Verification
How to verify a record
Every claim below is checked with open, generic tools — a Python interpreter
and the ots command — against math and the Bitcoin blockchain.
None of it requires this site, or its operator, to still exist.
What a record claims
Each registration claims exactly three things:
- A card with a given serial was registered at a given timestamp (UTC, millisecond precision).
- If a note was attached and marked public, it's included verbatim. Otherwise only its SHA-256 hash is — enough to confirm a note you already know, never enough to recover an unknown one.
- A leaf hash, a fixed function of (serial, timestamp, note), is included in a Merkle tree whose root is timestamped on the Bitcoin blockchain via OpenTimestamps.
Nothing here proves who registered a card — only that a registration with these exact contents existed no later than the confirmed Bitcoin block time.
Verify a specific card
Look up a card's serial at /verify/<serial> to see its actual leaf hash, Merkle path, and
anchor status inline, with copy-pasteable commands substituted with real values.
Recompute a leaf hash
python3 -c "
import hashlib
serial = 'TR-0000' # from the record
registered_at = '2026-07-13T05:20:00.000Z' # from the record
note = '' # the note, or '' if private/absent
inner = hashlib.sha256(note.encode()).digest()
print(hashlib.sha256(serial.encode() + registered_at.encode() + inner).hexdigest())
"
Verify a Merkle path
import hashlib
def verify_merkle_path(leaf_hex, path, root_hex):
h = bytes.fromhex(leaf_hex)
for step in path:
sib = bytes.fromhex(step["hash"])
h = hashlib.sha256(sib + h).digest() if step["side"] == "left" \
else hashlib.sha256(h + sib).digest()
return h.hex() == root_hex
Verify the Bitcoin anchor
pip install opentimestamps-client
ots verify root.bin.ots -f root.bin
Verify the signed dump
/api/log serves every record as a single JSON dump, signed with an Ed25519 key
(/api/log/pubkey). Any standard Ed25519 implementation — cryptography,
PyNaCl, minisign, age, OpenSSL 3.0+ — verifies the same signature.
What the operator can't forge
Once an anchor is Bitcoin-confirmed, no one — including us — can back-date it, alter its contents undetectably, or present a differently-signed dump without it being obvious. What we can do: delay anchoring, or fail to keep a record online. That's why the signed dump exists — mirror it anywhere you like, and it stays verifiable without us.