TIMEVERSE
Syncing T2°...
Timeverse
Docs

Getting Started (Timeverse v4.6)

Build a time‑bound application with tick-canonical windows, signed requests, TSAE receipts, and optional Clockchain anchoring (v4.6-compatible).

This guide shows the reference flow:

Frontend → SignedTemporalRequest → Gateway verification → TSAE receipt → (optional) Clockchain anchor

What you get
  • Deterministic time windows (ticks, integer-only)
  • Signed requests (Ed25519, canonical JSON)
  • Anti‑replay protection (nonce horizon)
  • Signed audit receipts (TSAE) ready for anchoring

0) Prerequisites

  • A Next.js app (or any web backend) with API routes
  • The local Timeverse SDK (reference implementation)
  • Node 18+ recommended

Optional (Enterprise / pilots):

  • Access to managed TSAE issuance and Clockchain anchoring endpoints

1) Key Concepts (read once)

Tick-canonical windows (no float boundary checks)

Timeverse expresses validity windows using integer ticks:

  • phi_center_ticks (0..R-1)
  • deltaPhi_ticks (1..floor(R/2)-1)

Verification is integer-only:

  • d_ticks(a,b) = min(|a-b|, R - |a-b|)
  • in_window ⇔ d_ticks(phi_now, phi_center_ticks) ≤ deltaPhi_ticks
No-Float rule (verified semantics)

Anything you intend to sign/verify or use for an allow/deny decision must not contain float values.

Floats are allowed only for display (UI/logs), never for enforcement.

2) Configure your app

Add environment variables:

TIMEVERSE_API_KEY="dev-key" # optional for public endpoints; required for paid endpoints
TIMEVERSE_CONVENTION_ID="TV-CONV-EARTH-2026-01:DAILY;timescale=TV_MONO_NOLEAP;t0=1663912800;T_cycle=86400;encoding=ticks;R=86400;boundary=inclusive_le"
TIMEVERSE_SWT_ZONE="6"
TIMEVERSE_TILE_ID="266"

Instantiate the client:

import { TimeverseClient } from '@/lib/timeverse/client';

export const timeverse = new TimeverseClient({
  apiKey: process.env.TIMEVERSE_API_KEY,
  conventionId: process.env.TIMEVERSE_CONVENTION_ID,
});

3) Get the current Timeverse state

Get the current Timeverse state

Public

Use the public API to render UI and align agents:

const state = await fetch('/api/timeverse/state').then(r => r.json());
// or call the public endpoint directly if you proxy it:
// GET /v1/core/state

Your UI should display at least:

  • day_index
  • D-Calendar cycle/year/month/week/day
  • hs_local and phi_ticks
Why this matters
If multiple agents share the same convention_id, R, and phi_ticks, they can coordinate high-precision actions without continuous synchronization.

4) Issue a server challenge (recommended)

Browsers do not have a trustworthy monotone clock for security decisions.
A server-issued challenge provides robust freshness.

Create an API route: /api/timeverse/challenge

This endpoint returns a short-lived challenge containing tick context + randomness.

Example response shape (int-only core):

{
  "schema":"TV-TEMPORAL-CHALLENGE-2026-01",
  "day_index":1240,
  "phi_ticks":59318,
  "ttl_s_u32":120,
  "nonce_rand_128_hex":"...",
  "swt_zone":6,
  "tile_id":266
}

In paid/enterprise mode, the server signs the challenge using the Timeverse Security Profile.
In local demo mode, you can omit signatures to start.

