edgecase
author: stjohn_piano


Note: This page is subject to change at any time. It is not signed by the author or by Edgecase Datafeed.


Note: All articles published on Edgecase Datafeed are datafeed articles and are signed by Edgecase Datafeed. A datafeed article may contain an article, a signed article, or a checkpoint article. To verify a datafeed article means to check that the GPG digital signature attached to it is mathematically valid and optionally to check its time of publication as measured by block height on the bitcoin blockchain. The most recent articles may not yet have been published on the bitcoin blockchain.


Note: A datafeed article can currently contain three types of link:
a) a hyperlink (i.e. a normal web address)
b) a link to another article in a datafeed
c) a link to an asset


Note: Any non-article file stored in the datafeed system and linked from an article is an asset. The original text version of the article will contain a SHA256 hash of a linked asset in the link. This hash may not be displayed in the HTML version of the article.


1) Install GPG 1.4.x (preferably 1.4.10), if you don't already have it on your system. How to do this is beyond the scope of this recipe.


2) Check that your system has a utility for calculating the SHA256 hash of a file. If it does not, find and install one. How to do this is beyond the scope of this recipe.


3) If the article was signed by its author, follow this recipe How to verify a signed article to verify:
a) the Edgecase Datafeed signature
b) the author signature
c) the time of publication as measured by block height on the bitcoin blockchain
d) the integrity of the article (i.e. that it has not been changed since the time of its publication)


3a) If the article was not signed by its author, follow this recipe How to verify an article to verify:
a) the Edgecase Datafeed signature
b) the time of publication as measured by block height on the bitcoin blockchain
c) the integrity of the article (i.e. that it has not been changed since the time of its publication)


4) Within the article, find the <link> element that links to the asset. The <link> includes a <sha256> element that contains the SHA256 hash of the asset.

example <link> element:

<link>
<type>asset</type>
<filename>bitaddress.html</filename>
<text>bitaddress.html</text>
<sha256>0db7234bf87aae167cb40e8f06ed41fdb777d5d808a84e688fee2dab5d16e9c0</sha256>
</link>

Note that the SHA256 hash is composed of all non-whitespace characters between <sha256> and </sha256>.

In this example, the SHA256 hash is:

0db7234bf87aae167cb40e8f06ed41fdb777d5d808a84e688fee2dab5d16e9c0


5) Download the asset by clicking on the hyperlink in the article. Open a commandline terminal, change directory to the directory containing the asset, and run the following command to find the SHA256 hash of the asset. Replace "sha256" with the appropriate command on your system. Replace "bitaddress.html" with the filename of the asset you are verifying.

$ sha256 bitaddress.html

example output:

0db7234bf87aae167cb40e8f06ed41fdb777d5d808a84e688fee2dab5d16e9c0


6) Compare the outputs of steps 4 and 5. If the two outputs are identical, an original, unaltered copy of this asset is now in your possession.