v1.2 is a MINOR editorial revision over v1.1,
consolidating clarifications in alignment with the publication of the companion IETF profile
(draft-fassbender-scitt-time-anchor-02). Editorial changes are: addition of CDDL
schema reference (§6.1); clarification of structural inclusion-point semantics, with
explicit treatment of block-based ledgers and the Reference Wall-Clock Projection (§15);
expansion of the verification function companion-note (§4); broadening of the Time (T)
terminology entry to cover both structural and wall-clock forms (§2). No semantic,
cryptographic, or interoperability changes have been made. v1.0- and v1.1-conformant
implementations remain conformant with v1.2 without modification. v1.1 and v1.0 remain
permanently citable at /v1.1/ and
/v1.0/.
Anchoring is defined as an infrastructure primitive built on cryptographic commitments, for establishing existence-at-or-before-T of a byte sequence.
It provides a verifiable commitment to the existence of specific bytes at or prior to a consensus-derived timestamp, without asserting authorship, ownership, identity, or legal status.
This specification formally defines the semantics, verification function, and independence requirements of this primitive.
This introduction is non-normative. Normative requirements begin in Section 1.
This specification defines anchoring as a cryptographic method for establishing existence-at-or-before-T of a byte sequence.
This document normatively defines:
This specification is normative.
Existence refers solely to the presence of a cryptographic commitment to the byte sequence in ledger L at or prior to time T.
No additional claims are implied.
Verification must be defined as:
Output semantics are defined in Section 5.
Note.
In the companion IETF profile (draft-fassbender-scitt-time-anchor),
the verification function is instantiated with descriptive parameter names
for clarity:
V(ArtifactBytes, AnchorProof, AnchorLedger)
where ArtifactBytes corresponds to B,
AnchorProof corresponds to P, and
AnchorLedger corresponds to L, restricted to
ledgers meeting the qualification criteria of the profile
(cf. draft-fassbender-scitt-time-anchor Section 2.5). The
semantics are identical. The short-form notation V(B, P, L)
is retained in this specification as the abstract,
implementation-neutral form. Implementations may
use either notation provided the semantics defined in Section 5 are
preserved.
The IETF profile additionally specifies its normative temporal binding as
the Bitcoin block height containing the OP_RETURN commitment, with
block.time provided as a Reference Wall-Clock Projection for
human readability. This is one valid instantiation of the abstract Time T
defined in §15.
An implementation must return exactly one of the following outputs:
| Output | Condition |
|---|---|
| valid | All required conditions hold: Hash(B) equals the hash stated in P. Ledger inclusion proof is valid under L. Ledger timestamp T is derivable. |
| invalid | At least one required condition fails, including: hash mismatch, invalid ledger proof, or corrupted/malformed proof structure. |
| unverifiable | Verification cannot be completed due to: missing artifact, missing proof data, inaccessible ledger infrastructure, or unsupported ledger type. |
Implementations must evaluate all required conditions prior to returning "valid".
Implementations must not return intermediate, partial, or qualified results outside this set.
A compliant proof bundle must include:
Optional:
Attestation metadata is explicitly non-normative and has no effect on verification outcome under this specification.
A machine-retrievable CDDL (RFC 8610) schema for the Proof Bundle structure is published at:
/v1.2/cddl/anchor-proof-bundle.cddlThe schema is byte-equivalent to the CDDL definitions in §2.4.3 of the companion IETF draft (draft-fassbender-scitt-time-anchor-02). It defines two types: AnchorProofBundle (full logical proof, fields F1-F10) and ProofBundle (minimal verifier input).
A ledger L qualifies if it:
Permissioned or centrally mutable systems do not qualify unless their historical state is independently verifiable without reliance on a single controlling authority.
This specification is ledger-agnostic.
Anchoring does not establish:
Claims beyond existence-at-or-before-T are out of scope.
An implementation must not present anchoring results in a manner that implies any excluded claim.
A compliant anchoring proof must remain verifiable without reliance on the issuing entity.
Verification must not require:
Practical convenience of verification tools does not affect compliance. Verification must be technically achievable without issuer-controlled infrastructure.
This specification defines technical verification semantics only.
It does not create legal rights, obligations, or guarantees.
Legal interpretation of anchoring proofs depends on applicable jurisdiction and independent evaluation.
This specification uses MAJOR.MINOR versioning.
All published versions must remain permanently accessible at their canonical URI.
Current version: v1.2
Canonical URI: https://anchoring-spec.org/v1.2/
Previous versions:
v1.1 (frozen) /v1.1/
v1.0 (frozen) /v1.0/
The Anchoring Specification is a public, versioned technical specification, released into the public domain.
It is currently authored and maintained by the Umarise team. There is no foundation, consortium, or multi-stakeholder governance body. This is a single-maintainer specification.
The specification is open for implementation by any party without restriction. Any party may fork, mirror, or republish it under any terms permitted by the public domain.
Implementations may reference compliance with a specific specification version.
No implementation has normative authority over the specification.
If conflicts arise between an implementation and the specification, the specification prevails.
External co-maintainers and multi-stakeholder governance are welcome and may be adopted if and when adoption warrants it. Until then, governance independence is not claimed. Technical independence (the property that proofs verify without the issuer) is established by Section 9 and is independent of governance.
Anchoring assumes:
Anchoring does not protect against:
Hash functions used in anchoring must:
If a hash function becomes compromised, future versions of this specification may deprecate its use.
This specification permits future versions to introduce alternative cryptographic primitives. Algorithm agility is supported through versioned specification updates.
Time T is defined as the earliest consensus-confirmed inclusion point of the commitment in ledger L.
Anchoring establishes existence-at-or-before-T.
It does not establish exact creation time.
The "inclusion point" referenced above is a structural fact in the ledger's data model. For ledgers structured as a chain of blocks (such as Bitcoin), the inclusion point is the block at which the commitment becomes consensus-fixed; this block is identified by its block height or equivalent canonical position. A wall-clock value associated with that block (such as Bitcoin's block.time or nTime field) may be exposed as a Reference Wall-Clock Projection for human readability, but the normative inclusion point is the block itself, not the wall-clock value.
Implementations of profile specifications (such as the IETF profile in draft-fassbender-scitt-time-anchor) may define their normative temporal binding in terms of the structural inclusion point (e.g., block height) and present any wall-clock projection as informative.
Finalization criteria are ledger-specific and defined by the operational consensus rules of ledger L. This specification does not prescribe a fixed confirmation threshold.
Anchoring does not permit retroactive modification of proof validity once ledger inclusion is finalized.
If a ledger undergoes reorganization prior to finalization, verification status may change from valid to unverifiable.
An implementation claiming compliance must state:
Compliance claims must reference a specific specification version.
An implementation is non-conformant if it:
Long-term verifiability depends on:
Anchoring proofs should be stored in durable, non-proprietary formats.