Skip to content

Diogenes -- Verified Source Trust System

Diogenes is trust infrastructure for establishing cryptographic provenance of source documents. It enables multiple parties -- authors, editors, reviewers, publishers, and scholars -- to independently attest to a document's integrity through a directed acyclic graph (DAG) of attestations, with public verifiability, temporal anchoring via Bitcoin, and decentralized identity management.

There is no centralized certificate authority. Trust is established through a web of endorsements between participants, recorded on a public, append-only transparency log.

Who is this for?

  • Developers

    Build applications that leverage cryptographic provenance. Start with the Getting Started guide or dive into the API Reference.

  • Security Professionals

    Understand the cryptographic foundations and threat model. Read the Security Architecture overview.

  • Academics & Researchers

    Explore the formal properties and cryptographic design. See the Academic Overview.

  • Business Stakeholders

    Learn how Diogenes solves document provenance challenges. Read the Business Overview.

  • IT & Operations

    Deploy and operate Diogenes in your environment. Follow the Operations Guide.

Core Value Proposition

Modern digital documents lack verifiable provenance. When a document passes through multiple hands -- authoring, editing, review, publication -- there is no standard way to prove who attested to what, when they did so, and whether the document has been altered since.

Diogenes solves this by providing:

  • Cryptographic attestations -- Each party signs the document independently, creating a verifiable chain of custody.
  • Public transparency log -- All key registrations and attestation events are recorded on an append-only, hash-chained log that anyone can audit.
  • Temporal anchoring -- Attestation timestamps are anchored to Bitcoin via OpenTimestamps, providing tamper-evident proof of when an attestation occurred.
  • Decentralized identity -- Participants manage their own key pairs. Trust is built through a web of mutual endorsements, not a centralized authority.
  • Three-layer verification -- Documents are verified at the cryptographic, key status, and subjective trust levels.

How It Works (Overview)

  1. Register a key -- A participant generates a key pair and registers the public key on the transparency log, associated with a pseudonym.
  2. Sign a document -- The participant creates an attestation (authorship, editorial review, peer review, or publication) by signing a manifest that references the document's content hash.
  3. Build the attestation graph -- Multiple parties each add their attestations, forming a DAG of provenance.
  4. Verify -- Anyone can verify a document by checking the cryptographic signatures, key statuses, and (optionally) the trust network surrounding the signers.

For a deeper explanation, see How It Works.

Use Cases

Scholarly Publishing -- Cryptographic attestation of theological texts, patristic commentaries, and historical manuscripts. Custodial scholars establish provenance chains from physical archives to digital texts.

Medical Research -- Institutional signing of clinical trial documents, research datasets, and regulatory submissions. The attestation model maps to 21 CFR Part 11 requirements for attributable, tamper-evident, time-stamped electronic signatures.

Verified RAG Pipelines -- Documents ingested into retrieval-augmented generation (RAG) pipelines carry verifiable provenance. Each retrieved chunk traces back to its attestation graph, enabling citations with cryptographic proof of source integrity.

Software Supply Chain Security -- Cryptographic attestation chains for software releases, security reviews, audits, and dependency trust. Verify every link in the supply chain from maintainer to your infrastructure.

Getting Started

Ready to integrate Diogenes into your workflow?