The Most Common “Proof” Method
Almost everyone has done it: emailed themselves a document to create a timestamp. “Now I have proof I had this file on this date.”
It feels logical. It’s free. It takes 30 seconds. And it’s one of the weakest forms of digital evidence you can create.
Why Email Timestamps Are Unreliable
SMTP headers are forgeable
Email works on the SMTP (Simple Mail Transfer Protocol). The “Date” header in an email is set by the sending mail client — your computer. Change your computer’s clock, and the email header changes too. SMTP servers add their own timestamps, but these can also be manipulated by server administrators.
Forging an email date requires no special skills. It’s a well-documented, widely-known technique.
Email providers’ clocks aren’t authoritative
Gmail, Outlook, and Yahoo maintain their own server timestamps. These are generally accurate but:
- They’re designed for mail delivery, not evidence
- Server clocks experience drift (small but real)
- There’s no cryptographic guarantee of accuracy
- The provider can modify internal records
- You’re trusting a private company’s infrastructure
Emails can be retrospectively modified
With a self-hosted email server, you control everything — including the ability to create, backdate, modify, or delete emails. Even with hosted providers, account holders can delete emails and empty trash. The absence of an email in your sent folder doesn’t prove it was never sent, and the presence of an email doesn’t prove it was sent when it claims.
Attachment ≠ file creation
Even if the email timestamp is accurate, it proves when the email was sent — not when the file was created. You could have created the file months ago and emailed it today, or created it today and set the clock back months.
Side-by-Side Comparison
| Property | Email-to-Self | TimeProof |
|---|---|---|
| Cost | Free | Packs from $15 or verified plans from $19/mo |
| Timestamp source | Sender’s computer clock | Blockchain network consensus |
| Forgeable? | Yes, trivially | No, computationally infeasible |
| Independently verifiable? | No (trust the email provider) | Yes (public blockchain) |
| Tamper-evident? | No | Yes (hash mismatch = tampering) |
| File uploaded? | Yes (as attachment) | No (hash only) |
| File size limit | Email attachment limits (25MB typically) | No limit (hash is always 32 bytes) |
| Court acceptance | Questioned, requires additional authentication | Strong under FRE 901(b)(9) |
| Identity attribution | Sender’s email address (forgeable) | Legal-Grade JWS attestation |
| Works offline? | No (need internet to send) | Hash computed offline, timestamp needs internet |
The Forgery Demonstration
To illustrate how trivial email forgery is:
Forging an email timestamp
- Change your system clock to the desired date
- Compose an email with the file attached
- Send it to yourself
- Change the clock back
- The email now shows the false date in your inbox
Forging a blockchain timestamp
- ??? (You would need to compromise a blockchain secured by billions of dollars in staked assets, convince thousands of validators to accept your altered transaction, and reverse cryptographic hash functions that underpin all of internet security)
The asymmetry is absolute. Email forgery takes 5 minutes. Blockchain forgery is computationally impossible.
The Legal Perspective
Email evidence in court
Email evidence is regularly challenged under Federal Rules of Evidence 901. Courts have:
- Required corroborating evidence to authenticate emails
- Questioned the reliability of email timestamps
- Noted that email headers can be forged
- Required expert testimony to establish email authenticity
An email alone is not self-authenticating evidence.
Blockchain evidence in court
Blockchain timestamps satisfy FRE 901(b)(9) as evidence produced by a reliable system. The system (SHA-256 + Merkle tree + Polygon blockchain) is:
- Deterministic and verifiable
- Publicly auditable
- Maintained by thousands of independent validators
- Based on NIST-standardized cryptography
The evidence is functionally self-authenticating — anyone can verify it using public tools.
The Real Upgrade
Email-to-self is free. TimeProof uses unified credits: scheduled timestamps cost 1 credit per file, and verified instant timestamps cost 2 credits per file.
For a low-cost credit, you get:
- A timestamp no one can forge
- Proof no one can dispute
- Evidence anyone can verify
- A certificate designed for legal proceedings
- Independence from any email provider
- Privacy (your file stays on your device)
The question isn’t whether a small number of credits is worth it. The question is whether free evidence that fails under scrutiny is really cheaper than evidence you can verify independently.
Breaking the Habit
Many people email files to themselves out of habit. That habit serves a useful purpose — it shows awareness that proof matters. The upgrade from email-to-self to blockchain timestamping requires:
- The same awareness — “I should prove I have this file”
- A slightly different action — drag into TimeProof instead of attaching to email
- The same time investment — less than 30 seconds
- Low operating cost — 1 credit per scheduled file or 2 credits per verified instant file
- A massively superior result — evidence that actually holds up
If you care enough about a file to email it to yourself, you care enough to use a low-cost credit on proof that can actually be verified.