How Versiobit Proves Your Files Are Authentic: A Technical Deep Dive

How do you prove that a contract wasn't backdated? That an invoice existed before a deadline? That critical records haven't been tampered with?

This is the problem Versiobit solves. In this post, we'll explain exactly how our technology works – from the mathematical foundations to the practical proof you can verify yourself.

Digital Fingerprints: The Foundation of Trust

At the heart of our system is a concept called a cryptographic hash, which we prefer to call a digital fingerprint.

Think of it like a human fingerprint: just as your fingerprint uniquely identifies you, a digital fingerprint uniquely identifies a piece of data. But unlike human fingerprints, digital fingerprints are computed mathematically from the content itself.

Here's how it works:

• Take any piece of data – a document, an image, a text file
• Run it through a special mathematical function (we use SHA3-256)
• Get back a fixed-length string of characters: the fingerprint

For example, the text "Hello World" produces the fingerprint:

f345a219da005ebe9c1a1eaad...

Now here's the crucial part: change even a single character – say, "Hello World!" with an exclamation mark – and you get a completely different fingerprint:

7a82b0c94e07fd6a124af6d1a...

These two fingerprints have nothing visually in common, even though the inputs differ by just one character. This property – called the "avalanche effect" – makes fingerprints incredibly sensitive to any change.

And importantly, this process is one-way. Given a fingerprint, you cannot work backwards to find the original content. The fingerprint reveals nothing about what's inside the file.

What We Actually Fingerprint

You might think we simply fingerprint the file content. But we go further.

When you save a file in Versiobit, we create a structured record called file metadata that includes:

• The filename
• The creation date
• A fingerprint of the actual file content
• A link to the previous version of this file (if any)

We then compute a fingerprint of this entire metadata structure. This means the resulting fingerprint proves not just the content, but also the filename, the date, and the complete version history.

If someone tried to rename a file, change its date, or alter its content – the fingerprint would change. The proof would break.

To protect sensitive information, we also add a secret "salt" (a random value unique to your storage space) before computing certain fingerprints. This prevents anyone from guessing whether a particular filename or date exists in your archive.

The Blockchain: An Immutable Witness

Having a fingerprint is useful, but how do you prove when that fingerprint was created?

Traditional timestamps – from your computer's clock or even a server – can be manipulated. What we need is a timestamp that nobody can alter retroactively.

This is where blockchain technology comes in.

A blockchain is a distributed ledger maintained by thousands of independent computers worldwide. When data is recorded on a blockchain:

• It's verified by multiple independent parties
• It's replicated across thousands of machines
• It becomes part of a permanent, tamper-proof record

Think of it as having thousands of independent notaries simultaneously witness and record your document's fingerprint, with no single authority able to change the record.

We use the Arbitrum blockchain (built on Ethereum) to record fingerprints. Once recorded, that fingerprint is permanently and publicly verifiable – by anyone, at any time, without needing to trust Versiobit.

The Scaling Challenge

Here's a practical problem: blockchain storage isn't free. Each transaction costs money (called "gas fees"). If we recorded every single file change individually, the costs would be enormous.

Imagine a business with 10,000 file changes per day. Recording each separately could cost thousands of dollars daily. That's not sustainable.

We needed a way to prove thousands of files with a single, inexpensive blockchain transaction.

The Merkle Tree: Compacting Thousands into One

Our solution uses a data structure called a Merkle tree (named after computer scientist Ralph Merkle).

Here's the concept: imagine you have 1,000 file fingerprints to prove. Instead of recording all 1,000 on the blockchain, you organize them into a tree structure:

1. Layer 1: Take pairs of fingerprints and combine them into new fingerprints
2. Layer 2: Take those combined fingerprints and combine them again
3. Continue until you're left with just one fingerprint at the top: the root

This single root fingerprint mathematically represents all 1,000 original fingerprints. If any single file changed, the root would be different.

We call this process compaction. Once per day (at midnight UTC), we collect all new file fingerprints, build a Merkle tree, and record only the root on the blockchain.

The result: one small blockchain transaction proves thousands of files.

Think of it like a book with 10,000 pages. Instead of notarizing each page, you get one notary stamp on the spine that mathematically proves every page inside.

The Attestation Function: Your Personal Proof Path

When you want to prove a specific file, you need to connect your file's fingerprint to the root that was recorded on the blockchain.

This is where the attestation function comes in – the mathematical path from your file to the blockchain.

In Versiobit's proof view, you'll see something like:

A(x) = B(B(B(x, h₁), h₂), h₃)

This looks technical, but the concept is simple:

• x is your file's fingerprint
• h₁, h₂, h₃ are "sibling" fingerprints from the Merkle tree
• B is a function that combines two fingerprints into one
• The result equals the root fingerprint stored on the blockchain

Each sibling fingerprint is a neighbor in the tree structure. By following this path upward – combining your fingerprint with each sibling – you arrive at the root. If your calculated root matches the blockchain record, your file is proven.

Our proof interface even lets you experiment: change the filename in the simulator, and watch the fingerprint change instantly. The proof breaks immediately – demonstrating exactly how sensitive the system is to any modification.

Verifying a Proof Yourself

You don't have to trust Versiobit. Here's how to verify a proof independently:

1. Open the proof view for any file in Versiobit
2. Click the blockchain transaction link – this takes you to a public blockchain explorer (like Arbiscan)
3. Find the "Input Data" field in the transaction details
4. Compare the fingerprint shown there with the calculated attestation fingerprint

If they match, you've independently verified that your file existed at the timestamp recorded by the blockchain – using only public, immutable data that Versiobit cannot alter.

This verification will work forever, even if Versiobit ceased to exist. The blockchain record is permanent and publicly accessible.

What Happens If Someone Tampers?

Let's say someone tries to modify a file after it's been attested. What happens?

1. The file content changes → the content fingerprint changes
2. The metadata changes → the metadata fingerprint changes
3. The proof path breaks → following the attestation function no longer produces the blockchain root

The tampering is immediately detectable. There's no way to modify a file and maintain a valid proof – you would need to forge a blockchain entry, which is computationally impossible.

This protection works against:

• Malicious tampering (someone deliberately altering records)
• Accidental corruption (bit rot, storage failures)
• Backdating (trying to make a file appear older than it is)

Even changing just the filename or timestamp breaks the proof. The mathematical chain is unforgiving.

Conclusion: Mathematical Certainty

Versiobit's proof system provides something rare in the digital world: mathematical certainty.

Your files aren't protected by promises or trust in a company – they're protected by cryptographic mathematics and the immutability of public blockchains. The proofs are:

• Permanent: They work forever, independent of Versiobit
• Verifiable: Anyone can check them using public blockchain data
• Cost-effective: Thousands of files share one blockchain transaction
• Tamper-proof: Any modification is immediately detectable

Whether you need to prove the existence of contracts, demonstrate regulatory compliance, or simply ensure your records haven't been altered – the proof is in the mathematics.

For those interested in the complete technical details, our patent application provides the full specification of our audit-proof archiving system.