Skip to main content

Seal

info

This feature needs a Pro plan subscription.

Seal is a verifiable timestamp mechanism for cryptographically proving that a note is created before a specific time. The seal proof for a new note is generated in 12 hours after creation, and you can download it through the "Seal" entry in the note menu.

seal ui

Verifying proofs

Proofs generated by Seal can be verified with the sealcheck tool.

$ ./sealcheck validate ./seal_proof.json
SealCheck: ./seal_proof.json
Validation OK. Certificate issued at 2022-06-01 01:12:23 +0000 UTC.

How Seal works

Seal works by periodically rolling up Planet's event log into a Merkle tree and submitting the root of the tree to the Certificate Transparency public ledger by requesting a certificate for the domain name [root-hash].production.planet-seal.net. The architecture is illustrated below.

seal architecture

The structure of a proof

The following is an example proof. The proof is valid - try checking it using sealcheck!

{
"logValue": "{\"ts\":1653871071342,\"data\":{\"type\":\"create_note\",\"user\":\"zhy\",\"id\":\"2022-05-30-7e169a5dfddc\",\"origin\":{\"type\":\"web\"},\"note\":{\"realTs\":1653871071342,\"content\":\"https://ubuntustudio.org/ #shortcut\",\"private\":true,\"forwardLinks\":[]}}}",
"rootHash": "vZBB2DFg8SS0LCu/CkDqPzYYnRXTPPQHvOuhFkYAats=",
"domain": "xwiedwbrmdysjnbmfo7quqhkh43brhiv2m6pib545oqrmrqanlnq.production.planet-seal.net",
"proof": [
"AElz0vb1S8vdJo2QVOryxRaOutuUw3oFprF55UAjvw0S",
"AeVdFN83O0QW43DqkHNreLNiZ6CgTvEi6kNtYGn0zxAh",
"AD5A9aCfc83IoOc96BIEiQwgE1NQGd/GBdAEpyxjlMkX",
"ABsLhSl5zWfscabxEjympsASlerDD3Dsbx8WTU2Grnwi",
"AIFRX7NhUcBniuu96XAA/zAACxSVejBEmDkXiNAWP1mZ",
"AKuostHnzK0jQWplkXgEFGQ+J0+mzwmOyVRplXQfydmt",
"Ac7mgWiVLpN6bNN9GrRRgQKRM5qTKfQcNd1A5CU6fmVY",
"Ab5q+HSS7DtMXxGeu9+IBvQ6ZBThOtKHRjS/bo33cxNf",
"AIGtmYM9SzsmKhScFllg4zBzK4jOrr7uiLfzud7Q9CPr"
]
}

Field semantics:

  • logValue: The content of the event log entry.
  • rootHash: Base64-encoded root hash of the Merkle tree.
  • domain: The domain for which a TLS certificate has been issued and logged to CT. The first segment of the domain is the base32-encoded root hash of the Merkle tree.
  • proof: Base64-encoded Merkle tree inclusion proof. Each entry is 33-byte long:
    • Byte 0: 0 if this node is the left child of its parent, 1 otherwise.
    • Byte 1-32: The hash value of the sibling node.

Plausible deniability

We want to ensure that seal proofs are purely voluntary. While a seal proof does prove the timestamp property, a third party shouldn't assume that if you have written something, you will be able to present a proof for it.

To achieve this, we only provide automatic proof retrieval for the current version of a note. Proofs for deleted notes and older versions of existing notes are not accessible.

Meanwhile, if there is a reason and you need to request the proof for a historic version, please send us an email at [email protected].