- What is SpeedProof?
SpeedProof is at first glance yet another speedometer app, but underneath it creates a track log of your journeys which is periodically cryptographically signed
- Why does signing the track log matter?
Ordinary track logs or GPX files are plain text and easily altered which which makes them of limited value in proving your speed.
- How does the signing work?
Each time the GPS chip in your phone updates, an entry is added to the log file. A hash of the entry and the previous hash are combined to make a hash chain. Periodically a hash is sent to the OdiousApps server for signing by openssl, the full output from that request is then saved to the log file. As long as internet access is available before you shutdown the app, the signed hash chain proves you haven't altered the log file in any way without breaking the hash chain.
- Is the track log useful for other things?
Yes, SpeedProof makes use of GPX extensions to store the hashes which should be ignored by programs that read GPX files.
- Icons in the app are cc-by-sa
Icons in the app come from Icons4android
- How do I verify the cryptographical signature?
You can paste a cryptographical signature into the verify page here