OpenTimestamps notes

From Reboil

This page contents notes for using OpenTimestamps.

Stats

Usage

Misc notes

If the ots-git-gpg-wrapper.sh git wrapper script is installed[1], the script may be modified to add several more options such as --bitcoin-node "$jsonrpc_url" (to allow verification against a local Bitcoin node via JSON RPC) or --wait (don't let Git exit until a fully upgraded timestamp is received from a calendar server for insertion into the commit; may take 8 - 12 hours). Configuring Git to call ots-git-gpg-wrapper.sh may be done via: 

$ git config --global gpg.program <path to ots-git-gpg-wrapper.sh>
$ git config --global -e  # verify change

Once ots-git-gpg-wrapper.sh is specified in the Git global configuration, this command will attempt to verify ots timestamps in commits: 

$ git log

Regarding the --wait option, since ots may wait many hours for a timestamp to be confirmed, Baltakatei recommends creating a ots-git-gpg-wrapper-wait.sh variant (saved in $HOME/.local/share/ots/ots-git-gpg-wrapper-wait.sh) to contain the --wait option passed to ots-git-gpg-wrapper and called in a one-off manner like so: 

$ git -c gpg.program=$HOME/.local/share/ots/ots-git-gpg-wrapper-wait.sh commit -S

Baltakatei's experimental versions of ots-git-gpg-wrapper.sh and the --wait variant ots-git-gpg-wrapper-wait.sh for ots v0.7.0 as of 2023-03-13 may be found here:

The modified scripts assume using GNU Coreutils 8.32 and a Debian 10 install or a Debian derivative (e.g. Ubuntu). The scripts select a random single calendar for verifying files. They also require setting up a Bitcoin node on the local network (e.g. at IP address 192.168.86.1) accessible via JSON RPC with login credentials (e.g. from the rpcuser=<username>, rpcpassword=<password>, and rpcport=8332 lines in $HOME/.bitcoin/bitcoin.conf) embedded in a URL saved as the first line in the text file $HOME/.local/share/ots/jsonrpc_url.txt (e.g. http://user:35z8deadbeefhrdeadbeef5rk3@192.168.86.1:8332/).

Further benefit can be found by creating a Bash function named ots and saving it in a sourced[2] file such as $HOME/.bash_aliases; the function may get JSON RPC login credentials to a local bitocin node from jsonrpc_url.txt when performing actions such as verifying files via $ ots v foo.txt.ots. An example Bash function is defined below: 

function ots() {
    ### Version 0.1.2
    ### Ref/Attrib: [1] Command in a variable. https://mywiki.wooledge.org/BashFAQ/050
    local path_btc_jsonrpc_url btc_jsonrpc_url cmd;
    local -a args

    ### Use full path command
    #ots_exe="$(which ots)";
    cmd="$(which ots)";

    ### Form args array
    #### Check if jsonrpc_option file available
    path_btc_jsonrpc_url="$HOME/.local/share/ots/jsonrpc_url.txt";
    if [[ -f "$path_btc_jsonrpc_url" ]]; then
        btc_jsonrpc_url="$(cat "$path_btc_jsonrpc_url" | head -n1)";
        args+=("--bitcoin-node");
        args+=("$btc_jsonrpc_url");
    fi;
    #### Passthrough positional parameters
    for param in "$@"; do
        args+=("$param");
    done;

    ### Execute command with arguments. See [1]
    "$cmd" "${args[@]}"
};
export -f ots;

If the Bitcoin node is unavailable, Git operations may not work correctly, depending on how the wrapper scripts are designed. If this is the case, then remove the custom configurations via commands such as $ git config --global -e.

If successful, a $ git log --show-signature operation of a repository with OpenTimestamp'd commits (e.g. from a repo of my Wikipedia edits) will yield output resembling: 

commit 0fe2a0ccec196168fa77688c929ab302c7ee0726 (HEAD -> master, zdv2/master, gl/master)
ots: Ignoring attestation from calendar https://btc.calendar.catallaxy.com: Calendar not in whitelist
ots: Ignoring attestation from calendar https://alice.btc.calendar.opentimestamps.org: Calendar not in whitelist
ots: Got 1 attestation(s) from https://bob.btc.calendar.opentimestamps.org
ots: Ignoring attestation from calendar https://finney.calendar.eternitywall.com: Calendar not in whitelist
ots: Success! Bitcoin block 780677 attests existence as of 2023-03-13 GMT
ots: Good timestamp
gpg: Signature made Mon 13 Mar 2023 19:21:32 GMT
gpg:                using RSA key 38F96437C83AC88E28B7A95257DA57D9517E6F86
gpg: Good signature from "Steven Sandoval <snip>" [ultimate]
Primary key fingerprint: 3457 A265 922A 1F38 39DB  0264 A0A2 95AB DC34 69C9
     Subkey fingerprint: 38F9 6437 C83A C88E 28B7  A952 57DA 57D9 517E 6F86
Author: Steven Baltakatei Sandoval <snip>
Date:   2023-03-13T19:20:59+00:00

