Label 309 · Open Cardano standard

Prove your content existed — without trusting anyone.

Label 309 anchors a cryptographic fingerprint of your content on the Cardano blockchain. Anyone, anywhere, can later prove the content existed on or before a block’s time — using only the public chain. No issuer, no server, no account, and no one to trust.

Read the specELI5

An open standard for Proof of Existence

Hash a file and publish the hash in a Cardano transaction under metadata label 309. The block’s time becomes a permanent, tamper-evident witness: this exact content existed by then. The content itself never has to leave your hands.

Everything beyond that hash is optional. You can sign a record to prove authorship, or seal an encrypted payload to specific recipients. None of it ever requires a trusted intermediary — the standard is content-first, issuer-agnostic, and verifiable by anyone.

Three things you can do

Prove

Timestamp anything

A 32-byte fingerprint on the chain proves your content existed at a point in time — a discovery, an invention, a contract, a photograph — without revealing the content itself.

Seal

Deliver privately

Encrypt content to one or more recipients and publish it in the open. Only the right key can open it — held until claimed, like poste restante mail.

Verify

Trust no one

Anyone can confirm a record themselves, straight from the public chain. No login, no server, and no dependence on whoever published it.

Built on five invariants

Five non-negotiable principles everything else follows from.

  • Content-firstThe content hash is the primary claim. Every other field is metadata about it.
  • Issuer-agnosticAny wallet can publish a record. Verifiers never have to trust the publisher.
  • Storage-agnosticStorage links are an optional list. A hash-only record is complete on its own.
  • Standalone-verifiableA verifier needs only the transaction and a public explorer. No issuer server, ever.
  • Algorithm-agileEvery algorithm is named from an open registry. Post-quantum migration is additive.

Sealed delivery, held until claimed

A sealed record carries an encrypted payload addressed to one or more recipients. The ciphertext sits in the open on permanent storage, but only the holder of the right key can recognise a message as theirs — by trying it, like poste restante mail waiting to be claimed. Observers see that something was sealed and when; they never see the content, and never learn who the recipients are.

Future-proof by design

Post-quantum protection ships today. Sealed records can be locked with a hybrid scheme that combines today’s proven encryption with a quantum-resistant one — an attacker has to break both. And because every algorithm is named from an open registry, moving to new cryptography is additive: old records keep verifying, forever.

Open from top to bottom

The standard, the reference SDKs for TypeScript, Python, and Rust, and the command-line tool are all open source — Apache-2.0 for code, CC-BY-4.0 for the specification. Anyone can verify records, build their own tooling, or run their own service. The standard is not owned by any vendor.

Explore the ecosystem

Built for builders and agents

Drop the SDK into a browser or a server, script it from the CLI, or wire it into CI. The verifier is standalone and needs no gateway — verification never depends on anyone’s infrastructure.

The whole standard is published in agent-readable form: every page is available as plain markdown, alongside an llms.txt index, so AI tools can read and reason over it directly.

A standard, not a product

Label 309 is being prepared for the Cardano CIP process as a public, community-governed standard, and this site is its neutral home. The first implementation is exactly that — the first. The standard is designed so anyone can become the next vendor.

Read the specELI5See the guides