5) Create a SignedTemporalRequest (frontend)

Required fields (v4.6-compatible)

A SignedTemporalRequest should include a signed body with:

  • convention_id
  • day_index
  • phi_center_ticks
  • deltaPhi_ticks
  • swt_zone, tile_id
  • scope (or action)
  • payload
  • (recommended) challenge_id or embedded challenge fields

Example usage:

async function sendSecureAction(payload: any) {
  const challenge = await fetch('/api/timeverse/challenge').then(r => r.json());

  const req = await timeverse.createSignedRequest({
    scope: 'demo.action.example',
    payload,
    // tick window, integer-only
    deltaPhiTicks: 120,
    // bind to challenge for freshness
    challenge,
    swtZone: 6,
    tileId: 266,
  });

  return fetch('/api/secure-action', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify(req),
  });
}

6) Verify on the server (gateway middleware)

Create /api/secure-action and wrap it with the Timeverse gateway:

import { timeverseGateway } from '@/lib/timeverse/gateway';

const handler = async (req, res) => {
  // Validated request
  const { scope, payload } = req.body.body;

  // ...perform your action...
  // then generate TSAE (next section)

  res.status(200).json({ ok: true });
};

export default timeverseGateway(handler);

What the gateway MUST verify

  • Signature (Ed25519) over canonical JSON bytes
  • Context match (convention_id, day_index, phi_ticks, swt/tile, scope)
  • Tick window membership (integer-only ticks)
  • Anti-replay (reject reused nonce/signature within horizon)
  • Optional: challenge freshness check (ttl)
Anti-replay is not optional

Freshness checks alone do not prevent replays inside the TTL window.

A replay store (SQLite/Redis) is required for strict protection.

7) Generate a TSAE receipt (audit proof)

After your server executes the action, generate a TSAE:

Minimum TSAE body (int-only core):

{
  "tsae_schema":"TV-TSAE-2025-12",
  "convention_id":"<TIMEVERSE_CONVENTION_ID>",
  "scope":"tsae.now.demo",

  "day_index":1240,
  "dcal_cycle_index":0,
  "dcal_year_u8":4,
  "dcal_month_u8":6,
  "dcal_week_u8":1,
  "dcal_day_u8":6,

  "phi_center_ticks":59318,
  "deltaPhi_ticks":120,
  "phi_action_ticks":59340,

  "swt_zone":6,
  "tile_id":266,

  "fidelity_u16":61000,
  "lock_u16":65534,

  "action_hash_hex":"<sha256>"
}

Then sign it using the Security Profile (Ed25519 + canonical JSON).

TSAE is your compliance artifact
A TSAE proves when/where/under which policy something happened, in a way that can be independently verified.

8) Optional: HS‑Carbon gating (energy-aware execution)

If your application is energy-aware, enforce HS‑Carbon before executing:

Fixed-point fields (int-only):

  • energy_mwh_u32
  • carbon_intensity_mgco2_per_kwh_u32
  • carbon_threshold_mgco2_per_kwh_u32
  • estimated_emissions_mgco2_u64

If carbon is too high, return DELAY_CARBON and optionally issue a TSAE with a delayed verdict.

9) Optional: Anchor TSAE into Clockchain

Optional: Anchor TSAE into Clockchain

Enterprise

To create durable audit trails, anchor TSAE hashes into Clockchain:

  1. Compute:
    anchor = sha256(canonical_json(tsae))
  2. Submit anchor (managed service) or write to devnet outbox

Example enterprise endpoint:

  • POST /v1/clockchain/anchor
  • GET /v1/clockchain/proof?anchor_hash_hex=... (merkle inclusion proof)
Why anchoring hashes (not full receipts)
Anchoring only hashes keeps the ledger lightweight while preserving verifiability. Anyone can recompute the hash from the TSAE and verify inclusion.

Common errors (and fixes)

  • STALE_PHASE / Outside window
    Increase deltaPhi_ticks or ensure the server uses monotone arithmetic time.
  • REPLAY_DETECTED
    Correct behavior: each signed request must have a unique nonce/challenge.
  • CONTEXT_MISMATCH
    Ensure the signature context matches day_index, phi_ticks, swt_zone, tile_id, scope.
  • Floats rejected
    Remove floats from signed objects; use integers or fixed-point fields.

Next Steps

  • Add HS‑Sizing to compute optimal deltaPhi_ticks for your reliability target
  • Add managed TSAE issuance and Clockchain anchoring (enterprise)
  • Request a pilot integration: Gateway + TSAE + Anchoring + Dashboards