Subnet345

Glossary

What is a hash-chained external anchor?

A hash-chained external anchor commits a chain’s checkpoints to a separate append-only substrate outside the chain. It is what makes wholesale chain replacement detectable, protecting the record against a silent reset.

§ 01 Definition

Hash-chaining protects entries. Anchoring protects the chain.

A hash-chained external anchor is a commitment of a hash chain’s checkpoint (its start point, or a periodic milestone) to a separate append-only substrate outside the chain itself. The anchor is what makes wholesale replacement of the chain detectable. Without an external anchor, a hash chain is tamper-evident within the chain but the chain can be reset, replaced, or re-forged at will; the anchor is what makes chain-replacement itself a detectable event.

External anchoring is not tamper-proofing. A determined actor can still attempt to alter a chain and re-anchor a substitute. What changes is the shape of the attack: the substitute chain does not match the anchor already committed to the external substrate, and any party who reads the anchor sees the mismatch. Tamper-evident hash-chaining alone protects entries; external anchoring protects the chain.

§ 02 Why it matters

“Is this the same chain?”

A hash chain by itself answers “was this entry changed?” The record is verifiable within the chain because each entry commits to the previous. An external anchor answers a different question: “is this the same chain?” A record that lives entirely inside the operator’s boundary is a record the operator could, in principle, replace with a different record and re-hash. External anchoring closes that door: the anchored checkpoints are committed to a substrate the operator does not fully control (a public timestamping service, a partner-held signed receipt, a separately-operated append-only log). Any wholesale replacement becomes visible to the party holding the anchor.

For audit and regulatory contexts, external anchoring is what turns a hash chain from “a record we produced” into “a record whose provenance we can defend.” An examiner does not have to trust the operator’s word that the chain was not reset; they can consult the external anchor and see. The chain remains inside the operator’s boundary; the anchor is the minimal cross-boundary commitment that closes the replacement-attack window.

§ 03 Questions

External anchoring, answered.

How is external anchoring different from just hash-chaining?

Hash-chaining binds each entry to the previous within a single chain. Anyone reading the chain can verify entry-by-entry integrity. External anchoring is a separate property: it binds the chain itself, or a checkpoint of the chain, to a substrate outside the chain, so that the chain cannot be replaced wholesale without breaking the external commitment. See what is a tamper-evident audit log for the entry-integrity property.

What does the external anchor need to be?

It needs to be append-only and outside the operator’s full control. Common shapes: a public timestamping service (RFC 3161 time-stamping authority), a partner-held signed receipt (counter-signed by a counterparty), or a separately-operated append-only log. The anchor does not need to be publicly visible; it needs to be independently held so that the operator alone cannot re-write it.

How does external anchoring relate to independent verification?

The anchor is what makes independent verification possible at all. A verifier reads the anchor from the external substrate and walks the chain forward from the anchored checkpoint, recomputing each entry’s hash against what is stored. The scope of what can be independently verified is bounded by the anchor’s cadence and coverage: verification runs from the most recent anchor forward. See what is recompute at anchored recent horizon for the scope discipline, and audit-of-action for the record the anchored chain produces.

Anchor the record. So the chain cannot be replaced unseen.