FAQ

Common questions about the OCC Protocol.

Does OCC upload my file?

No. Your file is hashed locally in your browser or application. Only the SHA-256 digest (32 bytes) is sent to the enclave. The actual file bytes never leave your machine.

Can I verify a proof without an internet connection?

Yes. Core verification (digest match + Ed25519 signature) is fully offline. You need the original bytes, the proof JSON, and a verifier implementation. No API calls required.

What happens if the enclave restarts?

A new epoch begins. The enclave generates a fresh Ed25519 keypair from hardware entropy, derives a new epochId, and resets the monotonic counter to 1. The previous epoch's signing key is destroyed and exists nowhere outside the terminated enclave. The first proof of the new epoch has no prevB64. Restarting is also a containment action: any undetected compromise is quarantined to the bounded window of a single epoch.

If the TEE were compromised, would all my old proofs be invalid?

No. Each epoch is a sealed compartment with its own keypair. A compromise of the live epoch can only sign proofs under the live epoch's public key — it cannot retroactively forge proofs under any prior epoch's key, because that key was destroyed when its enclave terminated. Ethereum anchors tighten this further: every proof committed before an anchor is fixed in a public, immutable timeline. A breach is bounded on one side by the epoch boundary and on the other by the most recent Ethereum anchor that preceded it.

Is this a blockchain?

No. OCC has no distributed consensus, no global ledger, no tokens. It constrains a single execution boundary. Proof chaining (prevB64) is a local hash chain, not a distributed data structure.

Does OCC prove who created the content?

A base proof attests which execution boundary committed specific bytes, not who created them. Actor-bound proofs (using device-bound biometric keys) can additionally attest that a specific person or device authorized the commitment.

What if someone modifies the proof JSON?

The Ed25519 signature covers the canonical signed body. Any modification to signed fields (artifact, commit, signer identity, environment) invalidates the signature. Unsigned fields (timestamps, metadata) are advisory and should not be trusted for security decisions.

What is the measurement field?

For AWS Nitro Enclaves, it is the PCR0 value, a SHA-384 hash of the enclave image. It uniquely identifies the exact code running inside the boundary. Verifiers should pin allowedMeasurements to known-good values.

How does OCC establish time?

OCC does not claim to prove absolute time. It proves causal order: every commit pre-allocates a slot inside the enclave before the artifact hash is known, and the monotonic counter establishes sequencing within an epoch. For an external time anchor, the same enclave periodically seals its counter chain into an Ethereum block. Once anchored, every proof committed before that block is fixed in a public, immutable timeline.

Can the same file produce different proofs?

Yes. Each commit generates a fresh nonce, increments the counter, and produces a new signature. The artifact digest will be the same (same file = same SHA-256), but the commit context differs. This is correct behavior. Each is a distinct commit event.

What is prevB64?

The SHA-256 hash of the previous complete proof in the chain. It creates a linked sequence within an epoch. If any proof in the chain is modified, deleted, or reordered, the hash chain breaks. The first proof of an epoch has no prevB64.

How is this different from just signing a file?

A standard digital signature proves someone with the private key signed the bytes. OCC additionally provides: a measured execution boundary (PCR0), a monotonic counter (ordering), causal slot pre-allocation (proves commitment position was reserved before content was known), proof chaining (sequence integrity), hardware attestation (boundary evidence), actor-bound proofs (device biometric authorization), and signed attribution (creator metadata). The key never leaves the enclave.

What is a causal slot?

A slot is a pre-allocated nonce and counter pair created inside the enclave before any artifact hash is known. This proves the enclave committed to a specific position in its sequence independently of the artifact content. The slot has its own Ed25519 signature and is cryptographically bound to the final proof via slotHashB64. Every proof includes its slot allocation record.

What is attribution?

Attribution is optional creator metadata (name, title, message) that is included in the Ed25519-signed body. Unlike metadata (which is unsigned and advisory), attribution is cryptographically sealed. Tampering with any attribution field invalidates the proof signature.

Can I batch multiple artifacts?

Yes. Send multiple digests in a single POST /commit request. The enclave allocates a slot and commits each digest sequentially. If using actor-bound proofs (passkey), all proofs in the batch receive actor identity via batchContext. Each proof is independently verifiable.

What libraries does OCC use?

The core library uses @noble/ed25519 for signatures and @noble/hashes for SHA-256. Both are audited, pure TypeScript, zero-dependency libraries. No Node.js native bindings.