orphograph

How to verify an Orphograph receipt

From "click one button" to "verify it against the Bitcoin blockchain on your own laptop, with our servers turned off." Pick the level of paranoia that fits the situation.

Skip to: What you got Three ways to verify Follow it to the chain Why this is trustworthy Glossary FAQ

What you actually got when you anchored a file

When you dropped a file on Orphograph, three things happened — and only one of them involved us:

  1. Your browser hashed the file. It produced a 64-character SHA-256 fingerprint (and a longer SHA-512 sibling). The file bytes never left your machine. Only the fingerprint did.
  2. The fingerprint was submitted to five independent OpenTimestamps calendars. These are independent public servers that collect hashes from many people, batch them into a single Merkle tree, and roughly once per hour commit the root of that tree to a real Bitcoin transaction.
  3. You received a receipt — a short ID like o3WGD22T4UwqfCrb plus five small .ots proof files (one from each calendar). The receipt is the portable evidence. The .ots files are what actually let you verify against Bitcoin without us.
The important sentence. Orphograph did not write to a blockchain. Orphograph submitted your hash to OpenTimestamps. OpenTimestamps wrote to Bitcoin. The receipt you hold tells Bitcoin's chain — through a chain of math — that your file existed before a specific block was mined.

Three ways to verify, in order of trust

Level 1 · One click

Open your receipt page

Every receipt has a public URL. If your receipt ID is o3WGD22T4UwqfCrb, the page is: 

https://orphograph.com/r/o3WGD22T4UwqfCrb

What the page shows you:

  • The SHA-256 (and SHA-512) hash that was anchored
  • How many of the five calendars confirmed it (e.g. 5/5 OK)
  • The exact moment BTC pinned at — populated automatically once your hash makes it into a Bitcoin block (usually within an hour)
  • A re-hash widget: drop the original file on the page, your browser re-computes the SHA-256, and the page reports ✓ match or ✗ mismatch
  • Download links for all five .ots proof files

Level 1 trusts Orphograph to show you the truth. That's fine for most use cases — but if you ever need stronger evidence, Levels 2 and 3 don't need us at all.

Level 2 · Open-source verifier (no account, no server)

Run our verifier locally

We publish a small open-source tool that does everything our server does, on your computer. It hashes the file, reads the .ots files, talks to the OpenTimestamps calendars, and tells you whether the chain of evidence is intact.

1

Get the verifier.

curl -O https://orphograph.com/verify/orphograph-verify-0.1.tar.gz
tar xzf orphograph-verify-0.1.tar.gz
2

Download the receipt bundle — from your receipt page, click "Download receipt + proofs (.zip)". This is a small archive containing the receipt JSON plus the five .ots files.

3

Run the verifier against the original file plus the receipt:

./verify.sh my-original-file.jpg receipt-o3WGD22T4UwqfCrb.zip

Output looks like:

[ok] SHA-256 matches receipt
[ok] 5 / 5 calendar proofs valid
[ok] earliest Bitcoin block: 824,193  (2026-05-16 17:42 UTC)
PASS

Level 2 trusts the open-source code (you can read it) and the OpenTimestamps calendars (public infrastructure). It does not trust Orphograph's servers — they could be turned off and this still works.

Level 3 · Trustless · Verify against the Bitcoin blockchain directly

Use the standard OpenTimestamps client

This is the path you take if you ever need to defend the timestamp in front of someone who doesn't trust Orphograph or OpenTimestamps. It uses only the official OpenTimestamps reference client and (optionally) your own Bitcoin node.

1

Install the OpenTimestamps client (one-time setup, ~30 seconds):

pip install opentimestamps-client

This is software maintained by the OpenTimestamps project — no Orphograph code involved.

2

Download any one of the five .ots proof files from your receipt page. Any one is sufficient; the five exist for redundancy.

3

Verify the file against the proof:

ots verify my-original-file.jpg.ots

If the proof has already been pinned to Bitcoin (~1 hour after anchoring), you'll see something like:

Assuming target filename is 'my-original-file.jpg'
Success! Bitcoin block 824193 attests existence as of 2026-05-16 17:42:11 UTC
4

(Optional, fully trustless mode) Verify against your own Bitcoin node instead of a public block explorer:

ots --bitcoin-node http://user:[email protected]:8332 verify my-original-file.jpg.ots

At this point, you are verifying your timestamp against a copy of the Bitcoin blockchain you downloaded yourself, with no third party in the loop. This is the strongest evidence proof-of-existence can produce.

