n Wolf Pak Capturen The Timestamp Problem in Digital Evidence
When you capture a web page as evidence, one of the most fundamental questions is: when was this captured?
File creation dates can be modified. Server clocks can be wrong. Screenshots carry no verifiable timestamp at all. Even NTP atomic clock timestamps, while accurate, depend on the operator’s system — which opposing counsel can argue was tampered with.
This is where blockchain timestamping changes the evidence game.
What Is Blockchain Timestamping?
Blockchain timestamping uses the Bitcoin blockchain — a public, immutable, decentralized ledger — to prove that a piece of data existed at a specific point in time.
Here’s how it works:
- Hash the evidence. AEGIS generates a SHA-256 hash of your capture’s file manifest.
- Submit to OpenTimestamps. The hash is submitted to the OpenTimestamps protocol, which batches hashes and anchors them to the Bitcoin blockchain.
- Receive a timestamp proof (.ots file). Once confirmed, you receive a cryptographic proof that your hash was included in a Bitcoin block at a specific time.
- Independent verification. Anyone can verify this proof using the public Bitcoin blockchain — no trust in any single party required.
Why This Matters for Legal Evidence
The Bitcoin blockchain has unique properties that make it ideal for evidence timestamping:
- Immutable: Once a block is confirmed, its contents cannot be altered or deleted. Ever.
- Decentralized: No single entity controls the blockchain. There’s no vendor, government, or organization that can modify the timestamp.
- Publicly verifiable: Anyone with internet access can verify a timestamp proof against the blockchain.
- Globally distributed: Thousands of nodes worldwide maintain identical copies of the ledger.
Compare this to a vendor’s private timestamp server, which is controlled by a single company and could theoretically be compromised or modified.
How AEGIS Uses Blockchain Timestamps
AEGIS provides dual-verified timestamping:
| Method | Source | Verification |
|---|---|---|
| NTP Atomic Clock | NIST time servers | Accurate to milliseconds, but relies on operator’s system |
| Bitcoin Blockchain | OpenTimestamps + Bitcoin network | Immutable, publicly verifiable, independent of operator |
Together, these two methods provide time proof from independent sources — the government’s atomic clock and the world’s most resilient decentralized ledger.
Addressing the “But Can’t You Just…” Objections
“Can’t you backdate a blockchain timestamp?”
No. The Bitcoin blockchain is append-only. You cannot insert a hash into a past block. The timestamp proof links to a specific block height and hash, which is permanently recorded in the blockchain’s sequential chain.
“What if OpenTimestamps goes offline?”
The .ots proof file is self-contained. Once you have it, you can verify it against the Bitcoin blockchain directly — OpenTimestamps doesn’t need to exist for the proof to remain valid.
“Is blockchain evidence accepted in court?”
Blockchain timestamping is increasingly recognized. The EU’s eIDAS regulation explicitly references distributed ledger timestamps. In the US, courts have accepted blockchain evidence in several proceedings. The technology itself provides the verifiable process documentation that FRE 901(b)(9) requires.
The Bottom Line
Blockchain timestamping doesn’t just record when evidence was captured — it provides immutable, third-party, publicly verifiable proof that no vendor-controlled timestamp service can match.
For legal teams building evidence packages where timing matters — IP disputes, social media takedowns, regulatory filings — blockchain timestamps remove the “when” question from the opposing counsel’s playbook.
→ See blockchain timestamping in action in a sample AEGIS report