From fef460586e847e378a197381ef1ae3a64e6ea38b Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 28 Sep 2021 22:15:31 +0200 Subject: noted that verified timestamps have more use-cases A believer can be convinced that a sigsum was logged after time T. This is because witnesses do Verifier(append-only) and Verifier(Freshness). Outline: a claimant is about to log a sigsum. 1. Fetch the most recent cosigned tree head. - Timestamp is T - Tree size is N 2. Submit sigsum for logging. 3. Wait for inclusion at index N+k, k=>0. 4. Wait for next cosigned tree head. - Timestamp is T', where T' > T - Tree size is N', where N' > N+k 5. Download inclusion proof for tree size N'. Now you can convince a believer that a sigsum is publicly logged. Just reveal inclusion proof which leads up to the second cosigned tree head. Next, you can reveal the first cosigned tree head that _have not merged that entry yet_. This follows from the first cosigned tree head size, and makes it obvious that the entry must have been merge after time T. --- doc/api.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/api.md b/doc/api.md index ea5a2a0..3f3db55 100644 --- a/doc/api.md +++ b/doc/api.md @@ -78,7 +78,9 @@ struct tree_head { ``` `timestamp` is the time since the UNIX epoch (January 1, 1970 00:00 UTC) in seconds. It is included so that monitors can be convinced of _freshness_ if -enough witnesses added their cosignatures, see below. +enough witnesses added their cosignatures. A claimant may also use timestamps +to prove to a believer that some logged data is current. See timestamp +verification in Section 2.3.2. `tree_size` is the number of leaves in a log. @@ -207,7 +209,7 @@ Output on success: ### 3.3 - get-tree-head-cosigned Returns the latest cosigned tree head. Used together with `get-inclusion-proof` and `get-consistency-proof`. Ensures that verifiers see the same statements as -believers. +believers. May also be used to convince a believer about when logging happened. ``` GET /sigsum/v0/get-tree-head-cosigned -- cgit v1.2.3