SSM-Clock Stamp – Hardware Profile (14)

Status: Roadmap preview (not part of the normative spec). Does not change the core stamp or verification rules.
Caution: Research/observation only. Not for operational or safety-critical use.

14.1 Unchanged core (device-ready)

  • Stamp line (6 fields):
    SSMCLOCK1|iso_utc|rasi_idx|theta_deg|sha256(file)|chain[|kv:...]
  • Clock from UTC only:
    wrap360(x) = x - 360*floor(x/360)
    theta_deg = wrap360( (unix_seconds / 86400) * 360 )
    rasi_idx = floor(theta_deg / 30)
  • Chain (append-only):
    chain_k = sha256( ascii(chain_{k-1} + "|" + stamp_core) ) with chain_0 = "0"*64
  • ASCII discipline: 7-bit ASCII only; | is the sole delimiter; hex digests are lowercase 64-hex.

14.2 Device profiles (choose one)

  • HW-P1 — self-stamp (fully offline).
    Device computes sha256(file_bytes), clock, chain, and emits the final line. Stores sidecar/ledger locally.
  • HW-P2 — relay-anchor (field friendly).
    Device self-stamps; a laptop later collects stamps by UTC day and publishes the daily roll-up:
    rollup_D = sha256( ascii(Stamp_1 "|" ... "|" Stamp_n) ) (canonical sort).
  • HW-P3 — co-stamp (host time, device chain).
    Host provides iso_utc; device still computes chain_k to preserve append-only ordering on the device.

All three produce identical stamp lines and verify with the same rules.

14.3 kv: tail for device provenance (optional, additive)

Shape: kv:k1=v1;k2=v2;... (ASCII; unknown keys ignored; no spaces; | and ; not allowed in values).

Recommended keys (examples):
device=<ascii_token>chain_id=<8hex>fw=<semver>slot=<A|B>tick=<u64>time_mode=<derived_utc|observed>rtc_quality=<ppm_or_class>theta_prec=5algo=sha256chain_algo=sha256float=ieee75464

Example line (illustrative):
...|chain|kv:device=SN12345;chain_id=1a2b3c4d;fw=1.3.2;slot=A;tick=18340219;time_mode=derived_utc;rtc_quality=25ppm;theta_prec=5;algo=sha256;chain_algo=sha256;float=ieee75464

14.4 Fixed-point implementation (no floating point needed)

  • Micro-degrees pipeline (default theta_prec=5):
    theta_mic = ((unix_seconds % 86400) * 360000000) / 86400
    theta_str = print_fixed5(theta_mic) → prints DDD.ddddd with round-half-to-even
    rasi_idx = theta_mic / 30000000 (integer division)
  • Hashing: streaming is OK; the digest must match monolithic bytes.
  • Print: exactly 5 decimals (or theta_prec if configured); decimal point is ..

14.5 Storage patterns (robust on power loss)

  • Sidecar-in-flash. Append each final line as ASCII, length-prefixed.
  • Ledger ring. Fixed-size ASCII rows; when full, snapshot chain_tip to a WORM/OTP slot.
  • Crash-safety write. Write stamp_core, flush; compute chain_k; append the final line. On boot, repair by recomputing if a partial write is detected.

14.6 Anchoring without networks (cheap and later)

A field laptop batches the day’s stamps (UTC key), sorts canonically by (iso_utc, stamp_core, chain), and publishes:

SSM-Clock Stamp (SSM-CS) -- Daily Anchor
date=YYYY-MM-DD
count=<n>
rollup_algo=sha256
rollup_sha256=<64-hex>
sort=iso_utc,stamp_core,chain
source=<ledger|sidecars>

This yields a “no-later-than” bound without changing any stamp. Publish to any public venue.

14.7 Threats & simple mitigations (device context)

  • Ledger rewrite after capture → periodic witness_chain_tip in WORM/OTP; re-walk detects forks.
  • Clock drift/spoofing → allowed; iso_utc is declarative. Narrow backdating by publishing anchors frequently. Optionally record rtc_quality.
  • Cloned units → use kv:device=<pubkey_fp> and (optionally) sign the exact ASCII stamp line:
    sig = Ed25519_sign(priv, ascii(SSMCLOCK1|...|chain))
    (signature is additive; verification of SSM-CS remains unchanged)

14.8 Compliance checklist (device build)

  • Emits exactly one ASCII line:
    SSMCLOCK1|iso_utc|rasi_idx|theta_deg|h64|h64[|kv:...]]
  • iso_utc = "YYYY-MM-DDTHH:MM:SSZ" (UTC only; no subseconds; :60 forbidden).
  • theta_deg prints with exactly theta_prec decimals (default 5, ties-to-even).
  • Hashes are lowercase 64-hex; hashing inputs are ascii(…) of the literal strings.
  • Chain uses chain_0 = "0"*64 and the ASCII recurrence above.
  • If kv: present: validate recognized keys; ignore unknown keys.

Navigation

Back: SSM-Clock Stamp – Minimal Test Vectors (13)
Next: SSM-Clock Stamp – Conclusion (15)