    feat(en:Parenth...ref...):Add DOI for first Harvard-style citation

commit ae83d27a2b13ace6e99eec37642ea702be3ba4d9
ots: Got 1 attestation(s) from cache
ots: Success! Bitcoin block 780672 attests existence as of 2023-03-13 GMT
ots: Good timestamp
gpg: Signature made Mon 13 Mar 2023 19:15:41 GMT
gpg:                using RSA key 38F96437C83AC88E28B7A95257DA57D9517E6F86
gpg: Good signature from "Steven Sandoval <snip>" [ultimate]
Primary key fingerprint: 3457 A265 922A 1F38 39DB  0264 A0A2 95AB DC34 69C9
     Subkey fingerprint: 38F9 6437 C83A C88E 28B7  A952 57DA 57D9 517E 6F86
Author: Steven Baltakatei Sandoval <snip>
Date:   2023-03-13T19:15:32+00:00

    feat(en:Parenthetical_referencing):Add article state


Bash function to tag a git commit with a timestamp

A Bash function to timestamp and tag a specified git commit using the wrapper script variant ots-git-gpg-wrapper-wait.sh saved at $pathOtsWait. The variant should call ots with the --wait option. The result should be a convenient way to quickly tag a git commit.[3] 

pathOtsWait="HOME/.local/share/ots/ots-git-gpg-wrapper-wait.sh"; # adjust me
function git-tag-ots-wait() {
    # Desc: Attempts to tag a specified commit using OpenTimestamps which waits
    #   for a calendar server response.
    # Usage: git-tag-ots-wait [str commit id]
    # Example: $ git-tag-ots-wait deadbeef  # tags commit that has hash starting with "deadbeef"
    # Example: $ git-tag-ots-wait HEAD   # tags whatever commit is at HEAD
    # Note: Tag name is an ISO 8601 date string (i.e. YYYY-mm-dd)
    # Note: Tag content is simply “SignStamping state.”.
    # Version: 0.2.2

    function yell() { echo "$0: $*" >&2; } # print script path and all args to stderr
    function die() { yell "$*"; exit 111; } # same as yell() but non-zero exit status
    function must() { "$@" || die "cannot $*"; } # runs args as command, reports args if command fails
    function main() {
        tagName="$(date +%Y-%m-%d)";
        commitId="$1";

        # Check plumbing
        if [[ $# -ne 1 ]]; then
            die "FATAL:Incorrect arg count:$#"; fi;
        if ! git cat-file -e "$commitId" 2>/dev/random; then
            die "FATAL:Not a git commit:$commitId"; fi;
        if ! git rev-parse --is-inside-work-tree 1>/dev/random 2>&1; then
            die "FATAL:Working directory not a git repo:$(pwd)"; fi;

        # SignStamp commitId via gpg-signed tag
        ## Construct git tag command
        cmdTag+=("must" "git");
        cmdTag+=("-c" "gpg.program=$pathOtsWait");
        cmdTag+=("tag");
        cmdTag+=("--sign" "$tagName");
        cmdTag+=("-m" "SignStamping state.");
        cmdTag+=("$commitId");

        ## Execute git tag command
        if "${cmdTag[@]}"; then
            yell "STATUS:SignStamped $commitId";
        else
            die "FATAL:Failed to SignStamp $commitId";
        fi & yell "Attempting to SignStamp $commitId …";

        ## Display pending jobs
        jobs;
    }; # main program
    ( main "$@" );
};

History

Baltakatei history

See also

External links

References

  1. Todd, Peter. (2016-10-13). “OpenTimestamps Git Integration”. Date accessed: 2023-03-14
  2. Bash Source Command”. (2020-06-06). Linuxize.com. Access date: 2023-03-14. Archived on 2023-01-21.
  3. Baltakatei. (2023-06-02). “function git-tag-ots-wait()”. BK-2020-01-2. Commit:cb921f1
Retrieved from "https://reboil.com/mediawiki/index.php?title=OpenTimestamps_notes&oldid=196615"