implement ripemd160 just so we can validate peter todd's old examples.

implement verifier.
calendar upgrade functionality.
2023-09-28 15:35:07 -03:00 · 2023-09-28 14:57:03 -03:00 · 2023-09-27 20:32:50 -03:00 · 2023-09-27 08:59:15 -03:00 · 2023-09-26 23:29:14 -03:00 · 2023-09-25 06:03:35 -03:00
26 changed files with 750 additions and 1914 deletions
--- a/202
+++ b/202
@@ -1,202 +0,0 @@
                                 Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/
   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
   1. Definitions.
      "License" shall mean the terms and conditions for use, reproduction,
      and distribution as defined by Sections 1 through 9 of this document.
      "Licensor" shall mean the copyright owner or entity authorized by
      the copyright owner that is granting the License.
      "Legal Entity" shall mean the union of the acting entity and all
      other entities that control, are controlled by, or are under common
      control with that entity. For the purposes of this definition,
      "control" means (i) the power, direct or indirect, to cause the
      direction or management of such entity, whether by contract or
      otherwise, or (ii) ownership of fifty percent (50%) or more of the
      outstanding shares, or (iii) beneficial ownership of such entity.
      "You" (or "Your") shall mean an individual or Legal Entity
      exercising permissions granted by this License.
      "Source" form shall mean the preferred form for making modifications,
      including but not limited to software source code, documentation
      source, and configuration files.
      "Object" form shall mean any form resulting from mechanical
      transformation or translation of a Source form, including but
      not limited to compiled object code, generated documentation,
      and conversions to other media types.
      "Work" shall mean the work of authorship, whether in Source or
      Object form, made available under the License, as indicated by a
      copyright notice that is included in or attached to the work
      (an example is provided in the Appendix below).
      "Derivative Works" shall mean any work, whether in Source or Object
      form, that is based on (or derived from) the Work and for which the
      editorial revisions, annotations, elaborations, or other modifications
      represent, as a whole, an original work of authorship. For the purposes
      of this License, Derivative Works shall not include works that remain
      separable from, or merely link (or bind by name) to the interfaces of,
      the Work and Derivative Works thereof.
      "Contribution" shall mean any work of authorship, including
      the original version of the Work and any modifications or additions
      to that Work or Derivative Works thereof, that is intentionally
      submitted to Licensor for inclusion in the Work by the copyright owner
      or by an individual or Legal Entity authorized to submit on behalf of
      the copyright owner. For the purposes of this definition, "submitted"
      means any form of electronic, verbal, or written communication sent
      to the Licensor or its representatives, including but not limited to
      communication on electronic mailing lists, source code control systems,
      and issue tracking systems that are managed by, or on behalf of, the
      Licensor for the purpose of discussing and improving the Work, but
      excluding communication that is conspicuously marked or otherwise
      designated in writing by the copyright owner as "Not a Contribution."
      "Contributor" shall mean Licensor and any individual or Legal Entity
      on behalf of whom a Contribution has been received by Licensor and
      subsequently incorporated within the Work.
   2. Grant of Copyright License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      copyright license to reproduce, prepare Derivative Works of,
      publicly display, publicly perform, sublicense, and distribute the
      Work and such Derivative Works in Source or Object form.
   3. Grant of Patent License. Subject to the terms and conditions of
      this License, each Contributor hereby grants to You a perpetual,
      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
      (except as stated in this section) patent license to make, have made,
      use, offer to sell, sell, import, and otherwise transfer the Work,
      where such license applies only to those patent claims licensable
      by such Contributor that are necessarily infringed by their
      Contribution(s) alone or by combination of their Contribution(s)
      with the Work to which such Contribution(s) was submitted. If You
      institute patent litigation against any entity (including a
      cross-claim or counterclaim in a lawsuit) alleging that the Work
      or a Contribution incorporated within the Work constitutes direct
      or contributory patent infringement, then any patent licenses
      granted to You under this License for that Work shall terminate
      as of the date such litigation is filed.
   4. Redistribution. You may reproduce and distribute copies of the
      Work or Derivative Works thereof in any medium, with or without
      modifications, and in Source or Object form, provided that You
      meet the following conditions:
      (a) You must give any other recipients of the Work or
          Derivative Works a copy of this License; and
      (b) You must cause any modified files to carry prominent notices
          stating that You changed the files; and
      (c) You must retain, in the Source form of any Derivative Works
          that You distribute, all copyright, patent, trademark, and
          attribution notices from the Source form of the Work,
          excluding those notices that do not pertain to any part of
          the Derivative Works; and
      (d) If the Work includes a "NOTICE" text file as part of its
          distribution, then any Derivative Works that You distribute must
          include a readable copy of the attribution notices contained
          within such NOTICE file, excluding those notices that do not
          pertain to any part of the Derivative Works, in at least one
          of the following places: within a NOTICE text file distributed
          as part of the Derivative Works; within the Source form or
          documentation, if provided along with the Derivative Works; or,
          within a display generated by the Derivative Works, if and
          wherever such third-party notices normally appear. The contents
          of the NOTICE file are for informational purposes only and
          do not modify the License. You may add Your own attribution
          notices within Derivative Works that You distribute, alongside
          or as an addendum to the NOTICE text from the Work, provided
          that such additional attribution notices cannot be construed
          as modifying the License.
      You may add Your own copyright statement to Your modifications and
      may provide additional or different license terms and conditions
      for use, reproduction, or distribution of Your modifications, or
      for any such Derivative Works as a whole, provided Your use,
      reproduction, and distribution of the Work otherwise complies with
      the conditions stated in this License.
   5. Submission of Contributions. Unless You explicitly state otherwise,
      any Contribution intentionally submitted for inclusion in the Work
      by You to the Licensor shall be under the terms and conditions of
      this License, without any additional terms or conditions.
      Notwithstanding the above, nothing herein shall supersede or modify
      the terms of any separate license agreement you may have executed
      with Licensor regarding such Contributions.
   6. Trademarks. This License does not grant permission to use the trade
      names, trademarks, service marks, or product names of the Licensor,
      except as required for reasonable and customary use in describing the
      origin of the Work and reproducing the content of the NOTICE file.
   7. Disclaimer of Warranty. Unless required by applicable law or
      agreed to in writing, Licensor provides the Work (and each
      Contributor provides its Contributions) on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
      implied, including, without limitation, any warranties or conditions
      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
      PARTICULAR PURPOSE. You are solely responsible for determining the
      appropriateness of using or redistributing the Work and assume any
      risks associated with Your exercise of permissions under this License.
   8. Limitation of Liability. In no event and under no legal theory,
      whether in tort (including negligence), contract, or otherwise,
      unless required by applicable law (such as deliberate and grossly
      negligent acts) or agreed to in writing, shall any Contributor be
      liable to You for damages, including any direct, indirect, special,
      incidental, or consequential damages of any character arising as a
      result of this License or out of the use or inability to use the
      Work (including but not limited to damages for loss of goodwill,
      work stoppage, computer failure or malfunction, or any and all
      other commercial damages or losses), even if such Contributor
      has been advised of the possibility of such damages.
   9. Accepting Warranty or Additional Liability. While redistributing
      the Work or Derivative Works thereof, You may choose to offer,
      and charge a fee for, acceptance of support, warranty, indemnity,
      or other liability obligations and/or rights consistent with this
      License. However, in accepting such obligations, You may act only
      on Your own behalf and on Your sole responsibility, not on behalf
      of any other Contributor, and only if You agree to indemnify,
      defend, and hold each Contributor harmless for any liability
      incurred by, or claims asserted against, such Contributor by reason
      of your accepting any such warranty or additional liability.
   END OF TERMS AND CONDITIONS
   APPENDIX: How to apply the Apache License to your work.
      To apply the Apache License to your work, attach the following
      boilerplate notice, with the fields enclosed by brackets "[]"
      replaced with your own identifying information. (Don't include
      the brackets!)  The text should be enclosed in the appropriate
      comment syntax for the file format. We also recommend that a
      file or class name and description of purpose be included on the
      same "printed page" as the copyright notice for easier
      identification within third-party archives.
   Copyright [yyyy] [name of copyright owner]
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at
       http://www.apache.org/licenses/LICENSE-2.0
   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
--- a/README.md
+++ b/README.md
@@ -1,23 +1,7 @@
 # opentimestamps
-Go port of https://github.com/opentimestamps/python-opentimestamps.
+Interact with calendar servers, create and verify OTS attestations.
 Copied from https://github.com/BlockchainSource/go-opentimestamps.
