Learn about blockchain technologies with OriginStamp

How does blockchain support information integrity? Can blockchain - even the Bitcoin blockchain - be used for purposes other than simply tracking how much BTC you or I hold? What in the world is a Merkle Tree, and are they blooming anywhere right now?

In this post, I would like to introduce you to a great learning tool - a website called OriginStamp. For small tasks, it is free, and no credit card or other information is required.

Background: Blockchain technology and electronic document integrity

To understand what OriginStamp does, it may be helpful to take blockchain back to its roots. No, I don't mean the Satoshi Nakamoto white paper, as important as that was. I mean looking at the references in that paper, and seeing three references to the works of Stuart Haber and Scott Stornetta. Fifteen years before Bitcoin, Scott and Stuart started a business based on their research, focused not on payments but on document integrity. Their platform used the technologies behind blockchain so

"users can apply tamper-evident digital 'Seals' to all forms of electronic information, providing long-term and independent proof that the information existed at a point in time and has not been altered since. [The service] can be deployed in the enterprise or in the cloud, and provides an ideal solution to the challenges of IP protection, digital evidence preservation, and proving the authenticity of electronic records and files."

With no public blockchain available at the time, hashes were published each Sunday to the New York Times classifieds.

With the Bitcoin blockchain, document integrity proof comes cheap (free to you)

With public blockchains, this task has become much easier, leveraging the same sets of tools used back then.

1. Cryptographic hashes: A hash is a mathematical algorithm to produce a unique, fixed length string that serves as a fingerprint for an electronic file or sequence of information. One of the most common is known as SHA-256. (SHA is short for Secure Hash Algorithm). There are easily downloadable or web-based tools for calculating a SHA-256 hash of a file, as well as functions for Python and other programming languages. For example, the SHA-256 hash of the Bitcoin white paper is b1674191a88ec5cdd733e4240a81803105dc412d6c6708d53ab94fc248f4f553. I get the same result whether I feed the document into my desktop hash tool or drag the file into an online hash calculator, such as the one at https://emn178.github.io/online-tools/sha256_checksum.html

2. Merkle Trees: Managing a ton of hashes is made easier by the concept of a Merkle Tree. This takes two hashes, concatenates them, takes the hash of the concatenation, matches that with another hash of a concatenation, iteratively, until there is only one - the root hash.

For example, the hash of your document might be b73f97a265bae4af077058df8d5a47af0030f16055c0c3168b3e5647a2e92304. You can see it participate in another hash, here b73a9bfad62bebcfca4fc70cfd7c81ac3ab8090a4cbca7a48f8d81055f35d859.

Concatenate them (stick them together) to become b73a9bfad62bebcfca4fc70cfd7c81ac3ab8090a4cbca7a48f8d81055f35d859b73f97a265bae4af077058df8d5a47af0030f16055c0c3168b3e5647a2e92304

Take the hash of that to get 737f88c745e133dfaa60c19b6c220c1d2be2684d8cf9336554a8b5bb62593999 - which matches the next "right" entry on its way up the Merkle Tree.

The root of that Merkle Tree is the hash formed from all the other hashes, in this case, 3f6c35757bfaf9794e102f60368b4810550cc399cdb994bc681b06e9f9254e86.

What has that bought us?

You now have a unique fingerprint of all of the underlying hashes and the documents associated with that hash. The documents aren't there and cannot be recreated, but someone can now prove that at that time there was a document with that unique fingerprint.

3. Bitcoin blockchain

So let's get to the blockchain. Now that we have a unique fingerprint, we can use that as a private key. We can calculate the Bitcoin address that is controlled by that private key, and then create a small value entry to that address.

There are many tools for identifying the BTC address of a private key. Here's one: https://gobittest.appspot.com/Address

Type the Merke root value as the private key.

The resulting address is 1MS4sGaNZjgdqV6PD7Ww98tKnUayHb3fDU

You can view that address in your favorite block explorer.

What OriginStamp does for you

Each day, OriginStamp takes the document hashes submitted to it, creates the Merkle root, identifies the address, and then sends a small amount (in this example, around $0.28 US, which it then removes, so there is no value left. (Sorry using the private key won't do much for you.)

So for less than $1 a day for them (and nothing for you for small numbers of documents), documents are time-stamped and their integrity proveable as long as the BTC blockchain is available.

Conclusion

In this short posting, we have discussed cryptographic hashes (such as SHA-256), demystified Merkel trees, shown how to find a unique place on the BTC blockchain, and how to inexpensively (or for you, free) create an audit trail of data integrity.