# Timestamping Overview

The generation of a tamper-proof timestamp takes place in several phases.

First, the SHA-256 hash of the file that is submitted for timestamping is calculated by you, inside the browser or by using the OriginStamp Dashboard.

OriginStamp only submits this cryptographic hash of a file for mainly two reasons: As a file that is submitted to OriginStamp can contain confidential information, it is mandatory that the confidentiality of the submitted file is not compromised.

The SHA-256 hash function is beneficial regarding this requirement, since it is a mathematical one-way function. From a given hash, however, it is due to high computational complexity infeasible to determine a matching input file. As a result, the fingerprint of a file does not grow with the size of that file. This allows to generate efficient timestamps even for very large files.

After the hash of a file, i.e. its fingerprint, has been created, it must be embedded in the blockchain. Each hash that should be embedded in the blockchain would naively require a single transaction. Thus, the total hash submission cost would rise linearly with the number of timestamps as explained below. Furthermore, it would artificially increase the load on the network (e.g. Bitcoin) and potentially block other transactions.

To avoid most of this load and to reduce the total cost to be linear with time, the OriginStamp system combines all hashes that are submitted within a fixed period to form a single submission.

Triggered by a scheduler, all hashes that were submitted in such a period and additionally are not yet timestamped are collected and sorted in lexicographical ascending order.

These hashes are used to build a balanced Merkle Tree (opens new window). This has the advantage over seed files that only a small section is required for verification. The root of the tree (formerly seed hash) is embedded in a blockchain using a transaction. Importantly, any changes to the proof also alters the root hash of the Merkle Tree.

To perform the actual submission, the root hash is directly and without any further modifications embedded into a blockchain.