 # Done
 * Byte-level serialization format
 * Timestamp parsing
 * Creating pending timestamps
 * Upgrading pending timestamps
 * Bitcoin Timestamp verification
 # To do
 * Support for multiple timestamp servers
 * Proper timestamp merging (on upgrade)
 * More conformant serialization (sorting)
 # License
-Apache 2.0
+Public Domain
--- a/attestations.go
+++ b/attestations.go
@@ -1,183 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"fmt"
 )
 const (
 	attestationTagSize             = 8
 	attestationMaxPayloadSize      = 8192
 	pendingAttestationMaxUriLength = 1000
 )
 var (
 	bitcoinAttestationTag = mustDecodeHex("0588960d73d71901")
 	pendingAttestationTag = mustDecodeHex("83dfe30d2ef90c8e")
 )
 type Attestation interface {
 	tag() []byte
 	decode(*deserializationContext) (Attestation, error)
 	encode(*serializationContext) error
 }
 type baseAttestation struct {
 	fixedTag []byte
 }
 func (b *baseAttestation) tag() []byte {
 	return b.fixedTag
 }
 type pendingAttestation struct {
 	baseAttestation
 	uri string
 }
 func newPendingAttestation() *pendingAttestation {
 	return &pendingAttestation{
 		baseAttestation: baseAttestation{
 			fixedTag: pendingAttestationTag,
 		},
 	}
 }
 func (p *pendingAttestation) decode(
 	ctx *deserializationContext,
 ) (Attestation, error) {
 	uri, err := ctx.readVarBytes(0, pendingAttestationMaxUriLength)
 	if err != nil {
 		return nil, err
 	}
 	// TODO utf8 checks
 	ret := *p
 	ret.uri = string(uri)
 	return &ret, nil
 }
 func (p *pendingAttestation) encode(ctx *serializationContext) error {
 	return ctx.writeVarBytes([]byte(p.uri))
 }
 func (p *pendingAttestation) String() string {
 	return fmt.Sprintf("VERIFY PendingAttestation(url=%s)", p.uri)
 }
 type BitcoinAttestation struct {
 	baseAttestation
 	Height uint64
 }
 func newBitcoinAttestation() *BitcoinAttestation {
 	return &BitcoinAttestation{
 		baseAttestation: baseAttestation{bitcoinAttestationTag},
 	}
 }
 func (b *BitcoinAttestation) String() string {
 	return fmt.Sprintf("VERIFY BitcoinAttestation(height=%d)", b.Height)
 }
 func (b *BitcoinAttestation) decode(
 	ctx *deserializationContext,
 ) (Attestation, error) {
 	height, err := ctx.readVarUint()
 	if err != nil {
 		return nil, err
 	}
 	ret := *b
 	ret.Height = height
 	return &ret, nil
 }
 func (b *BitcoinAttestation) encode(ctx *serializationContext) error {
 	return ctx.writeVarUint(uint64(b.Height))
 }
 const hashMerkleRootSize = 32
 //
 func (b *BitcoinAttestation) VerifyAgainstBlockHash(
 	digest, blockHash []byte,
 ) error {
 	if len(digest) != hashMerkleRootSize {
 		return fmt.Errorf("invalid digest size %d", len(digest))
 	}
 	if !bytes.Equal(digest, blockHash) {
 		return fmt.Errorf(
 			"hash mismatch digest=%x blockHash=%x",
 			digest, blockHash,
 		)
 	}
 	return nil
 }
 // This is a catch-all for when we don't know how to parse it
 type unknownAttestation struct {
 	tagBytes []byte
 	bytes    []byte
 }
 func (u unknownAttestation) tag() []byte {
 	return u.tagBytes
 }
 func (unknownAttestation) decode(*deserializationContext) (Attestation, error) {
 	panic("not implemented")
 }
 func (unknownAttestation) encode(*serializationContext) error {
 	panic("not implemented")
 }
 func (u unknownAttestation) String() string {
 	return fmt.Sprintf("UnknownAttestation(bytes=%q)", u.bytes)
 }
 var attestations []Attestation = []Attestation{
 	newPendingAttestation(),
 	newBitcoinAttestation(),
 }
 func encodeAttestation(ctx *serializationContext, att Attestation) error {
 	if err := ctx.writeBytes(att.tag()); err != nil {
 		return err
 	}
 	buf := &bytes.Buffer{}
 	if err := att.encode(&serializationContext{buf}); err != nil {
 		return err
 	}
 	return ctx.writeVarBytes(buf.Bytes())
 }
 func ParseAttestation(ctx *deserializationContext) (Attestation, error) {
 	tag, err := ctx.readBytes(attestationTagSize)
 	if err != nil {
 		return nil, err
 	}
 	attBytes, err := ctx.readVarBytes(
 		0, attestationMaxPayloadSize,
 	)
 	if err != nil {
 		return nil, err
 	}
 	attCtx := newDeserializationContext(
 		bytes.NewBuffer(attBytes),
 	)
 	for _, a := range attestations {
 		if bytes.Equal(tag, a.tag()) {
 			att, err := a.decode(attCtx)
 			if err != nil {
 				return nil, err
 			}
 			if !attCtx.assertEOF() {
 				return nil, fmt.Errorf("expected EOF in attCtx")
 			}
 			return att, nil
 		}
 	}
 	return unknownAttestation{tag, attBytes}, nil
 }
--- a/bitcoind.go
+++ b/bitcoind.go
@@ -0,0 +1,7 @@
 package opentimestamps
 import "github.com/btcsuite/btcd/rpcclient"
 func NewBitcoindInterface(config rpcclient.ConnConfig) (Bitcoin, error) {
 	return rpcclient.New(&config, nil)
 }
--- a/client/bitcoin.go
+++ b/client/bitcoin.go
@@ -1,99 +0,0 @@
 package client
 import (
 	"fmt"
 	"math"
 	"time"
 	"github.com/fiatjaf/opentimestamps"
 	"github.com/btcsuite/btcd/rpcclient"
 )
 // A BitcoinAttestationVerifier uses a bitcoin RPC connection to verify bitcoin
 // headers.
 type BitcoinAttestationVerifier struct {
 	btcrpcClient *rpcclient.Client
 }
 func NewBitcoinAttestationVerifier(
 	c *rpcclient.Client,
 ) *BitcoinAttestationVerifier {
 	return &BitcoinAttestationVerifier{c}
 }
 // VerifyAttestation checks a BitcoinAttestation using a given hash digest. It
 // returns the time of the block if the verification succeeds, an error
 // otherwise.
 func (v *BitcoinAttestationVerifier) VerifyAttestation(
 	digest []byte, a *opentimestamps.BitcoinAttestation,
 ) (*time.Time, error) {
 	if a.Height > math.MaxInt64 {
 		return nil, fmt.Errorf("illegal block height")
 	}
 	blockHash, err := v.btcrpcClient.GetBlockHash(int64(a.Height))
 	if err != nil {
 		return nil, err
 	}
 	h, err := v.btcrpcClient.GetBlockHeader(blockHash)
 	if err != nil {
 		return nil, err
 	}
 	merkleRootBytes := h.MerkleRoot[:]
 	err = a.VerifyAgainstBlockHash(digest, merkleRootBytes)
 	if err != nil {
 		return nil, err
 	}
 	utc := h.Timestamp.UTC()
 	return &utc, nil
 }
 // A BitcoinVerification is the result of verifying a BitcoinAttestation
 type BitcoinVerification struct {
 	Timestamp       *opentimestamps.Timestamp
 	Attestation     *opentimestamps.BitcoinAttestation
 	AttestationTime *time.Time
 	Error           error
 }
 // BitcoinVerifications returns the all bitcoin attestation results for the
 // timestamp.
 func (v *BitcoinAttestationVerifier) BitcoinVerifications(
 	t *opentimestamps.Timestamp,
 ) (res []BitcoinVerification) {
 	t.Walk(func(ts *opentimestamps.Timestamp) {
 		for _, att := range ts.Attestations {
 			btcAtt, ok := att.(*opentimestamps.BitcoinAttestation)
 			if !ok {
 				continue
 			}
 			attTime, err := v.VerifyAttestation(ts.Message, btcAtt)
 			res = append(res, BitcoinVerification{
 				Timestamp:       ts,
 				Attestation:     btcAtt,
 				AttestationTime: attTime,
 				Error:           err,
 			})
 		}
 	})
 	return res
 }
 // Verify returns the earliest bitcoin-attested time, or nil if none can be
 // found or verified successfully.
 func (v *BitcoinAttestationVerifier) Verify(
 	t *opentimestamps.Timestamp,
 ) (ret *time.Time, err error) {
 	res := v.BitcoinVerifications(t)
 	for _, r := range res {
 		if r.Error != nil {
 			err = r.Error
 			continue
 		}
 		if ret == nil || r.AttestationTime.Before(*ret) {
 			ret = r.AttestationTime
 		}
 	}
 	return
 }
--- a/client/bitcoin_test.go
+++ b/client/bitcoin_test.go
@@ -1,83 +0,0 @@
 package client
 import (
 	"fmt"
 	"net/url"
 	"os"
 	"testing"
 	"time"
 	"github.com/btcsuite/btcd/rpcclient"
 	"github.com/fiatjaf/opentimestamps"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 const envvarRPCURL = "GOTS_TEST_BITCOIN_RPC"
 func newTestBTCConn() (*rpcclient.Client, error) {
 	val := os.Getenv(envvarRPCURL)
 	if val == "" {
 		return nil, fmt.Errorf("envvar %q unset", envvarRPCURL)
 	}
 	connData, err := url.Parse(val)
 	if err != nil {
 		return nil, fmt.Errorf(
 			"could not parse %q=%q: %v", envvarRPCURL, val, err,
 		)
 	}
 	host := connData.Host
 	if connData.User == nil {
 		return nil, fmt.Errorf("no Userinfo in parsed url")
 	}
 	username := connData.User.Username()
 	password, ok := connData.User.Password()
 	if !ok {
 		return nil, fmt.Errorf("no password given in RPC URL")
 	}
 	connCfg := &rpcclient.ConnConfig{
 		Host:         host,
 		User:         username,
 		Pass:         password,
 		HTTPPostMode: true,
 		DisableTLS:   true,
 	}
 	return rpcclient.New(connCfg, nil)
 }
 func TestVerifyHelloWorld(t *testing.T) {
 	if os.Getenv(envvarRPCURL) == "" {
 		t.Skipf("envvar %s unset, skipping", envvarRPCURL)
 	}
 	// Format RFC3339
 	expectedTime := "2015-05-28T15:41:18Z"
 	helloWorld, err := opentimestamps.NewDetachedTimestampFromPath(
 		"../examples/hello-world.txt.ots",
 	)
 	require.NoError(t, err)
 	ts := helloWorld.Timestamp
 	btcConn, err := newTestBTCConn()
 	require.NoError(t, err)
 	verifier := BitcoinAttestationVerifier{btcConn}
 	// using BitcoinVerifications()
 	results := verifier.BitcoinVerifications(ts)
 	assert.Equal(t, 1, len(results))
 	result0 := results[0]
 	require.NoError(t, result0.Error)
 	assert.Equal(
 		t, expectedTime, result0.AttestationTime.Format(time.RFC3339),
 	)
 	// using Verify()
 	verifiedTime, err := verifier.Verify(ts)
 	require.NoError(t, err)
 	require.NotNil(t, verifiedTime)
 	assert.Equal(t, expectedTime, verifiedTime.Format(time.RFC3339))
 }
--- a/commands.go
+++ b/commands.go
