How to Verify a Timestamp
Why Verification Matters
The entire value of a blockchain timestamp depends on verifiability. If no one can independently confirm the proof, it’s no better than a regular file date. TimeProof timestamps are designed so that anyone — a judge, a lawyer, a business partner, or you — can verify them at any time without trusting TimeProof.
Three Levels of Verification
Verification can be performed at increasing levels of independence:
| Level | Method | Trust Required |
|---|---|---|
| Quick | TimeProof verification page | Trust TimeProof’s interface |
| Standard | Polygonscan lookup | Trust Polygonscan (public explorer) |
| Full | Manual hash + Merkle proof + on-chain query | Trust only math and the Polygon blockchain |
All three levels confirm the same underlying proof. The difference is how much you do yourself versus relying on TimeProof’s tools.
Quick Verification (TimeProof Page)
The fastest way to verify any timestamp:
- Navigate to app.timeprooflabs.com/verify
- Drag your file onto the upload area (it’s hashed in your browser — not uploaded)
- The system computes the SHA-256 hash and checks it against blockchain records
- If found, the page displays: timestamp date, transaction hash, block number, and verified status
This takes seconds and requires no account. See Verification Page Guide for the full walkthrough.
Standard Verification (Polygonscan)
For verification that doesn’t depend on TimeProof’s servers:
Step 1: Get the Transaction Hash
Find the transaction hash from your PDF certificate or the TimeProof dashboard. It looks like: 0x7f8a...3b4c (66 characters starting with 0x).
Step 2: Look Up on Polygonscan
Go to polygonscan.com and paste the transaction hash in the search bar. The transaction page shows:
- Status: Success (confirmed on-chain)
- Block: The block number
- Timestamp: The exact time (UTC) the block was mined
- From: The wallet that submitted the transaction (TimeProof’s anchor wallet)
- To: The TimeProof smart contract address
- Input Data: The anchored hash or Merkle root
Step 3: Confirm the Hash
Look at the Input Data field. For single-file timestamps, your file’s SHA-256 hash is embedded in the transaction data. For batch timestamps, the Merkle root is recorded — you’ll need the Merkle proof to connect your file hash to the root.
See Polygonscan Verification for a detailed walkthrough.
Full Verification (Manual)
For maximum independence — no trust in any third-party tool:
Step 1: Compute the File Hash
Use any SHA-256 tool to hash your original file:
| Platform | Command |
|---|---|
| macOS/Linux | shasum -a 256 yourfile.pdf |
| Windows | certutil -hashfile yourfile.pdf SHA256 |
| Online | Any SHA-256 calculator (search “SHA-256 online”) |
| Python | hashlib.sha256(open('file','rb').read()).hexdigest() |
The output is a 64-character hexadecimal string. This must match the hash in your certificate exactly.
Step 2: Verify the Merkle Proof (Batch Files)
If your file was part of a batch, the certificate contains a Merkle proof — a series of intermediate hashes that connect your file’s hash to the Merkle root anchored on the blockchain.
To verify the proof:
- Start with your file’s hash (the leaf)
- For each step in the proof path, combine your current hash with the proof hash and compute SHA-256 of the pair
- After walking all steps, you should arrive at the Merkle root
- Confirm the Merkle root matches the one recorded in the blockchain transaction
This is pure math — no trust in any service required. Any SHA-256 implementation produces the same result.
Step 3: Query the Blockchain Directly
For the highest level of independence, query the Polygon blockchain directly instead of relying on Polygonscan:
- Use any Ethereum JSON-RPC provider (Infura, Alchemy, or run your own node)
- Call
eth_getTransactionByHashwith the transaction hash - Verify the transaction data contains the expected Merkle root
- Call
eth_getBlockByNumberto confirm the block timestamp
This eliminates even Polygonscan as a trust dependency. You’re verifying directly against the blockchain.
Verifying Legal-Grade Packages
LG packages include additional verification steps:
Identity Attestation (JWS)
- Retrieve TimeProof’s public key from
/.well-known/jwks.json - Use any JWT library to verify the JWS signature
- Confirm the
subclaim matches the wallet address in the certificate - Check that
exp(expiration) is in the future
Package Integrity (CHECKSUMS)
- Run
sha256sum -c CHECKSUMS.sha256in the package directory - Confirm all checksums pass — this verifies no file was tampered with after package generation
Verification Checklist
For any timestamp verification, confirm all of the following:
- File SHA-256 hash matches the certificate
- Transaction exists on Polygonscan with “Success” status
- Block timestamp matches the certificate’s timestamp
- Contract address matches TimeProof’s published contract
- Merkle proof walks correctly (for batch files)
- Identity attestation verifies (for LG packages)
If all items check out, the proof is valid. The file existed at the recorded time, and no one has tampered with the record.
Related Guides
- Verification Page Guide — using the online tool
- Polygonscan Verification — blockchain explorer walkthrough
- Third-Party Verification — for lawyers and auditors
- Certificate Guide — understanding certificate fields
Use the live product for timestamping and verification.
The company site owns the technical reference. The app handles runtime workflows.