
Select a document and have it certified in the Bitcoin blockchain - ptr
https://proofofexistence.com
======
strictnein
Reading the
[https://proofofexistence.com/about](https://proofofexistence.com/about) is
really helpful, because I really didn't understand this at all.

While this is interesting, is there any concern about over use of the bitcoin
blockchain? It's currently 65GB in size[0], which means it's fairly usable,
and with a big enough system you could still store the entire thing in memory.
What happens when it's 65TB? 65PB? Won't using it for lots and lots of things
cause issues long term? Or am I missing something here?

[0] [https://blockchain.info/charts/blocks-
size?timespan=all](https://blockchain.info/charts/blocks-size?timespan=all)

~~~
enraged_camel
That "About" page was frustrating to read. It talks about "common uses"
without talking about actual use cases. Like, no _realistic scenarios_ where
this thing would come in handy. What industries would it be particularly
useful in? Legal? Real estate? Logistics?

The press releases at the bottom talk about it having potential to be used as
a notary service, but even those are lacking detail.

edit: getting downvoted by bitcoin fanboys. should have seen that coming!

~~~
niij
The only obvious use I could think of is proof of invention of some idea. Like
the old "Mail a letter to your self and don't open it proof".

~~~
bobwaycott
Exactly the same as my first thought.

------
wslh
It is good to compare with the legibility of a proof of existence Ethereum
contract:
[https://github.com/maran/notareth/blob/master/contract.sol](https://github.com/maran/notareth/blob/master/contract.sol)

~~~
TD-Linux
To be clear, you're comparing this to the Bitcoin script used by this website?

    
    
       OP_RETURN <hash of document>

~~~
wslh
That is not the only part of the story and probably you know this and you are
hiding it to the general audience that doesn't know about Bitcoin internals.

You don't have a global getter on bitcoin transactions to get the hash of
every document, so querying all the documents persisted on the Bitcoin
blockchain you should build a database outside the Bitcoin blockchain to
obtain them.

And don't forget the strict buffer limitations in the OP_RETURN that makes
difficult to add more data and require to span the buffer within multiple
transactions.

------
aminok
Bitcoin was originally described as a "peer-to-peer distributed timestamp
server"[1] so this is an ideal use case.

1\. [https://bitcoin.org/bitcoin.pdf](https://bitcoin.org/bitcoin.pdf)

------
gwern
Similar is OriginStamp
[http://www.originstamp.org/](http://www.originstamp.org/) which is free; it
does this by batching up a day of hashes into a single master hash which is
then timestamped by Bitcoin.

I've written up some shell and Git scripts you can use to very easily
timestamp stuff:
[http://www.gwern.net/Timestamping](http://www.gwern.net/Timestamping)
Timestamping has come in handy for me in the past; you rarely need a
cryptographically strong timestamp but when you do, it's important.

~~~
exabrial
Nice! I'm bookmarking this

------
nickpsecurity
ryan-c beat me to it. Trusted time-stamping is probably better given there's
reputable businesses that have existed for a long time and probably court
precedents for their models. Their model is also _way_ more efficient than
Bitcoin as alternatives often are. Link here:

[https://en.wikipedia.org/wiki/Trusted_timestamping](https://en.wikipedia.org/wiki/Trusted_timestamping)

Here's a few companies specializing in it with various tradeoffs:

[http://www.surety.com/digital-copyright-protection/prove-
own...](http://www.surety.com/digital-copyright-protection/prove-
ownership.aspx)

[http://www.proofspace.com/timestamping/](http://www.proofspace.com/timestamping/)

[https://www.digistamp.com/](https://www.digistamp.com/)

Here's a paper on fast, decentralized security via witnesses that has
timestamping at 120,000 requests a second with 4,000 witnesses:

[http://arxiv.org/pdf/1503.08768.pdf](http://arxiv.org/pdf/1503.08768.pdf)

~~~
Natanael_L
Until those companies tanks. Hopefully it wouldn't happen too fast, but the
blockchain isn't dependent on a gatekeeper.

~~~
retube
> but the blockchain isn't dependent on a gatekeeper

Apart from a tiny group of devs and mining pools engaged in non-stop bickering
and infighting

~~~
nickpsecurity
Whereas the companies I mentioned are about and currently practice long-term
stability to provide a return on their investment. The infrastructure they
need is also already built. So, their main incentive is to keep letting the
money flow in doing something useful.

Whereas, with issues you cited, I have no clue what the status or goals of
Bitcoin will be in even 5 years.

------
ikeboy
Previously:
[https://news.ycombinator.com/item?id=6819367](https://news.ycombinator.com/item?id=6819367)
[https://news.ycombinator.com/item?id=6809929](https://news.ycombinator.com/item?id=6809929)

------
cmrx64
Neat. Trusted timestamping (which this provides) is a useful primitive.

