The rapid growth of digital content has made reliable integrity verification increasingly important. Existing solutions rely either on centralized authorities, which introduce trust dependencies and single points of failure, or on decentralized storage systems that incur prohibitive resource overhead. In this paper, we present snaproot, a lightweight system that implements the hash-anchoring paradigm of Haber and Stornetta on the Solana blockchain to provide efficient, decentralized file integrity verification. snaproot generates a SHA-256 hash of a file and stores it immutably on-chain as a permanent reference record. Verification is performed by recomputing the hash and comparing it to the stored value, yielding a deterministic binary outcome. We describe a four-tier trust architecture comprising three realized tiers and one prospective tier for long-term persistence beyond the lifetime of any single blockchain. We present a formal threat model, a security analysis grounded in the second-preimage resistance of SHA-256, and an empirical evaluation on Solana Devnet across file sizes from 1 KB to 500 MB. A central conceptual contribution is the explicit separation between existence proof, the key-independent claim that a file existed at a given time, and authorship proof, the key-dependent binding between a record and a specific wallet identity. This separation allows existence guarantees to survive key loss while preserving stronger authorship claims where keys are retained. We position snaproot against OpenTimestamps, OriginStamp, and Chainpoint and discuss limitations with respect to pre-registration manipulation and AI-generated content.

翻译：数字内容的快速增长使得可靠的完整性验证愈发重要。现有解决方案要么依赖引入信任依赖和单点故障的中心化权威机构，要么依赖因资源开销过高而难以承受的去中心化存储系统。本文提出轻量级系统snaproot，在Solana区块链上实现Haber与Stornetta的哈希锚定范式，以提供高效的去中心化文件完整性验证。snaproot生成文件的SHA-256哈希，并将其不可篡改地存储于链上作为永久性参考记录。验证时通过重新计算哈希并与存储值比较，获得确定性的二元结果。我们描述了包含三个已实现层级和一个面向超越单一区块链生命周期的长期持久化前瞻层级的四层级信任架构。提出了形式化威胁模型、基于SHA-256第二原像抗性的安全分析，以及在Solana Devnet上对1 KB至500 MB文件范围的实证评估。核心概念贡献在于明确区分存在性证明（文件在特定时间存在的密钥无关断言）与作者身份证明（记录与特定钱包身份之间的密钥相关绑定）。该分离允许在密钥丢失时保留存在性保证，同时在密钥留存时维持更强的作者身份断言。我们将snaproot与OpenTimestamps、OriginStamp和Chainpoint进行对比，并讨论了预注册操纵和AI生成内容方面的局限性。