Skip to content

aulisse/google-cloud-storage-object-notarization

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Google Cloud Storage Object Notarization (Unofficial)

The purpose of this project is to provide a Google Cloud Storage user with a system that allows to notarize every object uploaded in a specific bucket.

Notarization (also known as timestamping) is a powerful non-monetary blockchain application, consisting of trustless timestamping of documents or anchoring of arbitrarily large data sets.

A generic data file can be hashed to produce a short unique identifier, equivalent to its digital fingerprint. Such a fingerprint can be associated to a Bitcoin transaction (or any other kind of blockchain transaction), the bitcoin amount being irrelevant, and hence registered on the blockchain. The immutability of this hash commitment on the blockchain provides the data file owner with a robust means of non-repudiable timestamping and the ability to exhibit the file at a later time and prove without a doubt that its content has not changed i.e. by comparing the hash of the exhibited file to the hash notarized on the blockchain.

Of course the notarization process is as reliable as the used blockchain, with the bitcoin one being the most secure. The generic notarization process has been standardized as OpenTimestamps to achieve third party auditable verification.

Disclaimer

This is not an official Google application. We are not responsible of any damage that could be done with it. Use it at your own risk.

License

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Requirements:

How to deploy

  • create a bucket on Google Cloud Storage (GCS)
  • clone this project
  • configure the name of the bucket in deploy.sh
  • run deploy.sh

How does it work

  • upload a file on GCS
  • the Google Cloud Function (GCF) objectNotarization is triggered by 'new object on GCS' event
  • the GCF objectNotarization invokes the file notarization using OpenTimestamps API
  • the GCF objectNotarization receives a callback with the temporary notarization receipt, which is then written in the GCS object metadata. This receipt is temporary as the notarization does not happen instantly: the OpenTimestamps calendars will eventually finalize notarization when an actual bitcoin transaction including the Merkle root of all submitted documents will be included in the bitcoin blockchain
  • the GCF upgradeNotarization is called when a metadata of the file object changes, e.g. after 24 hours from upload the object will be set from Regional to Nearline. This is used to upgrade the receipt to its final status

Useful links