Skip to content

Glossary

Key terms used throughout the Diogenes documentation, defined in plain language.

Attestation : A cryptographic signature over a document manifest, made by a registered key holder. An attestation records that a specific person (identified by their key) reviewed, authored, edited, or published a document.

Attestation DAG : The directed acyclic graph formed by all attestations on a document. Multiple signers (author, editor, reviewer, publisher) each add nodes, creating a verifiable provenance chain.

Content Hash : A SHA-256 hash of a document's content. Used to verify that a document has not been altered since it was signed. The content itself is never sent to the server -- only its hash.

Endorsement : A declaration by one key holder that they trust another key holder's identity. Endorsements follow an offer/accept lifecycle and can be withdrawn or revoked.

Fingerprint : A unique identifier derived from a public key's bytes (typically a SHA-256 hash of the key material). Used to reference keys throughout the system without transmitting the full public key.

Key Pair : A cryptographic key pair consisting of a private key (kept secret by the owner) and a public key (registered on the transparency log). Diogenes supports Ed25519, ECDSA P-256, and RSA-2048 algorithms.

Key Succession : The process of replacing an active key with a new one. The old key is marked as "succeeded" and points to its replacement. This allows key rotation without losing identity continuity.

Manifest : A JSON document that binds a document's metadata and content hash to its attestation graph. The manifest is the unit that gets signed.

OpenTimestamps (OTS) : A protocol for anchoring data to the Bitcoin blockchain, proving that the data existed at or before a specific block time. Diogenes uses OTS to timestamp transparency log entries.

Pseudonym : A human-readable name associated with a registered key. Pseudonyms are not guaranteed to be unique and serve as a convenience label, not a verified identity claim.

Sybil Attack : An attack where an adversary creates many fake identities to gain disproportionate influence in a trust network. Diogenes defends against this through endorsement capacity scaling and activation delays.

Temporal Anchoring : The process of anchoring a transparency log entry to Bitcoin via OpenTimestamps, providing tamper-evident proof that the entry existed at a specific point in time.

Three-Layer Verification : Diogenes's verification model: Layer 1 checks cryptographic validity, Layer 2 checks key status, and Layer 3 applies subjective trust assessment based on the verifier's configured trust policy.

Transparency Log : An append-only, hash-chained sequence of events (key registrations, attestations, endorsements). Anyone can audit the log to verify its integrity. The hash chain ensures that entries cannot be altered or removed after creation.

Trust Anchor : A key that a verifier explicitly trusts. Trust anchors are the starting points for Layer 3 verification -- trust propagates outward from anchors through endorsement chains.

Trust Configuration : A verifier's personal trust policy, specifying which keys are trust anchors, how deep endorsement chains can be, how quickly trust decays with distance, and what endorsement categories are required.

Trust Decay : The reduction in trust as endorsement chains grow longer. A key endorsed directly by a trust anchor is more trusted than one endorsed through three intermediaries. Verifiers configure the decay rate.

Vouching Decay : A specific trust decay mechanism where endorsements lose weight over time or as the endorser's capacity is consumed. Prevents any single participant from having unlimited influence.

Web of Trust : The network of mutual endorsements between participants. Unlike a certificate authority model, trust is distributed and subjective -- each verifier decides whom to trust based on their own endorsement graph.