Certificate Guide: Understanding Your Timestamp Certificate

What Your Certificate Contains

Every TimeProof timestamp certificate includes these key fields:

File Information

  • File Name: The original file name at time of timestamping
  • SHA-256 Hash: The 64-character hexadecimal fingerprint of your exact file
  • File Size: The file size at time of hashing

The SHA-256 hash is the most important field. It’s the unique identifier that connects your physical file to the blockchain record. If even a single byte of your file changes, the hash will be completely different.

Blockchain Anchor

  • Transaction Hash: The Polygon blockchain transaction ID (starts with 0x)
  • Block Number: The specific block where the transaction was included
  • Block Timestamp: The exact time the block was mined (UTC)
  • Smart Contract Address: The TimeProofAnchor contract address

These fields allow anyone to look up your timestamp on the public blockchain. The transaction hash is a direct link to the proof.

Merkle Proof

  • Merkle Root: The root hash of the Merkle tree stored on-chain
  • Proof Path: The sequence of hashes connecting your file hash to the root
  • Leaf Index: Your file’s position in the Merkle tree

The Merkle proof is what allows your individual file to be verified against the single root hash stored on the blockchain. It’s typically a series of 5-15 hashes, depending on the batch size.

Verification

  • Polygonscan Link: Direct URL to view the transaction on Polygon’s block explorer
  • Verification Instructions: Step-by-step guide to verify independently

Reading Your Certificate

The hash field

SHA-256: e3b0c44298fc1c149afbf4c8996fb924
        27ae41e4649b934ca495991b7852b855

This 64-character string is your file’s unique fingerprint. To verify your file hasn’t changed since timestamping:

  1. Compute the SHA-256 hash of your file using any tool
  2. Compare it character-by-character with the certificate hash
  3. They must match exactly — even a single different character means the file has changed

The transaction field

Transaction: 0x7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d
             3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b

This is your direct reference to the blockchain. You can:

  1. Copy this value
  2. Go to polygonscan.com
  3. Paste it in the search bar
  4. View the full transaction details: when it was submitted, which block it was included in, and the data it contains

The block timestamp

Block Time: 2025-03-15T14:23:47Z (UTC)
Block: #67,543,210

This is the authoritative timestamp — the time determined by the Polygon network’s consensus mechanism. It’s not set by TimeProof, your computer, or any single entity. It’s the consensus of the entire validator network.

Verifying Your Certificate

Quick verification (30 seconds)

  1. Go to TimeProof’s verification page
  2. Drag your original file onto the page
  3. The system re-hashes your file and checks it against the blockchain
  4. Green check = verified

Independent verification (5 minutes)

  1. Re-hash your file:
    • Windows: certutil -hashfile yourfile SHA256
    • Mac/Linux: sha256sum yourfile
  2. Compare the hash to the certificate — must match exactly
  3. Check the blockchain: Open the Polygonscan link from the certificate
  4. Verify the transaction exists and the block timestamp matches

Full cryptographic verification (for experts)

  1. Re-hash the file
  2. Walk the Merkle proof: starting from your hash, combine with each sibling hash in the proof path to compute the root
  3. Compare the computed root against the Merkle root in the blockchain transaction
  4. If they match, the proof is mathematically valid

Presenting Certificates as Evidence

In a business dispute

Include the certificate alongside a brief explanation:

  • “This certificate proves the attached file existed on [date]”
  • “Verification: visit [Polygonscan link] to confirm independently”
  • “The SHA-256 hash matches the file, confirming it hasn’t been modified”

For court use, Legal-Grade certificates are recommended. They include:

  • Identity attestation (who created the timestamp)
  • A verification guide for judges and attorneys
  • Comprehensive evidence packaging

Even standard certificates can be presented with appropriate explanation. The key information to convey:

  1. What the certificate proves (file existence at a specific time)
  2. How to verify it (public blockchain, no trust required)
  3. Why it’s reliable (SHA-256 + immutable blockchain + network consensus)

For compliance audits

Organize certificates chronologically alongside the documents they certify. Auditors should be able to:

  • Match each document to its certificate
  • Verify any certificate independently
  • Confirm the timeline meets compliance requirements

Certificate Storage Best Practices

Always keep certificates with files

Store the certificate in the same directory as the original file. If you move the file, move the certificate too.

Backup both

The certificate is useless without the original file (you need the file to re-hash and verify). The file is less protected without the certificate. Back up both together.

Don’t modify the certificate

The certificate is a reference document with precise values. Don’t edit, reformat, or modify it — doing so could change the data and make verification confusing.

Download promptly

Download your certificate immediately after timestamping and save it locally. While you can re-download from your TimeProof account, having a local copy ensures you’re never dependent on account access.

Test periodically

Every few months, pick a random file and verify its certificate. This confirms:

  • Your files haven’t been accidentally modified
  • Your certificates are intact and accessible
  • You remember the verification process

Use the live product for timestamping and verification.

The company site owns the technical reference. The app handles runtime workflows.

Open App → Read Whitepaper →