{"id":29560902,"url":"https://github.com/decred/dcrtime","last_synced_at":"2025-09-10T05:12:22.325Z","repository":{"id":45959146,"uuid":"93892097","full_name":"decred/dcrtime","owner":"decred","description":"Decred anchored timestamp client, proxy, and server.","archived":false,"fork":false,"pushed_at":"2025-07-18T17:31:53.000Z","size":369,"stargazers_count":28,"open_issues_count":15,"forks_count":23,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-08-08T21:54:01.085Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/decred.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-06-09T19:50:52.000Z","updated_at":"2025-07-18T17:31:58.000Z","dependencies_parsed_at":"2023-02-15T11:45:57.275Z","dependency_job_id":"81a8b043-2821-4bdc-8060-a94f30b714d5","html_url":"https://github.com/decred/dcrtime","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/decred/dcrtime","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/decred%2Fdcrtime","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/decred%2Fdcrtime/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/decred%2Fdcrtime/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/decred%2Fdcrtime/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/decred","download_url":"https://codeload.github.com/decred/dcrtime/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/decred%2Fdcrtime/sbom","scorecard":{"id":331586,"data":{"date":"2025-08-11","repo":{"name":"github.com/decred/dcrtime","commit":"0418c83816b8c4bfcac3893f68e99811f5966229"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":7.9,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"6 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/go.yml:4","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Pinned-Dependencies","score":6,"reason":"dependency not pinned by hash detected -- score normalized to 6","details":["Warn: downloadThenRun not pinned by hash: .github/workflows/go.yml:22","Info:   2 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: ISC License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":9,"reason":"1 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T03:46:44.413Z","repository_id":45959146,"created_at":"2025-08-18T03:46:44.413Z","updated_at":"2025-08-18T03:46:44.413Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274416291,"owners_count":25280927,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-10T02:00:12.551Z","response_time":83,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-07-18T15:39:19.511Z","updated_at":"2025-09-10T05:12:22.304Z","avatar_url":"https://github.com/decred.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"dcrtime\n=======\n\n[![Build Status](https://github.com/decred/dcrtime/workflows/Build%20and%20Test/badge.svg)](https://github.com/decred/dcrtime/actions)\n[![ISC License](https://img.shields.io/badge/license-ISC-blue.svg)](http://copyfree.org)\n[![GoDoc](https://img.shields.io/badge/godoc-reference-blue.svg)](https://godoc.org/github.com/decred/dcrtime)\n\nDecred anchored timestamp client and server.\n\nThe dcrtime stack as as follows:\n\n```\n+-------------------------+\n|         dcrtime         |\n+-------------------------+\n            |\n~~~~~~~~ Internet ~~~~~~~~~\n            |\n+-------------------------+\n|    dcrtimed (proxy)     |\n+-------------------------+\n            |\n~~~~~~~~~~ VPN ~~~~~~~~~~~~\n            |\n+-------------------------+\n|   dcrtimed (backend)    |\n+-------------------------+\n            |\n+-------------------------+\n|        dcrwallet        |\n+-------------------------+\n            |\n+-------------------------+\n|          dcrd           |\n+-------------------------+\n```\n\n## Components\n* dcrtime - Reference client application\n* dcrtimed\n\t- Proxy Mode: Forwards requests to the backend server.