How it works.
This page explains how Record of Intent makes records that are hard to fake. The first half is in plain English. The second half is for anyone who wants the technical detail.
In plain English.
When you create a record, three things happen at the same moment.
First, we turn the contents into a digital fingerprint. A fingerprint is a long string of letters and numbers that uniquely matches the contents. Change one comma and the fingerprint changes completely. Nobody can work backwards from the fingerprint to the contents.
Second, we ask an independent timestamping service to confirm the moment. The service is run by a third party, not us. They sign a token saying "this fingerprint existed at this exact moment". We store the token alongside the record.
Third, we save everything in an append-only ledger. Once a record is saved, it cannot be edited or deleted. Not by your client. Not by you. Not by us.
Anyone with the link can check the fingerprint and the timestamp themselves. They do not need an account.
Technical detail.
This section is being expanded as we build. The current implementation uses SHA-256 hashing over canonicalised JSON, RFC 3161 timestamping from FreeTSA, and append-only Postgres tables enforced at the database level. Full reproducibility instructions, the canonicalisation rules, and the verification format will be published here ahead of public launch.