; it only constructs the request. You authorize it.

4

Blockchain Confirmation

Once the transaction is included in a block, your timestamp is permanent. The block provides:

  • Block height — the position in the chain (e.g., block #4,523,891)
  • Block hash — the cryptographic fingerprint of the block itself
  • Block time — the consensus-verified timestamp of when the block was mined
  • Transaction ID — the unique identifier for your specific transaction

These values are immutable. No one can change them after the fact — not you, not the service, not anyone.

Verifying a Timestamp

Anyone can verify a timestamp. No login. No account. No special access. Just the document and the identity name.

1

Hash the Document

The verifier uploads the same file (or pastes the same text). The browser computes the SHA-256 hash locally — identical process to creation. If the document has been modified by even a single byte, the hash will be completely different.

2

Search the Identity's History

The system queries the Verus blockchain using getidentityhistory, retrieving every update ever made to that VerusID. It scans each update for the proof.basic key and compares stored hashes against the computed hash.

3

Confirm the Block

If a match is found, the system retrieves the block that contains the transaction. The block time is the proof — the consensus-agreed moment when that block was mined and your hash was inside it.

Verified: YES
Identity: alice@
Title:    Q4 Financial Report
Date:     Feb 18, 2025, 10:30:45 AM
Block:    #4,523,891
Tx:       a1b2c3d4e5f6...

Why This Can't Be Faked

AttackWhy It Fails
Backdate a timestampThe block time is set by blockchain consensus. You can't insert data into a past block.
Modify after creationEach identity update is a separate transaction. Previous entries are part of the chain's immutable history.
Claim someone else'sThe timestamp is on a specific VerusID. Only the identity owner can sign updateidentity transactions.
Forge a matching documentSHA-256 is collision-resistant. No known method exists to produce two different documents with the same hash.
Forge the verificationAnyone can run their own verification against the public blockchain. There's no single authority to compromise.
Delete a timestampBlockchain data is append-only. Historical identity states are preserved in the chain's history forever.

The trust model is simple: the blockchain provides the time, cryptography provides the fingerprint, and your VerusID provides the ownership. No single party controls all three.

Privacy by Design

vtimestamp is built around a core privacy principle: your documents never leave your device.

What's Public

  • SHA-256 hash
  • Title you chose
  • Description you wrote
  • Filename (if provided)
  • File size (if provided)
  • Block time and height
  • Your VerusID name

What's Private

  • The actual document contents
  • Any data not explicitly added as metadata
  • Your device never transmits files or text to any server

The hash is a one-way function. Given the hash, no one can determine whether the original was a PDF, a photo, a text file, or a novel. They can only confirm: "this exact data existed when this block was mined."

You control how much metadata to include. Title is required (for your own organization), but description, filename, and file size are optional. If you want maximum privacy, use a generic title and skip the optional fields.

Learn more

Compare → FAQ → Verify a Timestamp →