OpenTimestamps for photographers, explained

OpenTimestamps is a free, open protocol invented in 2016 by Peter Todd. It lets anyone bind an arbitrary file's contents to a specific Bitcoin block without paying a per-file fee. It's the cryptographic engine underneath Orphograph and underneath several other timestamping services. Understanding what it does — and what it doesn't do — is worth ten minutes for any photographer thinking about long-term provenance.

The protocol in three sentences

You hash your file with SHA-256. You hand the hash to a public calendar server. The calendar bundles your hash with thousands of others into a Merkle tree and writes the root of that tree to the Bitcoin blockchain. That's it.

What you get back

The calendar gives you a small binary file with the extension .ots. It contains:

• Your original SHA-256 hash.
• The Merkle path — a list of sibling hashes that proves your hash is a leaf in the tree whose root went into Bitcoin.
• A reference to the Bitcoin transaction that committed the root.

The .ots file is tiny — a few hundred bytes — and you should treat it the way you treat the receipt for an expensive lens: back it up, store it next to the file it certifies, and don't lose it. Without it, you can't prove anything.

Why five calendars instead of one

The OpenTimestamps protocol allows submission to multiple independent calendars. Orphograph uses five — a.pool.opentimestamps.org, b.pool.opentimestamps.org, alice.btc.calendar.opentimestamps.org, finney.calendar.eternitywall.com, and btc.catallaxy.com. Each is operated by a different party. You only need one to keep serving the upgrade path; the redundancy protects you against any single operator vanishing.

Calendar-attested vs. block-attested

When you first anchor, your receipt is "calendar-attested" — a signed promise from the calendar that your hash will land in a future Bitcoin block. Within roughly an hour, the calendar's batch transaction is mined, and your receipt upgrades to "block-attested" — the proof now references a real Bitcoin block height and the calendar drops out of the trust path entirely. Orphograph fetches the upgraded proof for you and stores it.

For most uses, the difference doesn't matter — both states are cryptographically meaningful. For litigation-grade defense, you'd wait for full block-attestation. For day-to-day "I just delivered this to a client," the calendar attestation is plenty.

What OpenTimestamps doesn't do

It doesn't sign your identity. It doesn't read EXIF. It doesn't prevent someone from anchoring a file they didn't author — the proof only attests that some file with these exact bytes existed by this moment. To bind a file to you, you anchor early (before any dispute), keep your originals (so the hash is reproducible), and consider pairing the anchor with a publication step — a tweet, an email, anything that ties your name to the work before anyone else could.

The CLI alternative

If you're comfortable with a terminal, you can use the official opentimestamps-client Python package directly for free, forever. Orphograph exists for the photographers who'd rather drag and drop. Both produce the same cryptographic artifact; the cryptography is identical. What Orphograph adds is a hosted UI, an emailed receipt, a sample-receipt verifier, and an open-source standalone verifier you can keep on a USB stick.

FAQ