Verifying Records

Every Pulse recording can be cryptographically verified against the Bitcoin blockchain. This guide explains what verification means, how Pulse does it inside the app, and how a third party can verify a Pulse record without installing Pulse.

What Pulse Proves

For each capture interval, Pulse builds a JSON manifest containing the screenshot hash, the activity counters, the active app name, and an interval timestamp. The JSON itself is hashed with SHA-256 and submitted to OpenTimestamps calendar servers. Each calendar server folds your hash into a Merkle tree and waits for the next Bitcoin block; the block's coinbase transaction commits to the Merkle root.

The result: the original capture could not have existed any later than the timestamp of that Bitcoin block. Anyone with the JSON, the OTS proof file, and access to a Bitcoin block explorer can verify this independently — they do not need Pulse, they do not need to trust us, and they do not need access to your Mac.

Verification Inside Pulse

In any Work view, click Verify to run a verification pass. Pulse:

  1. Recomputes the SHA-256 of every screenshot and compares it to the hash recorded in the manifest.

  2. Recomputes the SHA-256 of every manifest and compares it to what the OTS proof committed to.

  3. Walks the OTS proof to the Bitcoin block it claims to be in.

  4. Asks a public block explorer (blockstream.info first, then mempool.space as a fallback) for that block's Merkle root.

  5. Confirms the OTS proof folds into that exact Merkle root.

The result for each frame is one of:

Status

Meaning

Verified (green)

Manifest, screenshot, and OTS chain all match — the frame was provably created before that Bitcoin block.

Tampered (red)

A hash does not match. Either the screenshot, the manifest, or the proof was modified after recording.

Missing OTS

The proof has not been confirmed by Bitcoin yet (pending state). Wait and re-verify.

Error

The proof file is unreadable, a screenshot is missing, or a capture-time error meta is in an unrecognized state.

A skipped capture (an interval where Pulse intentionally did not screenshot) is verified using only the manifest hash and counts as Verified as long as the reason is a recognized one (whitelisted-app waiting period or Metrics-only mode). Skips with an unrecognized reason are flagged as Error.

Online verification is required. Pulse no longer offers a pure offline verification path, because Merkle-root lookup against Bitcoin needs a block explorer. If your Mac is offline when you click Verify, you'll see "Internet connection required" rather than a partial result.

Verifying Outside Pulse (Standalone Verification)

Pulse records can be verified by anyone with a copy of the files, even without installing Pulse. There are two routes.

Route A — OpenTimestamps Web Verifier

  1. Drag-and-drop the .json manifest and its companion .json.ots proof onto https://opentimestamps.org/.

  2. The site walks the proof chain to a Bitcoin block and reports the earliest block timestamp the file existed at.

This proves the manifest existed before that block. To complete the picture (manifest matches screenshots), follow Route B.

Route B — Pulse Structured Export

If you have a Pro Pulse license, the structured export bundle ships with a README.md that walks any reviewer through manual verification:

  • Hash each screenshot file with shasum -a 256 and compare to the manifest entry

  • Hash each manifest with shasum -a 256 and compare to the OTS proof commitment

  • Verify the OTS proof using the ots CLI or the web verifier above

Hand the export folder to a client or auditor, point them at the README.md, and they can verify without trust in either party.

Why You Sometimes See "Pending"

Bitcoin blocks arrive on average every 10 minutes, and OpenTimestamps calendar servers batch your hash into the next block. From the moment Pulse submits a hash, expect:

  • ~10–60 minutes to reach pending (the calendar server confirmed receipt and gave you an unconfirmed proof)

  • ~1–6 hours to reach verified (Bitcoin block containing the Merkle root was mined and the proof was upgraded)

Pulse re-checks pending proofs automatically every 30 minutes in the background. You can also force a re-check by re-opening the Work and clicking Verify.

What "Tampered" Really Means

A tampered status means a file in the evidence folder was changed after recording. Common causes:

  • The screenshot file was edited (cropped, rotated, recompressed)

  • The manifest JSON was edited

  • Files were copied incompletely from another drive

If you copied your Work folder between Macs, copy the entire .pulse/ hidden directory as one unit — moving individual files or editing them breaks the chain.

What Verification Does NOT Prove

Pulse proves that a recording existed before a given Bitcoin block. It does not prove:

  • Who created the recording (Pulse does not require an account or signature)

  • What software was used to create the visible content in the screenshots

  • That the recording was taken on a specific Mac

These are out of scope by design — the proof is about content existence and integrity over time, not authorship.

Related

  • Exports and Certificates — how to package verified records for a client

  • Public Page Add-on — share a web verification page instead of files

  • Why Did My Recording Stop? — if your record has unexpected gaps

‹ Activating Your License

Exports and Certificates ›