← Back to Home

TVS CodeStamp v2 — Trust Model & Timestamp Format Specification

Introduction: TimeVaultSecure (TVS) is a decentralized cryptographic timestamping protocol that allows anyone to generate and verify trusted timestamps independently — without reliance on centralized servers, private key authorities or blockchain mining.

TVS CodeStamp v2 is the second-generation version of our public signature format — built to be self-verifiable, minimal, open-source and ready for long-term preservation.

🔐 Format Structure

<ISO-8601 timestamp>.<HMAC-SHA256 signature>

Example:
2025-04-20T10:43:28.247634+00:00.9db761a6204b50bb38cfaaac1c6405fa05a1094d1559e69c6ce8c0a5471c3787

🧬 Cryptographic Algorithm

HMAC_SHA256(key=daily_key, message=(file_hash + timestamp))

file_hash — SHA-256 hash of the file (user provided)
timestamp — ISO8601-encoded UTC datetime (from secure server time)
daily_key — SHA-256(BASE_KEY + date) → generated daily at 09:00 UTC

🏗️ Infrastructure Diagram

flowchart TD
  U[User provides file hash] --> A
  A[TVS fetches secure UTC time] --> B
  B[Generate timestamp in ISO format] --> C
  C[Compute HMAC using file_hash + timestamp] --> D[Combine into CodeStamp]
  D --> E[Return timestamp.signature]

🧪 Verification Logic

# 1. Extract timestamp & signature
# 2. Recompute HMAC(file_hash + timestamp)
# 3. Compare with provided signature

def verify_tvs_codestamp_v2(file_hash, codestamp):
    timestamp, signature = codestamp.rsplit('.', 1)
    dt = datetime.fromisoformat(timestamp)
    daily_key = get_daily_key(dt.date())
    expected = hmac.new(daily_key.encode(), (file_hash + timestamp).encode(), hashlib.sha256).hexdigest()
    return signature == expected

🔁 Trust Workflow

TVS generates a daily public key based on UTC date and internal secret.
User creates SHA-256 hash of a file.
TVS timestamps the hash and signs it with HMAC.
TVS returns a timestamp.signature string (CodeStamp).
Anyone can verify the CodeStamp offline with just the file hash and daily key.

🔌 Integration Scenarios

Used in DevOps pipelines
Linked with open scientific datasets
Included in legal archives
Embedded in source code or documents

📊 Comparison Table — TVS vs TSA, OTS, Blockchain

Feature	TVS	TSA	OTS	Blockchain
Readable	✅	❌	❌	✅
Offline Verification	✅	❌	✅	❌
Based on PKI	❌	✅	❌	❌
Precision	✅	✅	❌	❌
Certificate Option	✅	✅	❌	❌
Free to Use	✅	❌	✅	❌

💻 CLI Example

python tvs_cli.py <sha256-hash> --datetime 2025-04-20T10:00:00Z
python tvs_cli.py <hash> --offline keys/2025-04-20.json

📜 Licensing & Contact

TVS CodeStamp v2 is an open-source specification maintained by the TimeVaultSecure project. Contributions and community feedback are welcome.

🌐 https://timevaultsecure.com
📧 contact@timevaultsecure.com

Tools & Resources:

Verify Signature Generate Timestamp Whitepaper About TVS Public Registry GitHub Repo