Hey Peter, this might be a dumb question but are there any projects similar to OpenTimestamps, or that could couple with it to provide a device-specific signature in addition to the timestamp data? Like a device fingerprint, so you can reasonably prove data was created by a specific device before the given time?
I've always thought this would be super useful, but I'd be somewhat surprised if it didn't already exist.
Basically no. That is a _much_ harder problem than time-stamping...
Assuming you could easily generate unique keys for any device, can you explain the difficulty? Wouldn't it just be like the earliest device has the strongest claim to authenticity?
I didn't realize it'd be that much harder, but I've probably missed the obvious. Thanks for your time.
The thing is with keys alone you're not proving that data was created by an _device_. But rather, just by a key. That by itself doesn't mean anything. To actually prove something about a device is a difficult key validation problem.
I really appreciate your reply.
I was thinking about it as the device fingerprint being essentially the seed for the key but I can see how that could be an issue if you cannot guarantee uniqueness of the seed, or if the private key is compromised (or can't be proven that it was never compromised), spoofing a device fingerprint, etc.
Anyway, I won't take more of your time but I like learning what I can. Have a good one! 👍
There is one: Woleet. But it is not open source. The api provided the ability to timestamp a bitcoin signature, and a way to verify the identity of the signer based on this signature, and optionally on the DNS system to prove its identity online with no other third party.
See 'bitcoin signature anchoring.
