SSM-Clock Stamp – Optional Daily Witnesses (3.10)

Purpose. Publish tiny ASCII witness lines alongside the daily anchor to strengthen provenance without changing any verification math.

Witness fields (copy-ready, ASCII)

witness_chain_tip=<64-hex>     # chain value of the last ledger row of the UTC day
policy_sha256=<64-hex>         # sha256( ascii(POLICY.txt|ALGO.txt|FORMAT.txt concatenation) )

Semantics (what they mean)

  • witness_chain_tip ties the anchor to a specific ledger state: auditors who rewalk the ledger for that day should reproduce the same final tip
    tip_D = H_chain( ascii(chain_{k-1} + "|" + stamp_core_k) ) ... ending in the published 64-hex.
    This does not reveal the ledger itself; it’s a small commitment for parity checks.
  • policy_sha256 commits to the operational policy used that day (e.g., leap-second stance, theta_prec, enabled algorithms). It aids forensics and long-horizon reproducibility.
    Example build string (illustrative):
    concat = "POLICY.txt|ALGO.txt|FORMAT.txt"policy_sha256 = sha256( ascii(concat) )
    or compute over the literal ASCII of a single consolidated policy file.

Verification (observer, optional)

  1. Chain tip: rewalk the day’s ledger entries in order, using each row’s declared kv:chain_algo, seeded with chain_0 = "0"*64, and confirm the final tip equals witness_chain_tip (lowercase 64-hex).
  2. Policy hash: obtain the referenced policy material; compute sha256( ascii(concat_or_file) ); compare to policy_sha256.

Operational notes

  • Witnesses are additive: they do not affect rollup_D, the stamp line, or PASS/FAIL.
  • Keep witness lines ASCII-only with no extra spaces: key=value.
  • If policy files change mid-day, either (a) publish a second witness for the new policy and note the time window, or (b) freeze policy per UTC day.

Example (published alongside the anchor)

SSM-Clock Stamp (SSM-CS) -- Daily Anchor
date=2025-10-14
count=12
rollup_algo=sha256
rollup_sha256=abcd...1234
sort=iso_utc,stamp_core,chain
source=ledger
witness_chain_tip=9f0e...77c2
policy_sha256=3b6d...e98a

Why include witnesses

  • Faster audits: witness_chain_tip lets third parties confirm the exact ledger end-state corresponding to the anchor without sharing the ledger.
  • Clear governance: policy_sha256 proves which rounding, precision, and algorithm enablement were in force when stamps were produced.

Navigation
Back: SSM-Clock Stamp – Rationale (3.9)
Next: SSM-Clock Stamp – Reference Interface & Operational Playbook (4)