\n\t- Backend mode: Manages timestamps and creates decred transaction that anchors transactions in the blockchain.\n\n## Library and interfaces\n* api/v1 - JSON REST API for dcrtime clients.\n* cmd/dcrtime - Client reference implementation.\n* cmd/dcrtime_dump - Data dump/restore tool for filesystem based backend.\n* cmd/dcrtime_fsck - Data integrity tool for filesystem based backend.\n* cmd/dcrtime_unflush - Debug backend tool to either delete the flush record or reset the chain timestamp.\n* cmd/dcrtime_timestamp - Tool to convert between various timestamp formats.\n* merkle -  Merkle algorithm implementation.\n* util - common used miscellaneous utility functions.\n\n## Example setup\n\n### Backend\n\nThis example dcrtimed.conf connects to dcrwallet running on localhost using the testnet network.\n\n```\nwallethost=localhost\nwalletcert=../.dcrwallet/rpc.cert\nwalletpassphrase=MySikritPa$$w0ard\ntestnet=1\napitoken=sometoken\n\n```\n\n**Note:** Dcrtimed requires access to wallet GRPC. Therefore it needs the wallet's\nserver certificate to authenticate the server, as well as a local client keypair\nto authenticate the client to `dcrwallet`.  The server certificate by default\nwill be found in `~/.dcrwallet/rpc.cert`, and this can be modified to another\npath using the `--walletcert` flag.  Client certs can be generated using\n[`gencerts`](https://github.com/decred/dcrd/blob/master/cmd/gencerts/) and\n`dcrtimed` will read `client.pem` and `client-key.pem` from its application\ndirectory by default.  The certificate (`client.pem`) must be appended to\n`~/.dcrwallet/clients.pem` in order for `dcrwallet` to trust the client.\n\n**Note:** `apitoken` key is used to access privileged http endpoints in the daemon.\nMultiple values may be provided by providing multiple apitoken values, each on\na separate line with each line starting with \"apitoken=\".\nThe backend will not start if at least one value is not specified.\n\nStart the store.\n```\nstore-server$ dcrtimed\n07:36:09 2017-06-09 [INF] DCRT: Version : 0.1.0\n07:36:09 2017-06-09 [INF] DCRT: Mode    : Store\n07:36:09 2017-06-09 [INF] DCRT: Network : testnet2\n07:36:09 2017-06-09 [INF] DCRT: Home dir: /home/user/.dcrtimed\n07:36:09 2017-06-09 [INF] DCRT: Generating HTTPS keypair...\n07:36:09 2017-06-09 [INF] DCRT: HTTPS keypair created...\n07:36:09 2017-06-09 [INF] FSBE: Wallet: 127.0.0.1:19111\n07:36:09 2017-06-09 [INF] DCRT: Start of day\n07:36:09 2017-06-09 [INF] DCRT: Listen: :59152\n07:58:03 2017-06-09 [INF] DCRT: Timestamp 203.0.113.4:44331 via 10.0.0.2:57126: rejected 20170609.120000 b1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1\n07:59:36 2017-06-09 [INF] DCRT: Timestamp 203.0.113.4:57138 via 10.0.0.2:32322: accepted 20170609.120000 8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6\n08:00:10 2017-06-09 [INF] FSBE: flusher: directories 1 in 788.607578ms\n08:15:29 2017-06-09 [INF] DCRT: Verify 203.0.113.4:39992 via 10.0.0.2:57144: Timestamps 0 Digests 1\n08:16:36 2017-06-09 [INF] DCRT: Verify 204.0.113.4:57146 via 10.0.0.2:33881: Timestamps 0 Digests 1\n08:16:36 2017-06-09 [INF] FSBE: Flushed anchor timestamp: 4172a560a7035c169c4da60cba2cb1fbac686bd01224e09a1a56ce5e6f31cff0 1497013614\n```\n\n### Proxy\n\ndcrtimed also has a proxy mode.  It is activated by specifying the --storehost and --storecert options.\nIn this example, we assume the proxy has an internal interface with ip 10.0.0.2 that connects to storehost.example.com at 10.0.0.1.\n\n```\nproxy-server$ mkdir ~/.dcrtimed\nproxy-server$ scp storehost.example.com:/home/user/.dcrtimed/https.cert ~/.dcrtimed/dcrtimed.cert\nproxy-server$ dcrtimed --testnet --storehost=storehost.example.com --storecert=~/.dcrtimed/dcrtimed.cert\n07:50:59 2017-06-09 [WRN] DCRT: open /home/user/.dcrtimed/dcrtimed.conf: no such file or directory\n07:50:59 2017-06-09 [INF] DCRT: Version : 0.1.0\n07:50:59 2017-06-09 [INF] DCRT: Mode    : Proxy\n07:50:59 2017-06-09 [INF] DCRT: Network : testnet2\n07:50:59 2017-06-09 [INF] DCRT: Home dir: /home/user/.dcrtimed\n07:50:59 2017-06-09 [INF] DCRT: Generating HTTPS keypair...