@@ -1,26 +0,0 @@
 package opentimestamps
 import (
 	"crypto/sha256"
 	"io"
 	"os"
 )
 func CreateDetachedTimestampForFile(
 	path string, cal *RemoteCalendar,
 ) (*DetachedTimestamp, error) {
 	f, err := os.Open(path)
 	if err != nil {
 		return nil, err
 	}
 	hasher := sha256.New()
 	if _, err := io.Copy(hasher, f); err != nil {
 		return nil, err
 	}
 	digest := hasher.Sum([]byte{})
 	ts, err := cal.Submit(digest)
 	if err != nil {
 		return nil, err
 	}
 	return NewDetachedTimestamp(*opSHA256, digest, ts)
 }
--- a/detached_timestamp.go
+++ b/detached_timestamp.go
@@ -1,100 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"os"
 )
 var fileHeaderMagic = []byte(
 	"\x00OpenTimestamps\x00\x00Proof\x00\xbf\x89\xe2\xe8\x84\xe8\x92\x94",
 )
 const (
 	minFileDigestLength = 20
 	maxFileDigestLength = 32
 	fileMajorVersion    = 1
 )
 type DetachedTimestamp struct {
 	HashOp    cryptOp
 	FileHash  []byte
 	Timestamp *Timestamp
 }
 func (d *DetachedTimestamp) Dump() string {
 	w := &bytes.Buffer{}
 	fmt.Fprintf(
 		w, "File %s hash: %x\n", d.HashOp.name, d.Timestamp.Message,
 	)
 	fmt.Fprint(w, d.Timestamp.Dump())
 	return w.String()
 }
 func (d *DetachedTimestamp) encode(ctx *serializationContext) error {
 	if err := ctx.writeBytes(fileHeaderMagic); err != nil {
 		return err
 	}
 	if err := ctx.writeVarUint(fileMajorVersion); err != nil {
 		return err
 	}
 	if err := d.HashOp.encode(ctx); err != nil {
 		return err
 	}
 	if err := ctx.writeBytes(d.FileHash); err != nil {
 		return err
 	}
 	return d.Timestamp.encode(ctx)
 }
 func (d *DetachedTimestamp) WriteToStream(w io.Writer) error {
 	return d.encode(&serializationContext{w})
 }
 func NewDetachedTimestamp(
 	hashOp cryptOp, fileHash []byte, ts *Timestamp,
 ) (*DetachedTimestamp, error) {
 	if len(fileHash) != hashOp.digestLength {
 		return nil, fmt.Errorf(
 			"op %v expects %d byte digest, got %d",
 			hashOp, hashOp.digestLength, len(fileHash),
 		)
 	}
 	return &DetachedTimestamp{hashOp, fileHash, ts}, nil
 }
 func NewDetachedTimestampFromReader(r io.Reader) (*DetachedTimestamp, error) {
 	ctx := newDeserializationContext(r)
 	if err := ctx.assertMagic([]byte(fileHeaderMagic)); err != nil {
 		return nil, err
 	}
 	major, err := ctx.readVarUint()
 	if err != nil {
 		return nil, err
 	}
 	if major != uint64(fileMajorVersion) {
 		return nil, fmt.Errorf("unexpected major version %d", major)
 	}
 	fileHashOp, err := parseCryptOp(ctx)
 	if err != nil {
 		return nil, err
 	}
 	fileHash, err := ctx.readBytes(fileHashOp.digestLength)
 	if err != nil {
 		return nil, err
 	}
 	ts, err := newTimestampFromContext(ctx, fileHash)
 	if err != nil {
 		return nil, err
 	}
 	return &DetachedTimestamp{*fileHashOp, fileHash, ts}, nil
 }
 func NewDetachedTimestampFromPath(p string) (*DetachedTimestamp, error) {
 	f, err := os.Open(p)
 	if err != nil {
 		return nil, err
 	}
 	return NewDetachedTimestampFromReader(f)
 }
--- a/detached_timestamp_test.go
+++ b/detached_timestamp_test.go
@@ -1,110 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"encoding/hex"
 	"io/ioutil"
 	"path/filepath"
 	"testing"
 	"github.com/stretchr/testify/assert"
 )
 func examplePaths() []string {
 	matches, err := filepath.Glob("./examples/*ots")
 	if err != nil {
 		panic(err)
 	}
 	return matches
 }
 func containsUnknownAttestation(ts *Timestamp) (res bool) {
 	ts.Walk(func(subTs *Timestamp) {
 		for _, att := range subTs.Attestations {
 			if _, ok := att.(unknownAttestation); ok {
 				res = true
 			}
 		}
 	})
 	return
 }
 func TestDecodeHelloWorld(t *testing.T) {
 	dts, err := NewDetachedTimestampFromPath(
 		"./examples/hello-world.txt.ots",
 	)
 	assert.NoError(t, err)
 	attCount := 0
 	checkAttestation := func(ts *Timestamp, att Attestation) {
 		assert.Equal(t, 0, attCount)
 		expectedAtt := newBitcoinAttestation()
 		expectedAtt.Height = 358391
 		assert.Equal(t, expectedAtt, att)
 		// If ts.Message is correct, opcode parsing and execution should
 		// have succeeded.
 		assert.Equal(t,
 			"007ee445d23ad061af4a36b809501fab1ac4f2d7e7a739817dd0cbb7ec661b8a",
 			hex.EncodeToString(ts.Message),
 		)
 		attCount += 1
 	}
 	dts.Timestamp.Walk(func(ts *Timestamp) {
 		for _, att := range ts.Attestations {
 			// this should be called exactly once
 			checkAttestation(ts, att)
 		}
 	})
 	assert.Equal(t, 1, attCount)
 }
 func TestDecodeEncodeAll(t *testing.T) {
 	for _, path := range examplePaths() {
 		t.Log(path)
 		dts, err := NewDetachedTimestampFromPath(path)
 		assert.NoError(t, err, path)
 		if containsUnknownAttestation(dts.Timestamp) {
 			t.Logf("skipping encode cycle: unknownAttestation")
 			continue
 		}
 		buf := &bytes.Buffer{}
 		err = dts.Timestamp.encode(&serializationContext{buf})
 		if !assert.NoError(t, err, path) {
 			continue
 		}
 		buf = bytes.NewBuffer(buf.Bytes())
 		ts1, err := NewTimestampFromReader(buf, dts.Timestamp.Message)
 		if !assert.NoError(t, err, path) {
 			continue
 		}
 		dts1, err := NewDetachedTimestamp(
 			dts.HashOp, dts.FileHash, ts1,
 		)
 		if !assert.NoError(t, err) {
 			continue
 		}
 		dts1Target := &bytes.Buffer{}
 		err = dts1.WriteToStream(dts1Target)
 		if !assert.NoError(t, err) {
 			continue
 		}
 		orgBytes, err := ioutil.ReadFile(path)
 		if !assert.NoError(t, err) {
 			continue
 		}
 		assert.Equal(t, orgBytes, dts1Target.Bytes())
 		t.Log("encode cycle success")
 	}
 }
--- a/esplora.go
+++ b/esplora.go
@@ -0,0 +1,73 @@
 package opentimestamps
 import (
 	"bytes"
 	"encoding/hex"
 	"fmt"
 	"io"
 	"net/http"
 	"strconv"
 	"strings"
 	"github.com/btcsuite/btcd/chaincfg/chainhash"
 	"github.com/btcsuite/btcd/wire"
 	"golang.org/x/exp/slices"
 )
 func NewEsploraClient(url string) Bitcoin {
 	if strings.HasSuffix(url, "/") {
 		url = url[0 : len(url)-1]
 	}
 	return esplora{url}
 }
 type esplora struct{ baseurl string }
 func (e esplora) GetBlockHash(height int64) (*chainhash.Hash, error) {
 	resp, err := http.Get(e.baseurl + "/block-height/" + strconv.FormatInt(height, 10))
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	hexb, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, err
 	}
 	hash, err := hex.DecodeString(string(hexb))
 	if err != nil {
 		return nil, err
 	}
 	if len(hash) != chainhash.HashSize {
 		return nil, fmt.Errorf("got block hash (%x) of invalid size (expected %d)", hash, chainhash.HashSize)
 	}
 	slices.Reverse(hash)
 	var chash chainhash.Hash
 	copy(chash[:], hash)
 	return &chash, nil
 }
 func (e esplora) GetBlockHeader(hash *chainhash.Hash) (*wire.BlockHeader, error) {
 	resp, err := http.Get(fmt.Sprintf("%s/block/%s/header", e.baseurl, hash.String()))
 	if err != nil {
 		return nil, err
 	}
 	defer resp.Body.Close()
 	hexb, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, err
 	}
 	headerHash, err := hex.DecodeString(string(hexb))
 	if err != nil {
 		return nil, err
 	}
 	header := &wire.BlockHeader{}
 	if err := header.BtcDecode(bytes.NewBuffer(headerHash), 0, 0); err != nil {
 		return nil, err
 	}
 	return header, nil
 }
--- a/go.mod
+++ b/go.mod
@@ -4,22 +4,19 @@ go 1.21
 require (
 	github.com/btcsuite/btcd v0.23.4
-	github.com/sirupsen/logrus v1.9.3
+	github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1
-	github.com/stretchr/testify v1.8.4
+	golang.org/x/exp v0.0.0-20230905200255-921286631fa9
 	golang.org/x/crypto v0.13.0
 )
 require (
 	github.com/btcsuite/btcd/btcec/v2 v2.1.3 // indirect
 	github.com/btcsuite/btcd/btcutil v1.1.0 // indirect
 	github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 // indirect
 	github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f // indirect
 	github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd // indirect
 	github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/decred/dcrd/crypto/blake256 v1.0.0 // indirect
 	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
 	golang.org/x/crypto v0.13.0 // indirect
 	golang.org/x/sys v0.12.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -24,7 +24,6 @@ github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792 h1:R8vQdOQdZ9Y3
 github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtEyQwv5/p4Mg4C0fgbePVuGr935/5ddU9Z3TmDRY=
 github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs=
 github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0=
@@ -60,10 +59,6 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
@@ -71,6 +66,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
 golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -86,7 +83,6 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -101,13 +97,11 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/operations.go
+++ b/operations.go
@@ -1,220 +0,0 @@
 package opentimestamps
 import (
 	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"golang.org/x/crypto/ripemd160"
 )
 const maxResultLength = 4096
 type (
 	unaryMsgOp  func(message []byte) ([]byte, error)
 	binaryMsgOp func(message, argument []byte) ([]byte, error)
 )
 // msgAppend returns the concatenation of msg and arg
 func msgAppend(msg, arg []byte) (res []byte, err error) {
 	res = append(res, msg...)
 	res = append(res, arg...)
 	return
 }
 // msgPrepend returns the concatenation of arg and msg
 func msgPrepend(msg, arg []byte) (res []byte, err error) {
 	res = append(res, arg...)
 	res = append(res, msg...)
 	return
 }
 // msgReverse returns the reversed msg. Deprecated.
