An open source tool for validating ProvenDB proofs


provendb-verify is an open source command line utility that can be used to validate ProvenDB data. You can use it to:

The source code for provendb-verify is available on GitHub. This code implements the ProvenDB document hashing algorithm and can therefore be used to audit ProvenDBs approach to blockchain proofs.


provendb-verify -h shows all options to the tool.

  --uri URI                                specify a resolvable MongoDB URI connection string as the
                                            verification target. When using this option with others,
                                            such as '--ssl=false', other explicitly specified options
                                            will always take precedence
                                             (default: "mongodb://localhost:27017")
   --host HOST                              specify a MongoDB HOST as the verification target
   --port PORT                              specify a MongoDB PORT as the verification target
   --ssl                                    use SSL for the MongoDB connection
                                             (default: false)
   --username USERNAME, -u USERNAME         specify a USERNAME for the MongoDB authentication
   --password PASSWORD, -p PASSWORD         specify a PASSWORD for the MongoDB authentication
   --authDatabase DATABASE, --adb DATABASE  specify a DATABASE to be used for authentication (ignored
                                            for a ProvenDB connection)
   --database DATABASE, --db DATABASE       specify a DATABASE as the verification target (ignored for
                                            a ProvenDB connection)
   --proofId ID, --pid ID                   specify a ProvenDB Proof ID and use the version in that
                                            Proof as '--versionId'
   --versionId VERSION, --vid VERSION       specify a VERSION to be verified. Use 'current' to verify
                                            the most recent version
                                             (default: "current")
   --in PATH, -i PATH                       specify a PATH to a ProvenDB Proof Archive (.zip) or an
                                            external Chainpoint Proof either in base64 (.txt) or JSON
                                            (.json). The (.txt) or (.json) will be used to verify the
                                            database or document, instead of using the stored one in
                                            ProvenDB. If the database or document is not specified, the
                                            (.txt) or (.json) itself will only be verified. You can use
                                            '--out' to output such (.txt) or (.json)
   --listVersions, --ls                     list all the verifiable versions along with ProvenDB Proof
                                            IDs for the target MongoDB database
                                             (default: false)
   --collection NAME, --col NAME            specify the collection NAME of the document to be
                                            verified. When using this option, '--docFilter' must be
                                            provided to get that document
   --docFilter FILTER, --df FILTER          specify a FILTER to get the document as the verification
                                            target, which must be in MongoDB extended JSON format, such
                                            as, '{"_id": {"$oid": "5b6a6a1646e0fb00080aac8c"}}'. When
                                            using this option, '--collection' must be provided. Ignoring
                                            this, the provided MongoDB database will be verified. This
                                            option can be combined with '--versionId' to verify a
                                            document in that specific version
   --out PATH, -o PATH                      specify a PATH to output the Chainpoint Proof when
                                            verified. Then filename in the PATH must end with either
                                            '.json' (for JSON) or '.txt' (for compressed binary in
   --help, -h                               show this usage information
                                             (default: false)
   --debug                                  print out debug information
                                             (default: false)
   --skipDocCheck                           skip checking document hash against document metadata
                                             (default: false)
   --version, -v                            print the version (default: false)


Validate a ProvenDB archive

In Independently validating your blockchain proofs we showed the procedure for exporting your ProvenDB data and loading it into a MongoDB database. Once loaded into a database, you can use provendb-verify to list all the blockchain proofs in that database:

$ provendb-verify -db dev_guy01 --ls
proofId                             	version  	submitted                     	status
53780ed0-45f2-11e9-a4bd-01752f568485	34416    	2019-03-14 11:44:29 +1100 AEDT	valid
4ab726f0-45f2-11e9-a4bd-01738939dce1	34407    	2019-03-14 11:44:14 +1100 AEDT	valid
422b31c0-45f2-11e9-a4bd-01abc446c1ea	34398    	2019-03-14 11:44:00 +1100 AEDT	valid
399614d0-45f2-11e9-a4bd-01940bff0df9	34389    	2019-03-14 11:43:46 +1100 AEDT	valid
317a94b0-45f2-11e9-a4bd-01fbdddc1aba	34380    	2019-03-14 11:43:32 +1100 AEDT	valid

Next we validate a proof using the proof id obtained from the previous step:

$ provendb-verify -db dev_guy01 --pid 53780ed0-45f2-11e9-a4bd-01752f568485
Hashing database `dev_guy01`... 352/352
Verifying Chainpoint Proof...
Verifying Chainpoint anchor...
Verifying Bitcoin anchor...
Verifying Bitcoin transaction OP_RETURN...
Verifying Bitcoin block merkle root...
Bitcoin transaction e0ed2fd9065f8adc26e9d82bd6fff700ba376dc69359e1bfe2190a5066ee5715 has OP_RETURN e0c89977e1723891c66e01b769f875ad159478cc78801d9c6dd1e402a3b67373
Bitcoin block height 566950 has merkle root 078c04383f3038b95730f92b27c7f835c4df822de0920a9d9bc697959a48a35c
 PASS  Database `dev_guy01` in version 34416 is verified```

## Validate a ProvenDocs document archive

[ProvenDocs](doc:what-is-provendocs) allow you to export an archive of a proof for a specific document.  **provendb-verify** can be used to establish the validity of that archive.  If I have uploaded a file called 'MyWill.pdf' to, then downloaded an archive of that file to, then I can use **provendb-verify** to validate that archive as follows:

$ provendb-verify --in ""
Loading ProvenDB Proof Archive ``...
Verifying Chainpoint Proof...
Verifying Bitcoin anchor...
Verifying Bitcoin transaction OP_RETURN...
Verifying Bitcoin block merkle root...
Verifying Chainpoint anchor...
Bitcoin transaction b950d0204abe51f0c368336ab6911a6ae9b0062f68b97deec36820ac9286ad6e has OP_RETURN 01c49125a4aa3851d691bc909ff303a6cb510a78c98a48073e90bc418e81ad39
Bitcoin block height 570703 has merkle root 2418295084a7b24f53789360748d0281a297c3f27cd1a53a083c98cbb9a5dc01
 PASS  ProvenDB Proof Archive is verified

What’s Next