The protocol
A non-custodial timestamp registry.
Your data never leaves the lab.
A provisional patent filing costs four figures and discloses your concept to
counsel. A cloud "secure vault" puts your unreleased formula on someone else's server. This does
neither: the cryptographic primitive is SHA-256(file) — a one-way fingerprint from
which no byte of the original can be reconstructed. Anchoring that fingerprint to
independent, immutable records establishes when your work existed, while its content stays
air-gapped in your own infrastructure.
The air-gap primitive
The browser computes SHA-256 over the file buffer via the Web Crypto API.
Open the DevTools network tab and confirm it yourself: the only payload transmitted is the
64-hex digest. Batch pipelines use the same contract over REST.
The immutable horizon
The digest is committed to an RFC 3161 trusted timestamp authority (presumption of accuracy under eIDAS, Regulation EU 910/2014) and submitted to OpenTimestamps calendars for Bitcoin aggregation — proof that survives this service's existence.
The audit artifact
You receive a canonical-JSON receipt signed with our domain-anchored Ed25519 key, plus a
public certificate URL. Journals, TTOs, and patent counsel verify it with the open-source CLI —
re-hash → compare → verify signature — no account, no platform.
Audit it yourself
Closed source asks for trust.
Open core removes the need for it.
You're trained to assume every proprietary security claim hides a backdoor. Correct posture. So this stack is built to be checked, not believed: the verification path runs entirely on your machine, against public standards, with our public key published at a stable URL.
# independent verification — no server involved
$ sha256sum dataset_v3.tar.gz
9f2a4c…e81b dataset_v3.tar.gz
$ python gq_verify.py dataset_v3.tar.gz \
receipt.json verify-pubkey.pem
[OK] file hash matches receipt
[OK] Ed25519 signature valid
[OK] VERIFIED: existed at 2026-06-11T14:02:11+00:00
anchor: rfc3161 [confirmed] freetsa.org (eIDAS)
anchor: ots [pending → Bitcoin block]
If greenqubyte.com vanished tomorrow, every receipt remains verifiable: the TSA token and the Bitcoin attestation are independent of this server. That is the design criterion a provenance registry must meet.
Verify a record
Re-hash. Compare. QED.
Reviewing a collaborator's dataset, a journal submission, or evidence in a priority dispute? Drop the file — it is re-hashed locally and checked against the registry. A single flipped bit yields a completely different digest: mismatch is proof of alteration.
⬢ Drop a file to verify integrity
re-hashed client-side · compared against anchored registry entries
Architecture
Staged, documented, reproducible.
The reference implementation (FastAPI, PostgreSQL/SQLite, Ed25519 PKI, Merkle batching) is public. This page runs the Stage 1–2 contract in production; stages are cumulative and each is independently verifiable.
Client-side hash registry
Web Crypto SHA-256, fingerprint-only storage, signed JSON receipts, public certificate URLs. Zero-knowledge of file contents by construction.
Independent third-party anchoring
RFC 3161 timestamp tokens (EU eIDAS presumption of accuracy) + OpenTimestamps Bitcoin attestations on every stamp. Proof validity is decoupled from this service.
Sovereign cryptographic infrastructure
Domain-anchored Ed25519 signing keys, Merkle-tree aggregation (thousands of digests → one on-chain commitment with per-document inclusion proofs), self-hosted OpenTimestamps calendar. Stage 3 is folded into this layer.
Flat-rate registry service
REST API keys for automated lab pipelines (Python, GitLab CI, n8n), batch folder stamping, PDF certificates, revocation registry. Marginal cost per anchored document: <€0.001.
Identity & verified exchange layer
did:web researcher identities on the same Ed25519 infrastructure, then signed structured message exchange (DIDComm v2) between labs, TTOs, and counsel — and finally a federated, open protocol. Documents first; the network follows.
Cost structure
Grant-line friendly: flat-rate, no per-seat games.
A single provisional patent filing runs €1,500–4,000 in counsel fees before examination. Continuous cryptographic provenance for the entire lab costs less than a journal page charge. Verification is free for everyone, always — only high-volume stamping is metered.
Starter
- 50 stamps / month
- RFC 3161 trusted timestamps
- eIDAS presumption of accuracy
- Public certificate URLs
- Signed JSON receipts
Lab
- 200 stamps / month
- Per-document ledger anchoring
- REST API key + batch endpoint
- CI/CD & n8n pipeline templates
- Folder-level batch stamping
Institute
- Unlimited stamps
- Bitcoin via OpenTimestamps
- Merkle inclusion proofs per digest
- Highest-immutability tier
- Priority support
Objections, answered
The questions a reviewer would ask.
Does a hash timestamp constitute valid prior-art evidence at the EPO?
A timestamp establishes existence at a date, not inventorship — it is one evidentiary layer, not a patent substitute. RFC 3161 tokens from qualified TSAs carry a presumption of accuracy under eIDAS (EU 910/2014) in all member states; Bitcoin attestations add an independent, jurisdiction-neutral record. Patent counsel typically use such records to corroborate lab-notebook chronology in priority disputes. For filings, talk to your TTO — and stamp everything in the meantime, because it costs seconds.
How do I confirm no research data is transmitted?
Empirically. Open DevTools → Network, drop a file, and inspect the single POST
/api.php?action=stamp request: the body contains {sha256, filename, size} —
64 hex characters, nothing else. The hashing code is unminified on this page and the full
front-end is on GitHub. SHA-256 is preimage-resistant: the digest reveals nothing about content.
What happens to my proofs if GreenQubyte shuts down?
They remain valid. The RFC 3161 token verifies against the TSA's certificate chain with
openssl ts -verify; the OpenTimestamps proof verifies against the Bitcoin blockchain
with the public ots client; the receipt signature verifies against our published
Ed25519 key, which you should pin locally. No component of verification requires our server.
Why not just use a provisional patent or a notary?
Different tools, different economics. A provisional filing discloses your concept to counsel, costs four figures, and expires in 12 months. A notarial act doesn't scale to 2,000 data payloads a month. Hash-anchoring is instant, discloses nothing, costs effectively zero per document, and produces machine-verifiable artifacts — use it continuously, and file patents on what survives.
Can I integrate this into our data pipeline?
Yes — the REST contract is one endpoint: POST {sha256, filename} → signed receipt.
Reference scripts ship in the repo (gq_stamp.py walks a directory tree, hashes
locally, batch-submits; gq_verify.py verifies offline). GitLab CI and n8n templates
are part of the Lab tier.
GDPR and institutional data policy?
Only digests, optional filenames, and timestamps are stored. A SHA-256 digest of research data is not reconstructable content; raw files never reach the network, satisfying local-processing requirements of institutional review and EU data-sovereignty rules. Audit receipts are exportable for funding reviews.
Pre-registration
Establish priority today.
The stamp above is live and free.
For lab-wide API access, CI templates, and the Institute tier at launch: one email, no form, no newsletter.
hello@greenqubyte.com