 func msgReverse(msg []byte) ([]byte, error) {
 	if len(msg) == 0 {
 		return nil, fmt.Errorf("empty input invalid for msgReverse")
 	}
 	res := make([]byte, len(msg))
 	for i, b := range msg {
 		res[len(res)-i-1] = b
 	}
 	return res, nil
 }
 func msgHexlify(msg []byte) ([]byte, error) {
 	if len(msg) == 0 {
 		return nil, fmt.Errorf("empty input invalid for msgHexlify")
 	}
 	return []byte(hex.EncodeToString(msg)), nil
 }
 func msgSHA1(msg []byte) ([]byte, error) {
 	res := sha1.Sum(msg)
 	return res[:], nil
 }
 func msgRIPEMD160(msg []byte) ([]byte, error) {
 	h := ripemd160.New()
 	_, err := h.Write(msg)
 	if err != nil {
 		return nil, err
 	}
 	return h.Sum([]byte{}), nil
 }
 func msgSHA256(msg []byte) ([]byte, error) {
 	res := sha256.Sum256(msg)
 	return res[:], nil
 }
 type opCode interface {
 	match(byte) bool
 	decode(*deserializationContext) (opCode, error)
 	encode(*serializationContext) error
 	apply(message []byte) ([]byte, error)
 }
 type op struct {
 	tag  byte
 	name string
 }
 func (o op) match(tag byte) bool {
 	return o.tag == tag
 }
 type unaryOp struct {
 	op
 	msgOp unaryMsgOp
 }
 func newUnaryOp(tag byte, name string, msgOp unaryMsgOp) *unaryOp {
 	return &unaryOp{op{tag: tag, name: name}, msgOp}
 }
 func (u *unaryOp) String() string {
 	return u.name
 }
 func (u *unaryOp) decode(ctx *deserializationContext) (opCode, error) {
 	ret := *u
 	return &ret, nil
 }
 func (u *unaryOp) encode(ctx *serializationContext) error {
 	return ctx.writeByte(u.tag)
 }
 func (u *unaryOp) apply(message []byte) ([]byte, error) {
 	return u.msgOp(message)
 }
 // Crypto operations
 // These are hash ops that define a digest length
 type cryptOp struct {
 	unaryOp
 	digestLength int
 }
 func newCryptOp(
 	tag byte, name string, msgOp unaryMsgOp, digestLength int,
 ) *cryptOp {
 	return &cryptOp{
 		unaryOp:      *newUnaryOp(tag, name, msgOp),
 		digestLength: digestLength,
 	}
 }
 func (c *cryptOp) decode(ctx *deserializationContext) (opCode, error) {
 	u, err := c.unaryOp.decode(ctx)
 	if err != nil {
 		return nil, err
 	}
 	return &cryptOp{*u.(*unaryOp), c.digestLength}, nil
 }
 // Binary operations
 // We decode an extra varbyte argument and use it in apply()
 type binaryOp struct {
 	op
 	msgOp    binaryMsgOp
 	argument []byte
 }
 func newBinaryOp(tag byte, name string, msgOp binaryMsgOp) *binaryOp {
 	return &binaryOp{
 		op:       op{tag: tag, name: name},
 		msgOp:    msgOp,
 		argument: nil,
 	}
 }
 func (b *binaryOp) decode(ctx *deserializationContext) (opCode, error) {
 	arg, err := ctx.readVarBytes(0, maxResultLength)
 	if err != nil {
 		return nil, err
 	}
 	if len(arg) == 0 {
 		return nil, fmt.Errorf("empty argument invalid for binaryOp")
 	}
 	ret := *b
 	ret.argument = arg
 	return &ret, nil
 }
 func (b *binaryOp) encode(ctx *serializationContext) error {
 	if err := ctx.writeByte(b.tag); err != nil {
 		return err
 	}
 	return ctx.writeVarBytes(b.argument)
 }
 func (b *binaryOp) apply(message []byte) ([]byte, error) {
 	return b.msgOp(message, b.argument)
 }
 func (b *binaryOp) String() string {
 	return fmt.Sprintf("%s %x", b.name, b.argument)
 }
 var (
 	opAppend    = newBinaryOp(0xf0, "APPEND", msgAppend)
 	opPrepend   = newBinaryOp(0xf1, "PREPEND", msgPrepend)
 	opReverse   = newUnaryOp(0xf2, "REVERSE", msgReverse)
 	opHexlify   = newUnaryOp(0xf3, "HEXLIFY", msgHexlify)
 	opSHA1      = newCryptOp(0x02, "SHA1", msgSHA1, 20)
 	opRIPEMD160 = newCryptOp(0x03, "RIPEMD160", msgRIPEMD160, 20)
 	opSHA256    = newCryptOp(0x08, "SHA256", msgSHA256, 32)
 )
 var opCodes []opCode = []opCode{
 	opAppend, opPrepend, opReverse, opHexlify, opSHA1, opRIPEMD160,
 	opSHA256,
 }
 func parseOp(ctx *deserializationContext, tag byte) (opCode, error) {
 	for _, op := range opCodes {
 		if op.match(tag) {
 			return op.decode(ctx)
 		}
 	}
 	return nil, fmt.Errorf("could not decode tag %02x", tag)
 }
 func parseCryptOp(ctx *deserializationContext) (*cryptOp, error) {
 	tag, err := ctx.readByte()
 	if err != nil {
 		return nil, err
 	}
 	op, err := parseOp(ctx, tag)
 	if err != nil {
 		return nil, err
 	}
 	if cryptOp, ok := op.(*cryptOp); ok {
 		return cryptOp, nil
 	} else {
 		return nil, fmt.Errorf("expected cryptOp, got %#v", op)
 	}
 }
--- a/operations_test.go
+++ b/operations_test.go
@@ -1,78 +0,0 @@
 package opentimestamps
 import (
 	"encoding/hex"
 	"testing"
 	"github.com/stretchr/testify/assert"
 )
 func TestMsgAppend(t *testing.T) {
 	msg := []byte("123")
 	res, err := msgAppend(msg, []byte("456"))
 	assert.NoError(t, err)
 	assert.Equal(t, "123456", string(res))
 	// make sure changes to input msg don't affect output
 	msg[0] = byte('0')
 	assert.Equal(t, "123456", string(res))
 }
 func TestMsgPrepend(t *testing.T) {
 	msg := []byte("123")
 	res, err := msgPrepend(msg, []byte("abc"))
 	assert.NoError(t, err)
 	assert.Equal(t, "abc123", string(res))
 	// make sure changes to input msg don't affect output
 	msg[0] = byte('0')
 	assert.Equal(t, "abc123", string(res))
 }
 func TestMsgReverse(t *testing.T) {
 	_, err := msgReverse([]byte{})
 	assert.Error(t, err)
 	res, err := msgReverse([]byte{1, 2, 3})
 	assert.NoError(t, err)
 	assert.Equal(t, []byte{3, 2, 1}, res)
 }
 func TestMsgHexlify(t *testing.T) {
 	_, err := msgHexlify([]byte{})
 	assert.Error(t, err)
 	res, err := msgHexlify([]byte{1, 2, 3, 0xff})
 	assert.NoError(t, err)
 	assert.Equal(t, []byte("010203ff"), res)
 }
 func TestMsgSHA1(t *testing.T) {
 	out, err := msgSHA1([]byte{})
 	assert.NoError(t, err)
 	assert.Equal(t,
 		"da39a3ee5e6b4b0d3255bfef95601890afd80709",
 		hex.EncodeToString(out),
 	)
 }
 func TestMsgSHA256(t *testing.T) {
 	out, err := msgSHA256([]byte{})
 	assert.NoError(t, err)
 	assert.Equal(t,
 		"e3b0c44298fc1c149afbf4c8996fb924"+
 			"27ae41e4649b934ca495991b7852b855",
 		hex.EncodeToString(out),
 	)
 }
 func TestRIPEMD160(t *testing.T) {
 	out, err := msgRIPEMD160([]byte{})
 	assert.Equal(t,
 		"9c1185a5c5e9fc54612808977ee8f548b2258d31",
 		hex.EncodeToString(out),
 	)
 	out, err = msgRIPEMD160(out)
 	assert.NoError(t, err)
 	assert.Equal(t,
 		"38bbc57e4cbe8b6a1d2c999ef62503e0a6e58109",
 		hex.EncodeToString(out),
 	)
 }
--- a/ots.go
+++ b/ots.go
@@ -0,0 +1,251 @@
 package opentimestamps
 import (
 	"crypto/sha256"
 	"encoding/hex"
 	"fmt"
 	"strings"
 	"golang.org/x/exp/slices"
 )
 /*
 * Header magic bytes
 * Designed to be give the user some information in a hexdump, while being identified as 'data' by the file utility.
 * \x00OpenTimestamps\x00\x00Proof\x00\xbf\x89\xe2\xe8\x84\xe8\x92\x94
 */
 var headerMagic = []byte{0x00, 0x4f, 0x70, 0x65, 0x6e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x73, 0x00, 0x00, 0x50, 0x72, 0x6f, 0x6f, 0x66, 0x00, 0xbf, 0x89, 0xe2, 0xe8, 0x84, 0xe8, 0x92, 0x94}
 var (
 	pendingMagic = []byte{0x83, 0xdf, 0xe3, 0x0d, 0x2e, 0xf9, 0x0c, 0x8e}
 	bitcoinMagic = []byte{0x05, 0x88, 0x96, 0x0d, 0x73, 0xd7, 0x19, 0x01}
 )
 type Operation struct {
 	Name   string
 	Tag    byte
 	Binary bool // it's an operation that takes one argument, otherwise takes none
 	Apply  func(curr []byte, arg []byte) []byte
 }
 var tags = map[byte]*Operation{
 	0xf0: {"append", 0xf0, true, func(curr []byte, arg []byte) []byte {
 		result := make([]byte, len(curr)+len(arg))
 		copy(result[0:], curr)
 		copy(result[len(curr):], arg)
 		return result
 	}},
 	0xf1: {"prepend", 0xf1, true, func(curr []byte, arg []byte) []byte {
 		result := make([]byte, len(curr)+len(arg))
 		copy(result[0:], arg)
 		copy(result[len(arg):], curr)
 		return result
 	}},
 	0xf2: {"reverse", 0xf2, false, func(curr []byte, arg []byte) []byte { panic("reverse not implemented") }},
 	0xf3: {"hexlify", 0xf3, false, func(curr []byte, arg []byte) []byte { panic("hexlify not implemented") }},
 	0x02: {"sha1", 0x02, false, func(curr []byte, arg []byte) []byte { panic("sha1 not implemented") }},
 	0x03: {"ripemd160", 0x03, false, ripemd160},
 	0x08: {"sha256", 0x08, false, func(curr []byte, arg []byte) []byte {
 		v := sha256.Sum256(curr)
 		return v[:]
 	}},
 	0x67: {"keccak256", 0x67, false, func(curr []byte, arg []byte) []byte { panic("keccak256 not implemented") }},
 }
 // A Timestamp is basically the content of an .ots file: it has an initial digest and
 // a series of sequences of instructions. Each sequence must be evaluated separately, applying the operations
 // on top of each other, starting with the .Digest until they end on an attestation.
 type Timestamp struct {
 	Digest       []byte
 	Instructions []Sequence
 }
 // a Instruction can be an operation like "append" or "prepend" (this will be the case when .Operation != nil)
 // or an attestation (when .Attestation != nil).
