← Back to Home

TVS CodeStamp v2 — Trust Model & Timestamp Format Specification

🔐 Format Structure

<ISO-8601 timestamp>.<HMAC-SHA256 signature>

Example:
2025-04-20T10:43:28.247634+00:00.9db761a6204b50bb38cfaaac1c6405fa05a1094d1559e69c6ce8c0a5471c3787

🧬 Signature Algorithm

HMAC_SHA256(key=daily_secret, message=(file_hash + timestamp))

• file_hash — SHA-256 digest (user input)
• timestamp — server UTC timestamp (ISO format)
• daily_secret — derived from BASE_KEY + UTC date (never reused)

📈 How It Works

flowchart TD
  User[User sends file hash] --> TVS[TVS Server]
  TVS --> Time[Fetch secure UTC time]
  Time --> Stamp[Generate timestamp + HMAC]
  Stamp --> Combine[Create CodeStamp]
  Combine --> Result[Return to user or CLI]

⚙️ Verification

Anyone can re-generate the signature locally using the public daily key:

1. Split CodeStamp into timestamp + signature
2. Recreate HMAC using (hash + timestamp)
3. Compare with provided signature

🔁 Trust Model

• No blockchain
• No private keys
• Daily secret changes every 24h
• All timestamps are human-readable
• Verification requires only the daily key (not TVS server)

💻 CLI Usage

Local or Offline:

python tvs_cli.py <sha256-hash>
python tvs_cli.py <hash> --datetime 2025-04-20T10:00:00Z
python tvs_cli.py <hash> --offline keys/2025-04-20.json

Remote Signing via API:

python tvs_cli.py <sha256-hash> --remote
python tvs_cli.py <sha256-hash> --remote --publish

Returns:

• ✅ ISO timestamp
• ✅ Signature (CodeStamp)
• ✅ Certificate ID (TVS-TSP-...)
• ✅ Public verify URL

📊 Comparison

Feature	TVS	TSA	OTS	Blockchain
Human-readable	✅	❌	❌	✅
Offline verification	✅	❌	✅	❌
No PKI needed	✅	❌	✅	✅
Cert PDF available	✅	✅	❌	❌
Free to use	✅	❌	✅	❌

📡 API Integration

POST /api/stamp/
{
  "hash": "b1946ac92492d2347c6235b4d2611184",
  "publish_hash": true
}

Returns: JSON with signature, timestamp, cert_id, and verify URL.

📜 Licensing & Contact

TVS CodeStamp v2 is maintained by the TimeVaultSecure project.