Objective. Prove that any byte change after stamping is immediately detected by the content hash check — fully offline, plain ASCII.
Setup (inputs)
- A stamped file
Aand its one-line stamp:SSMCLOCK1|iso_utc|rasi_idx|theta_deg|sha256(file)|chain[|kv:...] - Optional ledger (append-only). No network, no PKI.
Steps (deterministic)
- Baseline: verify
Awith its stamp → expect PASS. - Tamper: modify
A(e.g., append\nor flip one byte). - Re-verify: run
verify --file A --stamp "<line>".
Expected output (stdout, ASCII)
HASH_OK=false CLOCK_OK=true CHAIN_OK=true # or CHAIN_OK=na if no ledger
VERDICT=FAIL
Why this happens (core rule)
- The stamp binds exact bytes via
h_file = H_algo(file_bytes). - Verification recomputes the digest and requires string equality:
h' = H_algo(file_bytes)andh' == h_file. - Any byte change → new
h'→HASH_OK=false→ FAIL. - This check is independent of time and chain.
Notes (must)
- Compute file hash in binary mode; do not use text-mode reads.
- Respect
kv:algoif present; default issha256. - Digests are lowercase 64-hex.
- The clock and chain may still check out, but hash mismatch alone is sufficient to fail.
Navigation
Back: SSM-Clock Stamp – Two Files, Same Minute (5.2)
Next: SSM-Clock Stamp – Ledger Break (row deletion/reorder) (5.4)
SHUNYAYA 