 // It will have a non-nil .Argument whenever the operation requires an argument.
 type Instruction struct {
 	*Operation
 	Argument []byte
 	*Attestation
 }
 func (a Instruction) Equal(b Instruction) bool {
 	if a.Operation != nil {
 		if a.Operation == b.Operation && slices.Equal(a.Argument, b.Argument) {
 			return true
 		} else {
 			return false
 		}
 	} else if a.Attestation != nil {
 		if b.Attestation == nil {
 			return false
 		}
 		if a.Attestation.BitcoinBlockHeight != 0 &&
 			a.Attestation.BitcoinBlockHeight == b.Attestation.BitcoinBlockHeight {
 			return true
 		}
 		if a.Attestation.CalendarServerURL != "" &&
 			a.Attestation.CalendarServerURL == b.Attestation.CalendarServerURL {
 			return true
 		}
 		return false
 	} else {
 		// a is nil -- this is already broken but whatever
 		if b.Attestation == nil && b.Operation == nil {
 			return true
 		}
 		return false
 	}
 }
 type Sequence []Instruction
 func (seq Sequence) Compute(initial []byte) []byte {
 	current := initial
 	for _, inst := range seq {
 		if inst.Operation == nil {
 			break
 		}
 		current = inst.Operation.Apply(current, inst.Argument)
 	}
 	return current
 }
 func (ts Timestamp) GetPendingSequences() []Sequence {
 	bitcoin := ts.GetBitcoinAttestedSequences()
 	results := make([]Sequence, 0, len(ts.Instructions))
 	for _, seq := range ts.Instructions {
 		if len(seq) > 0 && seq[len(seq)-1].Attestation != nil && seq[len(seq)-1].Attestation.CalendarServerURL != "" {
 			// this is a calendar sequence, fine
 			// now we check if this same sequence isn't contained in a bigger one that contains a bitcoin attestation
 			cseq := seq
 			for _, bseq := range bitcoin {
 				if len(bseq) < len(cseq) {
 					continue
 				}
 				if slices.EqualFunc(bseq[0:len(cseq)], cseq, func(a, b Instruction) bool { return a.Equal(b) }) {
 					goto thisSequenceIsAlreadyConfirmed
 				}
 			}
 			// sequence not confirmed, so add it to pending result
 			results = append(results, seq)
 		thisSequenceIsAlreadyConfirmed:
 			// skip this
 			continue
 		}
 	}
 	return results
 }
 func (ts Timestamp) GetBitcoinAttestedSequences() []Sequence {
 	results := make([]Sequence, 0, len(ts.Instructions))
 	for _, seq := range ts.Instructions {
 		if len(seq) > 0 && seq[len(seq)-1].Attestation != nil && seq[len(seq)-1].Attestation.BitcoinBlockHeight > 0 {
 			results = append(results, seq)
 		}
 	}
 	return results
 }
 func (ts Timestamp) Human() string {
 	strs := make([]string, 0, 100)
 	strs = append(strs, fmt.Sprintf("file digest: %x", ts.Digest))
 	strs = append(strs, fmt.Sprintf("hashed with: sha256"))
 	strs = append(strs, "instruction sequences:")
 	for _, seq := range ts.Instructions {
 		strs = append(strs, "~>")
 		for _, inst := range seq {
 			line := "  "
 			if inst.Operation != nil {
 				line += inst.Operation.Name
 				if inst.Operation.Binary {
 					line += " " + hex.EncodeToString(inst.Argument)
 				}
 			} else if inst.Attestation != nil {
 				line += inst.Attestation.Human()
 			} else {
 				panic(fmt.Sprintf("invalid instruction timestamp: %v", inst))
 			}
 			strs = append(strs, line)
 		}
 	}
 	return strings.Join(strs, "\n")
 }
 func (ts Timestamp) SerializeToFile() []byte {
 	data := make([]byte, 0, 5050)
 	data = append(data, headerMagic...)
 	data = appendVarUint(data, 1)
 	data = append(data, 0x08) // sha256
 	data = append(data, ts.Digest...)
 	data = append(data, ts.SerializeInstructionSequences()...)
 	return data
 }
 func (ts Timestamp) SerializeInstructionSequences() []byte {
 	data := make([]byte, 0, 5000)
 	for i, seq := range ts.Instructions {
 		for _, inst := range seq {
 			if inst.Operation != nil {
 				// write normal operation
 				data = append(data, inst.Operation.Tag)
 				if inst.Operation.Binary {
 					data = appendVarBytes(data, inst.Argument)
 				}
 			} else if inst.Attestation != nil {
 				// write attestation record
 				data = append(data, 0x00)
 				{
 					// will use a new buffer for the actual attestation data
 					abuf := make([]byte, 0, 100)
 					if inst.BitcoinBlockHeight != 0 {
 						data = append(data, bitcoinMagic...) // this goes in the main data buffer
 						abuf = appendVarUint(abuf, inst.BitcoinBlockHeight)
 					} else if inst.CalendarServerURL != "" {
 						data = append(data, pendingMagic...) // this goes in the main data buffer
 						abuf = appendVarBytes(abuf, []byte(inst.CalendarServerURL))
 					} else {
 						panic(fmt.Sprintf("invalid attestation: %v", inst))
 					}
 					data = appendVarBytes(data, abuf) // we append that data as varbytes
 				}
 			} else {
 				panic(fmt.Sprintf("invalid instruction: %v", inst))
 			}
 		}
 		if i+1 < len(ts.Instructions) {
 			// write separator and start a new sequence of instructions
 			data = append(data, 0xff)
 		}
 	}
 	return data
 }
 type Attestation struct {
 	BitcoinBlockHeight uint64
 	CalendarServerURL  string
 }
 func (att Attestation) Name() string {
 	if att.BitcoinBlockHeight != 0 {
 		return "bitcoin"
 	} else if att.CalendarServerURL != "" {
 		return "pending"
 	} else {
 		return "unknown/broken"
 	}
 }
 func (att Attestation) Human() string {
 	if att.BitcoinBlockHeight != 0 {
 		return fmt.Sprintf("bitcoin(%d)", att.BitcoinBlockHeight)
 	} else if att.CalendarServerURL != "" {
 		return fmt.Sprintf("pending(%s)", att.CalendarServerURL)
 	} else {
 		return "unknown/broken"
 	}
 }
--- a/parsers.go
+++ b/parsers.go
@@ -0,0 +1,175 @@
 package opentimestamps
 import (
 	"fmt"
 	"io"
 	"golang.org/x/exp/slices"
 )
 func parseCalendarServerResponse(buf Buffer) (Sequence, error) {
 	seqs, err := parseTimestamp(buf)
 	if err != nil {
 		return nil, err
 	}
 	if len(seqs) != 1 {
 		return nil, fmt.Errorf("invalid number of sequences obtained: %d", len(seqs))
 	}
 	return seqs[0], nil
 }
 func parseOTSFile(buf Buffer) (*Timestamp, error) {
 	// read magic
 	// read version [1 byte]
 	// read crypto operation for file digest [1 byte]
 	// read file digest [32 byte (depends)]
 	if magic, err := buf.readBytes(len(headerMagic)); err != nil || !slices.Equal(headerMagic, magic) {
 		return nil, fmt.Errorf("invalid ots file header '%s': %w", magic, err)
 	}
 	if version, err := buf.readVarUint(); err != nil || version != 1 {
 		return nil, fmt.Errorf("invalid ots file version '%v': %w", version, err)
 	}
 	tag, err := buf.readByte()
 	if err != nil {
 		return nil, fmt.Errorf("failed to read operation byte: %w", err)
 	}
 	if op, err := readInstruction(buf, tag); err != nil || op.Operation.Name != "sha256" {
 		return nil, fmt.Errorf("invalid crypto operation '%v', only sha256 supported: %w", op, err)
 	}
 	// if we got here assume the digest is sha256
 	digest, err := buf.readBytes(32)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read 32-byte digest: %w", err)
 	}
 	ts := &Timestamp{
 		Digest: digest,
 	}
 	if seqs, err := parseTimestamp(buf); err != nil {
 		return nil, err
 	} else {
 		ts.Instructions = seqs
 	}
 	return ts, nil
 }
 func parseTimestamp(buf Buffer) ([]Sequence, error) {
 	// read instructions
 	//   if operation = push
 	//   if 0x00 = attestation
 	//      read tag [8 bytes]
 	//      readvarbytes
 	//        interpret these depending on the type of attestation
 	//          if bitcoin: readvaruint as the block height
 	//          if pending from calendar: readvarbytes as the utf-8 calendar url
 	//      end or go back to last continuation byte
 	//   if 0xff = pick up a continuation byte (checkpoint) and add it to stack
 	currInstructionsBlock := 0
 	seqs := make([]Sequence, 0, 10)
 	// we will store checkpoints here
 	checkpoints := make([][]Instruction, 0, 4)
 	// start first instruction block
 	seqs = append(seqs, make([]Instruction, 0, 30))
 	// go read these tags
 	for {
 		tag, err := buf.readByte()
 		if err != nil {
 			if err == io.EOF {
 				return seqs, nil
 			}
 			return nil, fmt.Errorf("failed to read operation byte: %w", err)
 		}
 		if tag == 0x00 {
 			// enter an attestation context
 			magic, err := buf.readBytes(8)
 			if err != nil {
 				return nil, fmt.Errorf("failed to read attestion magic bytes: %w", err)
 			}
 			this, err := buf.readVarBytes()
 			if err != nil {
 				return nil, fmt.Errorf("failed to read attestation bytes: %w", err)
 			}
 			abuf := NewBuffer(this)
 			switch {
 			case slices.Equal(magic, pendingMagic):
 				val, err := abuf.readVarBytes()
 				if err != nil {
 					return nil, fmt.Errorf("failed reading calendar server url: %w", err)
 				}
 				seqs[currInstructionsBlock] = append(
 					seqs[currInstructionsBlock],
 					Instruction{Attestation: &Attestation{CalendarServerURL: string(val)}},
 				)
 			case slices.Equal(magic, bitcoinMagic):
 				val, err := abuf.readVarUint()
 				if err != nil {
 					return nil, fmt.Errorf("failed reading bitcoin block number: %w", err)
 				}
 				seqs[currInstructionsBlock] = append(
 					seqs[currInstructionsBlock],
 					Instruction{Attestation: &Attestation{BitcoinBlockHeight: val}},
 				)
 			default:
 				return nil, fmt.Errorf("unsupported attestation type '%x': %x", magic, this)
 			}
 			// check if we have checkpoints and, if yes, copy them in a new block of instructions
 			ncheckpoints := len(checkpoints)
 			if ncheckpoints > 0 {
 				// use this checkpoint as the starting point for the next block
 				cp := checkpoints[ncheckpoints-1]
 				checkpoints = checkpoints[0 : ncheckpoints-1] // remove this from the stack
 				seqs = append(seqs, cp)
 				currInstructionsBlock++
 			}
 		} else if tag == 0xff {
 			// pick up a checkpoint to be used later
 			currentBlock := seqs[currInstructionsBlock]
 			cp := make([]Instruction, len(currentBlock))
 			copy(cp, currentBlock)
 			checkpoints = append(checkpoints, cp)
 		} else {
 			// a new operation in this block
 			inst, err := readInstruction(buf, tag)
 			if err != nil {
 				return nil, fmt.Errorf("failed to read instruction: %w", err)
 			}
 			seqs[currInstructionsBlock] = append(seqs[currInstructionsBlock], *inst)
 		}
 	}
 }
 func readInstruction(buf Buffer, tag byte) (*Instruction, error) {
 	op, ok := tags[tag]
 	if !ok {
 		return nil, fmt.Errorf("unknown tag %v", tag)
 	}
 	inst := Instruction{
 		Operation: op,
 	}
 	if op.Binary {
 		val, err := buf.readVarBytes()
 		if err != nil {
 			return nil, fmt.Errorf("error reading argument: %w", err)
 		}
 		inst.Argument = val
 	}
 	return &inst, nil
 }
--- a/remote_calendar.go
+++ b/remote_calendar.go
@@ -1,146 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"encoding/hex"
 	"fmt"
 	"io/ioutil"
 	"net/http"
 	"net/http/httputil"
 	"strings"
 	"github.com/sirupsen/logrus"
 )
 const userAgent = "go-opentimestamps"
 const dumpResponse = false
 type RemoteCalendar struct {
 	baseURL string
 	client  *http.Client
 	log     *logrus.Logger
 }
 func NewRemoteCalendar(baseURL string) (*RemoteCalendar, error) {
 	// FIXME remove this
 	if baseURL == "localhost" {
 		baseURL = "http://localhost:14788"
 	}
 	// TODO validate url
 	if !strings.HasSuffix(baseURL, "/") {
 		baseURL += "/"
 	}
 	return &RemoteCalendar{
 		baseURL,
 		http.DefaultClient,
 		logrus.New(),
 	}, nil
 }
 // Check response status, return informational error message if
 // status is not `200 OK`.
