SSM-Clock Stamp – Backdating Cost & Anchoring Cadence (6.4)

Purpose. Model the backdating window and give practical guidance on how often to publish anchors so the window collapses toward zero — fully offline, plain ASCII.

Cost model (intuition, ASCII)

  • Let Delta_pub be the elapsed time between stamping and public anchor publication for a given UTC day.
  • The attacker’s plausible backdating window is bounded by the publication gap:
    backdating_window_sec <= Delta_pub
  • Publishing to multiple independent venues raises the cost of a convincing rewrite (needs matching witnesses across places and times).

Key inequality (reuse):
max_backdating_window_sec <= anchor_period_sec

What anchors force the adversary to do

Anchors commit to the exact ASCII set for the day:

  • Canonical order + literal join:
    joined = "Stamp_1|...|Stamp_n"
  • Digest:
    rollup_D = sha256( ascii(joined) )
  • To backdate after publication, the attacker would need either:
    1. A practical collision on sha256(ascii(joined)) (assumed infeasible), or
    2. A forged subset/order that still yields the same rollup_D and count (blocked by the canonical rules).

Recommended cadence (profiles)

  • Standard streams: publish daily anchors. Target Delta_pub <= 24h.
  • High-value streams: publish hourly or semi-daily. Target Delta_pub <= 1h.
  • Bursty events: anchor immediately after a burst (on-demand extra anchor).

Redundancy (cheap, powerful)

  • Dual venue: publish the same note in at least 2 independent places.
  • Witness fields (optional): add
    witness_chain_tip=<64-hex> and policy_sha256=<64-hex>
    to tie the anchor to a concrete ledger state and the day’s rules.

Observed-time evidence (optional)

When using observed-time mode, include the ASCII sidecar lines and hash:

  • obs_iso_utc=<ISO_Z>
  • tolerance_sec=<int>
  • delta_sec=<int>
  • obs_sources_ascii=<labels>
  • obs_evidence_sha256 = sha256( ascii(concat_records) )
    This does not replace anchoring; it complements it.

Minimal anchoring playbook (copy-ready)

  1. Close the day (UTC): collect all same-day stamps.
  2. Sort and join: (iso_utc, stamp_core, chain) then "Stamp_1|...|Stamp_n".
  3. Compute digest: rollup_D = sha256( ascii(joined) ).
  4. Publish note (ASCII): SSM-Clock Stamp (SSM-CS) -- Daily Anchor date=YYYY-MM-DD count=<n> rollup_algo=sha256 rollup_sha256=<64-hex> sort=iso_utc,stamp_core,chain source=<ledger|sidecars> witness_chain_tip=<64-hex> policy_sha256=<64-hex>
  5. Mirror to a second venue.

Quick rules of thumb

  • Sooner is safer: shrink Delta_pub to shrink the attacker’s window.
  • Mirror anchors: two venues make quiet edits far harder.
  • Pin policy: publish policy_sha256 so format/rounding can’t be disputed later.
  • Never change old stamps: anchors are additive, not mutative.

Navigation
Back: SSM-Clock Stamp – Hardening Options (6.3)
Next: SSM-Clock Stamp – Canonical Formatting & Parsing (7.1)