Re: Open Timestamps from Peter Todd on 2016-09-30 (public-blockchain@w3.org from September 2016)

From: Peter Todd <pete@petertodd.org>
Date: Thu, 29 Sep 2016 21:17:02 -0400
To: Wayne Vaughan <wayne@tierion.com>
Cc: "S. Matthew English" <s.matthew.english@gmail.com>, Mountie Lee <mountie@paygate.net>, Melvin Carvalho <melvincarvalho@gmail.com>, Blockchain CG <public-blockchain@w3.org>
Message-ID: <20160930011702.GA11020@fedora-21-dvm>

On Thu, Sep 29, 2016 at 08:48:19PM -0400, Wayne Vaughan wrote:
> I'm with Peter.
> 
> With Chainpoint, we purposefully avoid using timestamping as part of our
> vocabulary.  We consider Chainpoint a proof protocol. You are proving that
> your data is cryptographically linked to a set of external sources.  If one
> of those external sources provides a reliable source of time, then you can
> use the proof as a timestamp. The key constraint to recognize is that you
> inherit time from the anchor sources.

Eh, I have no issues with saying that OpenTimestamps does timestamping. The
trick is simply making sure you communicate what is being proved correctly.

Forward dating timestamps appropriately seems find by me. Basically, as applied
to a git-commit timestamped by multiple notaries that might look like:

    $ git log --show-signature 6a1c61a8dfbbcca672858500fcd11ecfeb34d8cc
    commit 6a1c61a8dfbbcca672858500fcd11ecfeb34d8cc
    ots: Success! Bitcoin attests commit existed as of Mon Sep 26 05:25:10 2016 EDT (99% prob)
    ots: Success! Ethereum attests commit existed as of Mon Sep 26 06:12:01 2016 EDT (99% prob)
    ots: Success! Litecoin attests commit existed as of Mon Sep 26 04:45:23 2016 EDT (99% prob)
    ots: Success! Google (via Roughtime) attests commit existed as of Mon Sep 26 01:28:00 2016 EDT
    ots: Good timestamp
    gpg: Signature made Mon 26 Sep 2016 01:28:08 AM EDT
    gpg:                using RSA key 6399011044E8AFB2
    gpg: Good signature from "Peter Todd <pete@petertodd.org>"
    gpg:                 aka "[jpeg image of size 5220]"
    Author: Peter Todd <pete@petertodd.org>
    Date:   Mon Sep 26 01:27:51 2016 -0400

        Improve error message when ./ots stamp encounters IO errors

They're all clearly statements that some notary attests the commit was in
existance as of some time - not attestations as to when the commit was created.
Equally, the fact that the Roughtime attestation is a few seconds prior to the
actual Git commit isn't unexpected: we shouldn't be surprised if a user's
inaccurate clock means the PGP signature was created a few seconds off.

Anyway, all this discussion about Bitcoin's innaccuracy misses another point:
you can't get a timestamp committed by Bitcoin instantly anyway! You're always
going to end up waiting until the next block, and that takes a few minutes most
of the time, often an hour.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

Received on Friday, 30 September 2016 01:17:45 UTC