~~~
Bartweiss
It's actually surprising to me that there isn't already some established
service for doing this. Situationally useful, but still a pretty cool way to
handle things like dating a trade secret without revealing it.

~~~
ryan-c
There actually are several time stamping services based on RFC 3161 - many CAs
offer this service, and Microsoft uses it as part of driver signing.

[https://en.wikipedia.org/wiki/Trusted_timestamping](https://en.wikipedia.org/wiki/Trusted_timestamping)

------
woodcut
They should have called this Satoshi As A Service (SAAS)

~~~
btcprint
You win the internets today.

------
somecoder
I feel like I used this years ago...

Oh, I did.
[https://news.ycombinator.com/item?id=6809929](https://news.ycombinator.com/item?id=6809929)

------
arnarbi
So do I understand right that whoever hosts this service is paying 0.0001 BTC
(4 US cents) for each document as the transaction fee?

~~~
throwanem
Nope. You have to pay .005 BTC to register a document.

~~~
arnarbi
Oh, I see. Seems .0049 goes to the maintainers then.

[https://www.blocktrail.com/BTC/tx/521f89f9f6980e57c7f3de6072...](https://www.blocktrail.com/BTC/tx/521f89f9f6980e57c7f3de60728080a245f62214cf5e69778a0fde36cedba487)

------
overcast
I like this. Would have been amazing if this existed before the social
explosion of the web. Where everyone is constantly stealing everyone elses
work.

------
bobwaycott
Let me see if I'm thinking on the right track about potential applications
here.

First thing I thought of was proactive defense against someone patenting an
idea by proving your prior art without necessarily divulging the information
(or divulging it, while proving its chronologically prior existence).

After that, my mind jumped to media, such as the ability to be provably
certain a given piece of media hasn't been altered after the fact (docs,
images, contracts, video, audio, etc.), and that it provably existed when a
party claims it did.

A bit on the nefarious side, I thought of being able to prove the existence of
certain media a party wishes to use for blackmail or some other purpose.

Maybe applicable to the HN/YC crowd—especially given a certain case that
recently made news here about a YC alum—a means of proving the existence of,
say, founder agreements when establishing a company, so that protracted legal
disputes over ownership could be aided and possibly shortened by irrefutable
proof those agreements existed at a particular point in time.

Disclaimer: not a Bitcoin user, and know practically nothing substantial about
it.

------
scottcanoni
Was I really the first to upload a TXT file that only had the words "hello
world"?

[https://proofofexistence.com/detail/b94d27b9934d3e08a52e52d7...](https://proofofexistence.com/detail/b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9)

I was expecting to see someone else's document that had that text.

~~~
xchaotic
I suspect they are salting and using timestamp so that two similar documents
don't get the same hash?

------
Lxr
This is really cool. I wonder if this would hold up in court in copyright or
patent related disputes.

~~~
chrisseaton
I think that old mail-it-to-yourself trick was a myth, so probably not.

~~~
striking
[http://www.snopes.com/legal/postmark.asp](http://www.snopes.com/legal/postmark.asp)

Tl;dr: myth.

------
Noctem
I've seen people post SHA-1s on Twitter for things (like proof of an iOS
jailbreak) that they aren't ready to release yet. I suppose this is a more
reliable method for that.

~~~
chungy
It only takes one person at Twitter the corporation to edit their tweet
database and change the sha1. The Bitcoin blockchain is nearly impossible to
tamper.

------
angilly
I let out an audible "wow" when I read the about page. So freaking cool. The
implications and uses for this are incredible.

------
foobarbecue
I wonder what Descartes would say to this.

------
brighton36
Why is this better than archive.org?

~~~
ikeboy
It's computationally difficult for anyone to forge it. While the operators of
archive.org could easily forge an old timestamp.

~~~
hybridsole
Computationally difficult is a bit of an understatement. It is not possible to
alter the bitcoin blockchain once a block is added and confirmed. With
limitless resources, you could perform a withholding attack to modify the most
recent half-hour to one hour's worth of transactions, but that would take tens
of millions of dollars in hardware and only be temporarily successful.

~~~
ikeboy
You could go back in time indefinitely with unlimited resources. Would require
a big reorg, but still possible.

~~~
avar
For the purposes of proving that a document exists no, you really couldn't go
back in time, if this were to happen it would be a monumental time for
bitcoin, and the old blockchain would be well known & referenced.

So for the purposes of proving that you wrote that document it really doesn't
matter if that were to happen.

~~~
ikeboy
Depends who you're proving it to; if you can isolate them, it still works.

------
mungoid
Kinda cool, but how is this any better than just gpg signing? Is it because
you could fake a timestamp with gpg but not with this?

~~~
ryan-c
Right, the GPG timestamp is trivial to fake. There is also RFC 3151 timestamp
protocol, but it uses a trusted third party rather than distributed trust.

~~~
jj-abram
Is this Bitcoin time stamping thing the only alternative, or are there other
ways to securely time stamp a document?

~~~
ryan-c
Depends whether you are willing to consider a solution relying on a trusted
third party "secure".

