A few days ago, I asked myself a question: Is there any way to prove that you are the author of a digital document, and that you wrote it at a certain time, without relying on trusted third parties?
After thinking it through, I realized that a perfect solution doesn’t exist.
The real challenge is to find the approach that gets us closest to it.
First of all, you can’t strictly bind a document to yourself. You can digitally sign it, or take any number of technical measures, but in practice, anyone could do the same. A signature only proves that you signed it, not necessarily that you wrote it. (Maybe there’s a way to bind a document to a person more directly?)
Historically, humans have solved this problem by agreement: the first person to publish a work under their name is assumed to be the author. That’s essentially how intellectual property registries work.
So, the first person who publishes and digitally signs a document (with a private key tied to a public identity) is considered the author.
Great!! Problem solved, right? Actually, not so fast.
Now the question is: without a trustd third party, how do we determine who published first?
Here are some possible approaches:
Timestamp at creation – Attach a timestamp to the document in a way that can only be generated at the moment of creation.
Proof-of-Work (PoW) – For example: PoW = dSHA256[hashDocument | pubkey | Time&Date | Nonce]. The more leading zeros in the resulting hash, the more energy was spent, and the less incentive others have to try to “out-author” you.
Distributed database (like Seed) – The first person to publish and sign a document is recognized as the author by the network participants. The document should include a date and time, and peers only accept it if it matches closely with their local clock. If most participants are honest, late publications of the same document can be rejected or considered as a document version published by other author.
Immutable distributed ledger (Bitcoin) – Publish the document itself (or more efficiently, its hash) along with your public key in the timechain. Since Bitcoin is an append-only, time-ordered ledger secured by consensus and incentives, it provides a permanent, verifiable timestamp.
Of course, each method has issues:
Solution 1: How do we generate such a timestamp?
Solution 2: A well-funded adversary could generate stronger PoW and claim authorship of many documents. Also, it only proves publication time, not creation time.
Solution 3: Requires honest majority. What are the incentives for participants to behave honestly? Also, it only proves publication time, not creation time.
Solution 4: This is the most robust solution, but even here, we must assume that the first publisher is the true author. Also, it only proves publication time, not creation time.
What do you think? Let’s discuss.