SSM-Clock Stamp – Security Guarantees & Non-Guarantees (6.1)

Purpose. Clarify exactly what SSM-Clock Stamp (SSM-CS) provides by construction, and what it does not provide without extra measures. All statements are plain ASCII and audit-ready.

What SSM-CS guarantees (by construction)

  • Content integrity. Any byte change flips the digest.
    Rule: h_file = H_algo(file_bytes); verify with h' = H_algo(file_bytes) and require h' == h_file.
  • Append-only ordering (local). Every stamp advances a one-way chain from an all-zero seed.
    Rule: chain_k = H_chain( ascii(chain_{k-1} + "|" + stamp_core) ) with chain_0 = "0"*64.
  • Deterministic reproducibility (UTC → clock). From iso_utc alone:
    wrap360(x) = x - 360*floor(x/360)
    theta_deg = wrap360( (unix_seconds / 86400) * 360 )
    rasi_idx = floor(theta_deg / 30)
    With IEEE-754 binary64 and fixed digits for theta_deg, independent tools emit identical strings.
  • Public day-level time bound (optional anchor).
    Rule: rollup_D = sha256( ascii(Stamp_1 "|" ... "|" Stamp_n) ) after canonical sort by (iso_utc, stamp_core, chain) gives a “no-later-than” bound at publication time.

What SSM-CS does not guarantee (by itself)

  • Absolute wall-clock provenance. Offline stamping cannot prove “not-before”; anchors only add “no-later-than”.
  • Authorship / identity. No signatures in the base format; stamps alone do not prove who created them.
  • Confidentiality. Stamps are public metadata and do not hide file contents.
  • Non-repudiation. Without signatures, a creator could deny authorship.
  • Network-sourced trust. No PKI/blockchain trust is implied; assurance comes from H_algo, H_chain, and exact ASCII concatenations.

Practical mitigations (ASCII-simple)

  • Prompt anchoring. Publish daily anchors; this bounds backdating.
    Guidance: max_backdating_window_sec <= anchor_period_sec.
  • Dual-source parity. Anchor both from ledger and sidecars; require equality of rollup_D and count.
  • Policy pinning. Commit to rule/manifest digests to freeze tooling/format for that day:
    policy_sha256 = sha256( ascii(policy_text) )
  • Optional signature (authorship). Sign the exact stamp bytes (or the anchor note):
    sig = Ed25519_sign(privkey, ascii(SSMCLOCK1|...|chain[|kv:...]))
    Ed25519_verify(pubkey, ascii(SSMCLOCK1|...|chain[|kv:...] ), sig)
  • Immutable storage. Keep ledgers append-only (WORM/versioned) and preserve sidecars.
  • Leap-second ban. Do not stamp at 23:59:60; verifiers reject such iso_utc.
  • Algorithm agility. Use kv:algo and kv:chain_algo when needed; anchors remain sha256 on the ASCII join for universality.

Navigation
Back: SSM-Clock Stamp – KV Forward-Compatibility (5.18)
Next: SSM-Clock Stamp – Threat Scenarios & Attacker Playbook (6.2)