\n07:50:59 2017-06-09 [INF] DCRT: HTTPS keypair created...\n07:50:59 2017-06-09 [INF] DCRT: Start of day\n07:50:59 2017-06-09 [INF] DCRT: Listen: :59152\n07:58:03 2017-06-09 [INF] DCRT: Timestamp 203.0.113.4:44331: b1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1\n07:59:36 2017-06-09 [INF] DCRT: Timestamp 203.0.113.4:57138: 8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6\n08:15:29 2017-06-09 [INF] DCRT: Verify 203.0.113.4:39992: Timestamps 0 Digests 1\n08:16:36 2017-06-09 [INF] DCRT: Verify 204.0.113.4:57146: Timestamps 0 Digests 1\n```\n\nNow we test the setup using dcrtime.  Note that for this example one digest was already known to the system and one was not.  You can spot the difference in the dcrtimed trace byt the words \"accepted\" and \"rejected\".  Accepted means the file digest was unknown to the store and could therefore be added.  Rejected on the other hands means that said digest already exists and therefore can not be added again.  A digest can only be queried once it has been added to the store.\n\nPer the trace above we issue a known digest first:\n```\n$ dcrtime -v /bin/ls\nb1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1 Upload /bin/ls\nb1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1 Exists /bin/ls\nCollection timestamp: 1497013200\n```\n\nAnd now we issue an unknown digest:\n```\n$ dcrtime -v myfile.txt\n8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6 Upload myfile.txt\n8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6 OK     myfile.txt\nCollection timestamp: 1497009600\n```\n\nIn this example we wait a bit until the store hits its scheduled hourly flush regimen.  This can be observed in the store trace.\n\nAnd now let's ask about these digests:\n```\n$ dcrtime -v b1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1\nb1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1 Verify\nb1d080f4d09ea21a7b1872d87993079a84718f485de87d0327b6d1da922620e1 OK\n  Chain Timestamp: 1496430430\n  Merkle Root    : 9788d5d7b85f2b68ec21d26e738dce6cdd367ee0ec58b53ad6bd4d46b0bc3018\n  TxID           : 554b27c309ac9a8dab8ae261bb13dcfcdd351aa5f196322c112f04d106e000f3\n```\n\nThe next digest was anchored but the store did not have the chain timestamp cached yet.  This can be observed in the store trace; just look for \"Flushed anchor\".\n```\n$ dcrtime -v 8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6\n8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6 Verify\n8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6 OK\n  Chain Timestamp: 1497013614\n  Merkle Root    : 8496855341883fdc90cc532f8304d1c46a60586fb15d99f07e41bb5ab19c79c6\n  TxID           : 4172a560a7035c169c4da60cba2cb1fbac686bd01224e09a1a56ce5e6f31cff0\n```\n\nYou can find the merkle root using block explorer.  Surf to https://testnet.decred.org/tx/554b27c309ac9a8dab8ae261bb13dcfcdd351aa5f196322c112f04d106e000f3 and in the transaction you'll find an entry that is as follows:\n```\nOP_RETURN 9788d5d7b85f2b68ec21d26e738dce6cdd367ee0ec58b53ad6bd4d46b0bc3018\n```\nThe astute reader noticed that this is the Merkle Root the dcrtime client returned.\n\nNote that this example was run on a single machine but that the listen port bits were removed for clarity.\n\n## License\n\ndcrtime is licensed under the [copyfree](http://copyfree.org) ISC License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdecred%2Fdcrtime","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdecred%2Fdcrtime","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdecred%2Fdcrtime/lists"}