The combination of our free, lightning-fast, and always-on timestamp service and the easy to use CLI tool, gets you started in a minute.
Trusted timestamping is the process of securely keeping track of the creation and modification time of a document.
Security here means that no one-not even the owner of the document should be able to change it once it has been recorded provided that the timestamp's integrity is never compromised.
CodeNotary uses its immutable open-source database immudb to provide this service that includes cryptographic verification and immutable data history.
This timestamping service provides full immutability for all data ever written and unique data checksum ever stored including its history.
As a trust level comes with the timestamp, you can change your mind over time (unsupport, untrust) without touching the code or binary.
As the complete trust and timestamping history is stored for any digital identity (SHA-256 checksum), you can easily create workflows and decision trees in your CI/CD recipes.
There are plenty of different use cases:
Simply request your API key and get started within a minute! This service is free forever and was built using Open Source!
Notarized assets informations is stored in a tamperproof ledger with cryptographic verification backed by immudb, the immutable database.
To provide access to our timestamping service a valid API Key is required. If you don’t have one yet, simply signup here CodeNotary Timestamp This API Key is bound to your email address and it’s required during vcn login.
vcn login --lc-host timestamp.codenotary.com # type in your API key when requested
# or setting the API key
VCN_LC_API_KEY=
3. Notarize existing digital objects
Once you have an account you can start notarizing digital assets to give them an identity.
vcn n
4. Authenticate digital objects You can use the command as a starting point.
vcn a
For detailed command line usage, just run vcn help .
Tip: the timestamping and verification calculates a SHA256, so larger files might take a bit longer depending on your system.
It’s also possible to notarize assets using a wildcard pattern.
With --recursive flag the utility can recursively notarize inner directories.
vcn n "*.md" --recursive
Start with the login command. vcn will walk you through login and importing up your secret upon initial use.
vcn login --lc-host timestamp.codenotary.com
Once your secret is set, you can notarize assets like in the following examples:
vcn notarize
vcn notarize dir://
vcn notarize docker://
vcn notarize podman://
vcn notarize git://
vcn notarize --hash
Change the asset’s status:
vcn unsupport
vcn untrust
vcn authenticate
vcn authenticate dir://
vcn authenticate docker://
vcn authenticate podman://
vcn authenticate git://
vcn authenticate --hash
To output results in json or yaml formats:
vcn authenticate --output=json
vcn authenticate --output=yaml
First, you’ll need to pull the image by using:
docker pull hello-world
Then use the below command to put in place an automatic safety check. It allows only verified images to run.
vcn authenticate docker://hello-world && docker run hello-world
If an image was not verified, it will not run and nothing will execute.
You can authenticate multiple assets by piping other command outputs into vcn :
ls | xargs -n 1 vcn authenticate
The exit code will be 0 only if all the assets in you other command outputs are verified.
By adding --signerID , you can authenticate that your asset has been signed by a specific SignerID. You can find your own signer id in the output of vcn n or vcn a (Signer).
A SignerID is the signer public address (represented as a 40 hex characters long string prefixed with 0x ).
vcn authenticate --signerID 0x8. docker://hello-world
If you want to authenticate an asset using only its hash, you can do so by using the command as shown below:
vcn authenticate --hash fce.
In case you want to unsupport/untrust an asset of yours that you no longer have, you can do so using the asset hash(es) with the following steps below.
First, you’ll need to get the hash of the asset from your CodeNotary Ledger Compliance dashboard or alternatively you can use the vcn list command. Then, in the CLI, use:
vcn untrust --hash
# or
vcn unsupport --hash
Simply, set up your environment accordingly using the following commands:
export VCN_LC_API_KEY=Your-API-Key
Once done, you can use vcn in your non-interactive environment using:
vcn login --lc-host timestamp.codenotary.com
vcn notarize
The user can upload custom metadata when doing an asset notarization using the --attr option, e.g.:
vcn n README.md --attr Testme=yes --attr project=5 --attr pipeline=test
This command would add the custom asset metadata Testme: yes, project: 5, pipeline: test.
The user can read the metadata back on asset authentication, i.e. using the jq utility:
vcn a README.md -o json | jq .metadata
Inspect has been extended with the addition of new filter: --last , --first , --start and --end . With --last and --first are returned the N first or last respectively.
vcn inspect document.pdf --last 10
With --start and --end it's possible to use a time range filter:
vcn inspect document.pdf --start 2020/10/28-08:00:00 --end 2020/10/28-17:00:00
If no filters are provided, only a maximum of 100 items are returned.
It’s possible to filter results by signer identifier:
vcn inspect document.pdf --signerID Cyg.