 func checkStatusOK(resp *http.Response) error {
 	if resp.StatusCode == http.StatusOK {
 		return nil
 	}
 	errMsg := fmt.Sprintf("unexpected response: %q", resp.Status)
 	if resp.Body == nil {
 		return fmt.Errorf("%s (body=nil)", errMsg)
 	}
 	defer resp.Body.Close()
 	bodyBytes, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
 		return fmt.Errorf("%s (bodyErr=%v)", errMsg, err)
 	} else {
 		return fmt.Errorf("%s (body=%q)", errMsg, bodyBytes)
 	}
 }
 func (c *RemoteCalendar) do(r *http.Request) (*http.Response, error) {
 	r.Header.Add("Accept", "application/vnd.opentimestamps.v1")
 	r.Header.Add("User-Agent", userAgent)
 	c.log.Debugf("> %s %s", r.Method, r.URL)
 	resp, err := c.client.Do(r)
 	if err != nil {
 		c.log.Errorf("> %s %s error: %v", r.Method, r.URL, err)
 		return resp, err
 	}
 	c.log.Debugf("< %s %s - %v", r.Method, r.URL, resp.Status)
 	if dumpResponse {
 		bytes, err := httputil.DumpResponse(resp, true)
 		if err == nil {
 			c.log.Debugf("response dump:%s ", bytes)
 		}
 	}
 	return resp, err
 }
 func (c *RemoteCalendar) url(path string) string {
 	return c.baseURL + path
 }
 func (c *RemoteCalendar) Submit(digest []byte) (*Timestamp, error) {
 	body := bytes.NewBuffer(digest)
 	req, err := http.NewRequest("POST", c.url("digest"), body)
 	if err != nil {
 		return nil, err
 	}
 	resp, err := c.do(req)
 	if err != nil {
 		return nil, err
 	}
 	if resp.Body != nil {
 		defer resp.Body.Close()
 	}
 	if resp.StatusCode != http.StatusOK {
 		return nil, fmt.Errorf("expected 200, got %v", resp.Status)
 	}
 	return NewTimestampFromReader(resp.Body, digest)
 }
 func (c *RemoteCalendar) GetTimestamp(commitment []byte) (*Timestamp, error) {
 	url := c.url("timestamp/" + hex.EncodeToString(commitment))
 	req, err := http.NewRequest("GET", url, nil)
 	if err != nil {
 		return nil, err
 	}
 	resp, err := c.do(req)
 	if err != nil {
 		return nil, err
 	}
 	if err := checkStatusOK(resp); err != nil {
 		return nil, err
 	}
 	if resp.Body != nil {
 		defer resp.Body.Close()
 	}
 	return NewTimestampFromReader(resp.Body, commitment)
 }
 type PendingTimestamp struct {
 	Timestamp          *Timestamp
 	PendingAttestation *pendingAttestation
 }
 func (p PendingTimestamp) Upgrade() (*Timestamp, error) {
 	cal, err := NewRemoteCalendar(p.PendingAttestation.uri)
 	if err != nil {
 		return nil, err
 	}
 	return cal.GetTimestamp(p.Timestamp.Message)
 }
 func PendingTimestamps(ts *Timestamp) (res []PendingTimestamp) {
 	ts.Walk(func(ts *Timestamp) {
 		for _, att := range ts.Attestations {
 			p, ok := att.(*pendingAttestation)
 			if !ok {
 				continue
 			}
 			attCopy := *p
 			res = append(res, PendingTimestamp{ts, &attCopy})
 		}
 	})
 	return
 }
--- a/remote_calendar_test.go
+++ b/remote_calendar_test.go
@@ -1,71 +0,0 @@
 package opentimestamps
 import (
 	"crypto/sha256"
 	"fmt"
 	"os"
 	"testing"
 	"time"
 	"github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 const (
 	calendarServerEnvvar = "GOTS_TEST_CALENDAR_SERVER"
 	bitcoinRegtestEnvvar = "GOTS_TEST_BITCOIN_REGTEST_SERVER"
 )
 func newTestCalendar(url string) *RemoteCalendar {
 	logrus.SetLevel(logrus.DebugLevel)
 	cal, err := NewRemoteCalendar(url)
 	if err != nil {
 		panic("could not create test calendar")
 	}
 	cal.log.Level = logrus.DebugLevel
 	return cal
 }
 func newTestDigest(in string) []byte {
 	hash := sha256.Sum256([]byte(in))
 	return hash[:]
 }
 func TestRemoteCalendarExample(t *testing.T) {
 	dts, err := NewDetachedTimestampFromPath(
 		"./examples/two-calendars.txt.ots",
 	)
 	require.NoError(t, err)
 	pts := PendingTimestamps(dts.Timestamp)
 	assert.Equal(t, 2, len(pts))
 	for _, pt := range pts {
 		ts, err := pt.Upgrade()
 		assert.NoError(t, err)
 		fmt.Print(ts.Dump())
 	}
 }
 func TestRemoteCalendarRoundTrip(t *testing.T) {
 	calendarServer := os.Getenv(calendarServerEnvvar)
 	if calendarServer == "" {
 		t.Skipf("%q not set, skipping test", calendarServerEnvvar)
 	}
 	cal := newTestCalendar(calendarServer)
 	ts, err := cal.Submit(newTestDigest("Hello, World!"))
 	require.NoError(t, err)
 	require.NotNil(t, ts)
 	// TODO call rpcclient generateblock 100
 	// FIXME possible opentimestamps-server bug?
 	// wait until attestation has been aggregated
 	time.Sleep(2 * time.Second)
 	for _, pts := range PendingTimestamps(ts) {
 		ts, err := pts.Upgrade()
 		assert.NoError(t, err)
 		_ = ts
 	}
 }
--- a/serialize.go
+++ b/serialize.go
@@ -1,206 +0,0 @@
 package opentimestamps
 import (
 	"bufio"
 	"bytes"
 	"fmt"
 	"io"
 	"math"
 )
 // serializationContext helps encoding values in the ots format
 type serializationContext struct {
 	w io.Writer
 }
 // newSerializationContext returns a serializationContext for a writer
 func newSerializationContext(w io.Writer) *serializationContext {
 	return &serializationContext{w}
 }
 // writeBytes writes the raw bytes to the underlying writer
 func (s serializationContext) writeBytes(b []byte) error {
 	// number of bytes can be ignored
 	// if it is equal len(b) then err is nil
 	_, err := s.w.Write(b)
 	if err != nil {
 		return err
 	}
 	return nil
 }
 // writeByte writes a single byte
 func (s serializationContext) writeByte(b byte) error {
 	return s.writeBytes([]byte{b})
 }
 // writeBool encodes and writes a boolean value
 func (s serializationContext) writeBool(b bool) error {
 	if b {
 		return s.writeByte(0xff)
 	} else {
 		return s.writeByte(0x00)
 	}
 }
 // writeVarUint encodes and writes writes a variable-length integer
 func (s serializationContext) writeVarUint(v uint64) error {
 	if v == 0 {
 		s.writeByte(0x00)
 	}
 	for v > 0 {
 		b := byte(v & 0x7f)
 		if v > uint64(0x7f) {
 			b |= 0x80
 		}
 		if err := s.writeByte(b); err != nil {
 			return err
 		}
 		if v <= 0x7f {
 			break
 		}
 		v >>= 7
 	}
 	return nil
 }
 // writeVarBytes encodes and writes a variable-length array
 func (s serializationContext) writeVarBytes(arr []byte) error {
 	if err := s.writeVarUint(uint64(len(arr))); err != nil {
 		return err
 	}
 	return s.writeBytes(arr)
 }
 // deserializationContext helps decoding values from the ots format
 type deserializationContext struct {
 	r io.Reader
 }
 // safety boundary for readBytes
 // allocation limit for arrays
 const maxReadSize = (1 << 12)
 func (d deserializationContext) dump() string {
 	arr, _ := d.r.(*bufio.Reader).Peek(512)
 	return fmt.Sprintf("% x", arr)
 }
 // readBytes reads n bytes.
 func (d deserializationContext) readBytes(n int) ([]byte, error) {
 	if n > maxReadSize {
 		return nil, fmt.Errorf("over maxReadSize: %d", maxReadSize)
 	}
 	b := make([]byte, n)
 	m, err := d.r.Read(b)
 	if err != nil {
 		return b, err
 	}
 	if n != m {
 		return b, fmt.Errorf("expected %d bytes, got %d", n, m)
 	}
 	return b[:], nil
 }
 // readByte reads a single byte.