Level 3 trusts only Bitcoin's consensus and the OpenTimestamps reference code (audited, open source, in production since 2016). Orphograph could disappear tomorrow and this path still works for every receipt we ever issued.

How to follow your timestamp all the way into the Bitcoin chain

Once an Orphograph receipt is block-pinned, you can walk the evidence chain by hand:

  1. Run ots info my-file.ots on any one of your .ots files. The output prints the Bitcoin block height the proof commits to (e.g. block 824193) and the transaction ID of the calendar's commitment transaction.
  2. Open a public Bitcoin block explorer — for example mempool.space or blockstream.info — and paste in that block height or transaction ID.
  3. You will see the real Bitcoin transaction, with a real fee paid by the calendar operator, mined into a real block at a real time. That block's existence is what your timestamp commits to.
  4. The Merkle path inside your .ots file is what links your specific file's hash to the root of that block's transaction. ots verify walks that path automatically; if you want to do it manually, the OpenTimestamps client source is the reference implementation.
Plain-English version: Your .ots file is a recipe. The recipe says "take this hash, do this hashing sequence, and you'll get a number that appears inside Bitcoin block #824,193." Anyone with the original file and a copy of the Bitcoin chain can run the recipe and check.

Why this evidence is trustworthy

  • Bitcoin's chain has not been reorganized beyond ~6 blocks in 16 years. A block from an hour ago is, for any practical purpose, immutable.
  • OpenTimestamps has been in production since 2016 and aggregates hashes from many independent users into the same Bitcoin commitments. Your hash is part of the same merkle root as thousands of other people's hashes — if the proof for one is good, it's good for all of them.
  • The math is verifiable offline. Once you have the .ots file and a Bitcoin block header (87 bytes), no network is required to verify the timestamp.
  • The five-calendar redundancy means that even if four of the five calendar operators vanish, the fifth's .ots file still verifies. Orphograph's role is just to make the original submission easy.

If you want to go deeper

Glossary

SHA-256
A one-way function. Feed in any file, get out a 64-character fingerprint. Change one byte of the file and the fingerprint becomes unrecognizable. Two different files cannot, in practice, produce the same fingerprint.
Hash
The fingerprint produced by SHA-256 (or SHA-512). The thing that gets timestamped — never the file itself.
OpenTimestamps (OTS)
An open standard and reference client for timestamping any data by anchoring its hash into the Bitcoin blockchain. Created in 2016. Independent of Orphograph.
Calendar
A public server that batches incoming hashes into a Merkle tree and commits the root to Bitcoin roughly once an hour. There are five calendars run by independent operators; Orphograph submits to all five for redundancy.
.ots file
A small (~1–2 KB) binary file containing the Merkle path from your hash up to a known Bitcoin transaction. It is the portable proof — keep it next to your original file forever.
Block-pinned
The state where the calendar's Bitcoin transaction has been mined into a block. Until that happens (usually within an hour), the receipt status reads "pending."
Receipt ID
The short, URL-safe identifier (e.g. o3WGD22T4UwqfCrb) for one anchoring event on Orphograph. Bookmarkable; resolves to a public receipt page.

Quick FAQ

Does anyone see my file? No. Your browser hashes it locally; only the hash is submitted.

What if Orphograph shuts down? Receipts still verify. Run the OpenTimestamps client (Level 3) against the .ots files you downloaded — Bitcoin is the source of truth, not us.

How long does Bitcoin confirmation take? The calendar batches submit to Bitcoin roughly once an hour. After the transaction is mined and gets a few confirmations, your receipt's status flips from "pending" to "confirmed."

Can I prove the file existed after a certain date? No. A timestamp only proves "this existed by no later than block N." It cannot prove "this did not exist before block N." If you need that direction, the standard answer is "anchor the file at the moment you want to prove its earliest existence, and never sit on it."

Is this the same as an NFT? No. An NFT records ownership of a token. Orphograph records the existence of a file's exact bytes at a point in time. Full comparison →

What if a court asks? The OpenTimestamps protocol has been cited in academic and legal contexts since 2017. The Level 3 verification path produces an audit trail that any cryptography expert can independently confirm.

Have a receipt? Verify it now.

Drop your file and paste the receipt ID — the page re-hashes locally in your browser and tells you if it matches.

Open the verifier