 func (d deserializationContext) readByte() (byte, error) {
 	arr, err := d.readBytes(1)
 	if err != nil {
 		return 0, err
 	}
 	return arr[0], nil
 }
 // readBool reads a boolean.
 func (d deserializationContext) readBool() (bool, error) {
 	arr, err := d.readBytes(1)
 	if err != nil {
 		return false, err
 	}
 	switch v := arr[0]; v {
 	case 0x00:
 		return false, nil
 	case 0xff:
 		return true, nil
 	default:
 		return false, fmt.Errorf("unexpected value %x", v)
 	}
 }
 // readVarUint reads a variable-length uint64.
 func (d deserializationContext) readVarUint() (uint64, error) {
 	// NOTE
 	// the original python implementation has no uint64 limit, but I
 	// don't think we'll ever need more that that.
 	val := uint64(0)
 	shift := uint(0)
 	for {
 		b, err := d.readByte()
 		if err != nil {
 			return 0, err
 		}
 		shifted := uint64(b&0x7f) << shift
 		// ghetto overflow check
 		if (shifted >> shift) != uint64(b&0x7f) {
 			return 0, fmt.Errorf("uint64 overflow")
 		}
 		val |= shifted
 		if b&0x80 == 0 {
 			return val, nil
 		}
 		shift += 7
 	}
 }
 // readVarBytes reads variable-length number of bytes.
 func (d deserializationContext) readVarBytes(minLen, maxLen int) ([]byte, error) {
 	v, err := d.readVarUint()
 	if err != nil {
 		return nil, err
 	}
 	if v > math.MaxInt32 {
 		return nil, fmt.Errorf("int overflow")
 	}
 	vint := int(v)
 	if maxLen < vint || vint < minLen {
 		return nil, fmt.Errorf(
 			"varbytes length %d outside range (%d, %d)",
 			vint, minLen, maxLen,
 		)
 	}
 	return d.readBytes(vint)
 }
 // assertMagic removes reads the expected bytes from the stream. Returns an
 // error if the bytes are unexpected.
 func (d deserializationContext) assertMagic(expected []byte) error {
 	arr, err := d.readBytes(len(expected))
 	if err != nil {
 		return err
 	}
 	if !bytes.Equal(expected, arr) {
 		return fmt.Errorf(
 			"magic bytes mismatch, expected % x got % x",
 			expected, arr,
 		)
 	}
 	return nil
 }
 // assertEOF reads a byte and returns true if the end of the reader is reached.
 // Careful: the read operation is a side-effect.
 func (d deserializationContext) assertEOF() bool {
 	// Unfortunately we can't always do a zero-byte read here, since some
 	// reader implementations fail to return EOF. This means assertEOF
 	_, err := d.readByte()
 	return err == io.EOF
 }
 // newDeserializationContext returns a deserializationContext for a reader
 func newDeserializationContext(r io.Reader) *deserializationContext {
 	// TODO
 	// bufio is used here to allow debugging via d.dump()
 	// once this code here is robust enough we can just pass r
 	return &deserializationContext{bufio.NewReader(r)}
 }
--- a/serialize_test.go
+++ b/serialize_test.go
@@ -1,153 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"math"
 	"testing"
 	"github.com/stretchr/testify/assert"
 )
 func newDeserializationContextFromBytes(in []byte) *deserializationContext {
 	return newDeserializationContext(bytes.NewBuffer(in))
 }
 func TestReadWrite(t *testing.T) {
 	magic := []byte("magic")
 	buf := &bytes.Buffer{}
 	s := newSerializationContext(buf)
 	assert.NoError(t, s.writeBytes([]byte{0x00, 0x01}))
 	assert.NoError(t, s.writeByte(0x02))
 	assert.NoError(t, s.writeBool(true))
 	assert.NoError(t, s.writeBool(false))
 	assert.NoError(t, s.writeByte(0x03))
 	assert.NoError(t, s.writeVarUint(1))
 	assert.NoError(t, s.writeBytes([]byte{0x81, 0x00}))
 	assert.NoError(t, s.writeBytes([]byte{0x81, 0x01}))
 	assert.NoError(t, s.writeVarUint(0x100))
 	assert.NoError(t, s.writeVarUint(uint64(math.MaxUint32)+1))
 	assert.NoError(t, s.writeVarUint(math.MaxUint64))
 	assert.NoError(t, s.writeBytes([]byte{
 		// varunit excess MaxUint64
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0xff, 0x01,
 	}))
 	assert.NoError(t, s.writeBytes(magic))
 	assert.NoError(t, s.writeByte(0))
 	assert.NoError(t, s.writeBytes(magic))
 	data := buf.Bytes()
 	expectedData := []byte{
 		0x00, 0x01, // bytes [0x00, 0x01]
 		0x02,       // byte 0x02
 		0xff,       // bool true
 		0x00,       // bool false
 		0x03,       // bool error
 		0x01,       // varuint 1
 		0x81, 0x00, // varuint 1
 		0x81, 0x01, // varuint 1 (alternative)
 		0x80, 0x02, // varuint 0x100
 		// varunit math.MaxUint32 + 1
 		0x80, 0x80, 0x80, 0x80, 0x10,
 		// varunit math.MaxUint64
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0x01,
 		// varunit excess math.MaxUint64
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0xff, 0xff, 0xff,
 		0xff, 0xff, 0x01,
 		// "magic"
 		0x6d, 0x61, 0x67, 0x69, 0x63,
 		// zero
 		0x00,
 		// "magic"
 		0x6d, 0x61, 0x67, 0x69, 0x63,
 	}
 	assert.Equal(t, expectedData, data)
 	d := newDeserializationContextFromBytes(data)
 	{
 		v, err := d.readBytes(2)
 		assert.NoError(t, err)
 		assert.Equal(t, []byte{0x00, 0x01}, v)
 	}
 	{
 		v, err := d.readByte()
 		assert.NoError(t, err)
 		assert.Equal(t, byte(0x02), v)
 	}
 	{
 		v, err := d.readBool()
 		assert.NoError(t, err)
 		assert.Equal(t, true, v)
 	}
 	{
 		v, err := d.readBool()
 		assert.NoError(t, err)
 		assert.Equal(t, false, v)
 	}
 	{
 		_, err := d.readBool()
 		assert.Error(t, err)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(1), v)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(1), v)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(0x81), v)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(0x100), v)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(math.MaxUint32)+uint64(1), v)
 	}
 	{
 		v, err := d.readVarUint()
 		assert.NoError(t, err)
 		assert.Equal(t, uint64(math.MaxUint64), uint64(v))
 	}
 	{
 		_, err := d.readVarUint()
 		assert.Error(t, err)
 		// read leftover 0x02
 		b, err := d.readByte()
 		assert.NoError(t, err)
 		assert.Equal(t, byte(0x01), b)
 	}
 	{
 		assert.NoError(t, d.assertMagic(magic))
 		// fails because of in-between 0x00
 		assert.Error(t, d.assertMagic(magic))
 	}
 	{
 		// read leftover byte
 		_, err := d.readByte()
 		assert.NoError(t, err)
 		assert.True(t, d.assertEOF())
 	}
 }
--- a/stamp.go
+++ b/stamp.go
@@ -0,0 +1,81 @@
 package opentimestamps
 import (
 	"bytes"
 	"context"
 	"fmt"
 	"io"
 	"net/http"
 )
 func Stamp(ctx context.Context, calendarUrl string, digest [32]byte) (*Timestamp, error) {
 	body := bytes.NewBuffer(digest[:])
 	req, err := http.NewRequestWithContext(ctx, "POST", normalizeUrl(calendarUrl)+"/digest", body)
 	if err != nil {
 		return nil, err
 	}
 	req.Header.Add("User-Agent", "github.com/fiatjaf/opentimestamps")
 	req.Header.Add("Accept", "application/vnd.opentimestamps.v1")
 	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		return nil, fmt.Errorf("'%s' request failed: %w", calendarUrl, err)
 	}
 	full, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read response from '%s': %w", calendarUrl, err)
 	}
 	resp.Body.Close()
 	seq, err := parseCalendarServerResponse(NewBuffer(full))
 	if err != nil {
 		return nil, fmt.Errorf("failed to parse response from '%s': %w", calendarUrl, err)
 	}
 	return &Timestamp{
 		Digest:       digest[:],
 		Instructions: []Sequence{seq},
 	}, nil
 }
 func ReadFromFile(data []byte) (*Timestamp, error) {
 	return parseOTSFile(NewBuffer(data))
 }
 func (seq Sequence) Upgrade(ctx context.Context, initial []byte) (Sequence, error) {
 	result := seq.Compute(initial)
 	attestation := seq[len(seq)-1]
 	url := fmt.Sprintf("%s/timestamp/%x", normalizeUrl(attestation.CalendarServerURL), result)
 	req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
 	if err != nil {
 		return nil, err
 	}
 	req.Header.Add("User-Agent", "github.com/fiatjaf/opentimestamps")
 	req.Header.Add("Accept", "application/vnd.opentimestamps.v1")
 	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		return nil, fmt.Errorf("'%s' request failed: %w", attestation.CalendarServerURL, err)
 	}
 	if resp.StatusCode >= 300 {
 		return nil, fmt.Errorf("'%s' returned %d", attestation.CalendarServerURL, resp.StatusCode)
 	}
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return nil, fmt.Errorf("failed to read response from '%s': %w", attestation.CalendarServerURL, err)
 	}
 	resp.Body.Close()
 	newSeq, err := parseCalendarServerResponse(NewBuffer(body))
 	if err != nil {
 		return nil, fmt.Errorf("failed to parse response from '%s': %w", attestation.CalendarServerURL, err)
 	}
 	return newSeq, nil
 }
--- a/timestamp.go
+++ b/timestamp.go
@@ -1,193 +0,0 @@
 package opentimestamps
 import (
 	"bytes"
 	"fmt"
 	"io"
 	"strings"
 )
 type dumpConfig struct {
 	showMessage bool
 	showFlat    bool
 }
 var defaultDumpConfig dumpConfig = dumpConfig{
 	showMessage: true,
 	showFlat:    false,
 }
 // A timestampLink with the opCode being the link edge. The reference
 // implementation uses a map, but the implementation is a bit complex. A list
 // should work as well.
 type tsLink struct {
 	opCode    opCode
 	timestamp *Timestamp
 }
 // A Timestamp can contain many attestations and operations.
 type Timestamp struct {
 	Message      []byte
 	Attestations []Attestation
 	ops          []tsLink
 }
 // Walk calls the passed function f for this timestamp and all
 // downstream timestamps that are chained via operations.
 func (t *Timestamp) Walk(f func(t *Timestamp)) {
 	f(t)
 	for _, l := range t.ops {
 		l.timestamp.Walk(f)
 	}
 }
 func (t *Timestamp) encode(ctx *serializationContext) error {
 	n := len(t.Attestations) + len(t.ops)
 	if n == 0 {
 		return fmt.Errorf("cannot encode empty timestamp")
 	}
 	prefixAtt := []byte{0x00}
 	prefixOp := []byte{}
 	nextNode := func(prefix []byte) error {
 		n -= 1
 		if n > 0 {
 			return ctx.writeByte(0xff)
 		}
 		if len(prefix) > 0 {
 			return ctx.writeBytes(prefix)
 		}
 		return nil
 	}
 	// FIXME attestations should be sorted
 	for _, att := range t.Attestations {
 		if err := nextNode(prefixAtt); err != nil {
 			return err
 		}
 		if err := encodeAttestation(ctx, att); err != nil {
 			return err
 		}
 	}
 	// FIXME ops should be sorted
 	for _, op := range t.ops {
 		if err := nextNode(prefixOp); err != nil {
 			return err
 		}
 		if err := op.opCode.encode(ctx); err != nil {
 			return err
 		}
 		if err := op.timestamp.encode(ctx); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func (t *Timestamp) DumpIndent(w io.Writer, indent int, cfg dumpConfig) {
 	if cfg.showMessage {
 		fmt.Fprintf(w, strings.Repeat(" ", indent))
 		fmt.Fprintf(w, "message %x\n", t.Message)
 	}
 	for _, att := range t.Attestations {
 		fmt.Fprint(w, strings.Repeat(" ", indent))
 		fmt.Fprintln(w, att)
 	}
 	for _, tsLink := range t.ops {
 		fmt.Fprint(w, strings.Repeat(" ", indent))
 		fmt.Fprintln(w, tsLink.opCode)
 		// fmt.Fprint(w, strings.Repeat(" ", indent))
 		// if the timestamp is indeed tree-shaped, show it like that
 		if !cfg.showFlat || len(t.ops) > 1 {
 			indent += 1
 		}
 		tsLink.timestamp.DumpIndent(w, indent, cfg)
 	}
 }
 func (t *Timestamp) DumpWithConfig(cfg dumpConfig) string {
 	b := &bytes.Buffer{}
 	t.DumpIndent(b, 0, cfg)
 	return b.String()
 }
 func (t *Timestamp) Dump() string {
 	return t.DumpWithConfig(defaultDumpConfig)
 }
 func parseTagOrAttestation(
 	ts *Timestamp,
 	ctx *deserializationContext,
 	tag byte,
 	message []byte,
 	limit int,
 ) error {
 	if tag == 0x00 {
 		a, err := ParseAttestation(ctx)
 		if err != nil {
 			return err
 		}
 		ts.Attestations = append(ts.Attestations, a)
 	} else {
 		op, err := parseOp(ctx, tag)
 		if err != nil {
 			return err
 		}
 		newMessage, err := op.apply(message)
 		if err != nil {
 			return err
 		}
 		nextTs := &Timestamp{Message: newMessage}
 		err = parse(nextTs, ctx, newMessage, limit-1)
 		if err != nil {
 			return err
 		}
 		ts.ops = append(ts.ops, tsLink{op, nextTs})
 	}
 	return nil
 }
 func parse(
 	ts *Timestamp, ctx *deserializationContext, message []byte, limit int,
 ) error {
 	if limit == 0 {
 		return fmt.Errorf("recursion limit")
 	}
 	var tag byte
 	var err error
 	for {
 		tag, err = ctx.readByte()
 		if err != nil {
 			return err
 		}
 		if tag == 0xff {
 			tag, err = ctx.readByte()
 			if err != nil {
 				return err
 			}
 			err := parseTagOrAttestation(ts, ctx, tag, message, limit)
 			if err != nil {
 				return err
 			}
 		} else {
 			break
 		}
 	}
 	return parseTagOrAttestation(ts, ctx, tag, message, limit)
 }
 func newTimestampFromContext(
 	ctx *deserializationContext, message []byte,
 ) (*Timestamp, error) {
 	recursionLimit := 1000
 	ts := &Timestamp{Message: message}
 	err := parse(ts, ctx, message, recursionLimit)
 	if err != nil {
 		return nil, err
 	}
 	return ts, nil
 }
 func NewTimestampFromReader(r io.Reader, message []byte) (*Timestamp, error) {
 	return newTimestampFromContext(newDeserializationContext(r), message)
 }
--- a/unused.go
+++ b/unused.go
@@ -0,0 +1,9 @@
 package opentimestamps
 import (
 	deprecated_ripemd160 "golang.org/x/crypto/ripemd160"
 )
 func ripemd160(curr []byte, arg []byte) []byte {
 	return deprecated_ripemd160.New().Sum(curr)
 }
--- a/util.go
+++ b/util.go
@@ -1,11 +0,0 @@
 package opentimestamps
 import "encoding/hex"
 func mustDecodeHex(in string) []byte {
 	out, err := hex.DecodeString(in)
 	if err != nil {
 		panic(err)
 	}
 	return out
 }
--- a/utils.go
+++ b/utils.go
@@ -0,0 +1,101 @@
 package opentimestamps
 import (
 	"io"
 	"strings"
 )
 func normalizeUrl(u string) string {
 	if strings.HasSuffix(u, "/") {
 		u = u[0 : len(u)-1]
 	}
 	if !strings.HasPrefix(u, "https://") && !strings.HasPrefix(u, "http://") {
 		u = "http://" + u
 	}
 	return u
 }
 type Buffer struct {
 	pos *int
 	buf []byte
 }
 func NewBuffer(buf []byte) Buffer {
 	zero := 0
 	return Buffer{&zero, buf}
 }
 func (buf Buffer) readBytes(n int) ([]byte, error) {
 	// fmt.Println("reading", n, "bytes")
 	if *buf.pos >= len(buf.buf) {
 		return nil, io.EOF
 	}
 	res := buf.buf[*buf.pos : *buf.pos+n]
 	*buf.pos = *buf.pos + n
 	// fmt.Println("->", hex.EncodeToString(res))
 	return res, nil
 }
 func (buf Buffer) readByte() (byte, error) {
 	b, err := buf.readBytes(1)
 	if err != nil {
 		return 0, err
 	}
 	return b[0], nil
 }
 func (buf Buffer) readVarUint() (uint64, error) {
 	var value uint64 = 0
 	var shift uint64 = 0
 	for {
 		b, err := buf.readByte()
 		if err != nil {
 			return 0, err
 		}
 		value |= (uint64(b) & 0b01111111) << shift
 		shift += 7
 		if b&0b10000000 == 0 {
 			break
 		}
 	}
 	return value, nil
 }
 func (buf Buffer) readVarBytes() ([]byte, error) {
 	v, err := buf.readVarUint()
 	if err != nil {
 		return nil, err
 	}
 	b, err := buf.readBytes(int(v))
 	if err != nil {
 		return nil, err
 	}
 	return b, nil
 }
 func appendVarUint(buf []byte, value uint64) []byte {
 	if value == 0 {
 		buf = append(buf, 0)
 	} else {
 		for value != 0 {
 			b := byte(value & 0b01111111)
 			if value > 0b01111111 {
 				b |= 0b10000000
 			}
 			buf = append(buf, b)
 			if value <= 0b01111111 {
 				break
 			}
 			value >>= 7
 		}
 	}
 	return buf
 }
 func appendVarBytes(buf []byte, value []byte) []byte {
 	buf = appendVarUint(buf, uint64(len(value)))
 	buf = append(buf, value...)
 	return buf
 }
--- a/verifier.go
+++ b/verifier.go
@@ -0,0 +1,45 @@
 package opentimestamps
 import (
 	"fmt"
 	"github.com/btcsuite/btcd/chaincfg/chainhash"
 	"github.com/btcsuite/btcd/wire"
 	"golang.org/x/exp/slices"
 )
 type Bitcoin interface {
 	GetBlockHash(height int64) (*chainhash.Hash, error)
 	GetBlockHeader(hash *chainhash.Hash) (*wire.BlockHeader, error)
 }
 func (seq Sequence) Verify(bitcoin Bitcoin, initial []byte) error {
 	if len(seq) == 0 {
 		return fmt.Errorf("empty sequence")
 	}
 	att := seq[len(seq)-1]
 	if att.Attestation == nil || att.BitcoinBlockHeight == 0 {
 		return fmt.Errorf("sequence doesn't include a bitcoin attestation")
 	}
 	blockHash, err := bitcoin.GetBlockHash(int64(att.BitcoinBlockHeight))
 	if err != nil {
 		return fmt.Errorf("failed to get block %d hash: %w", att.BitcoinBlockHeight, err)
 	}
 	blockHeader, err := bitcoin.GetBlockHeader(blockHash)
 	if err != nil {
 		return fmt.Errorf("failed to get block %s header: %w", blockHash, err)
 	}
 	merkleRoot := blockHeader.MerkleRoot[:]
 	result := seq.Compute(initial)
 	if slices.Equal(result, merkleRoot) {
 		return fmt.Errorf("sequence result '%x' doesn't match the bitcoin merkle root for block %d: %x",
 			result, att.BitcoinBlockHeight, merkleRoot)
 	}
 	return nil
 }
Author	SHA1	Message	Date
fiatjaf	ef94324f2e	implement ripemd160 just so we can validate peter todd's old examples.	2023-09-28 15:35:07 -03:00
fiatjaf	7084284622	implement verifier.	2023-09-28 14:57:03 -03:00
fiatjaf	3e702d758e	calendar upgrade functionality.	2023-09-27 20:32:50 -03:00
fiatjaf	b6c735501d	remove println calls.	2023-09-27 08:59:15 -03:00
fiatjaf	46a1de627a	fix interpretation of 0xff: checkpoints you can pick up and store in your pocket.	2023-09-26 23:29:14 -03:00
fiatjaf	3c38206ce3	parsing from file fixes + pretty printing.	2023-09-25 06:03:35 -03:00
fiatjaf	619f2cb453	implement the basic binary parsing logic.	2023-09-21 18:09:20 -03:00
fiatjaf	a0d8e40379	delete things to start fresh.	2023-09-20 10:13:13 -03:00
fiatjaf	cd227e6986	simplify codebase.	2023-09-19 21:18:40 -03:00