How OmegaChain Works
OmegaChain is a public, non-financial registry for unique digital challenge coins. It uses ordinary files, SHA-256 hashes, and issuer signatures so a recipient can upload a coin PNG and check whether it is an authentic keepsake.
OmegaChain coins are commemorative tokens of appreciation. They are not currency, securities, investments, or a cryptocurrency system.
The Short Version
Each coin has a public record
A token record identifies the coin and carries verification hashes, the issuer signature, and encrypted coin details. The readable details are stored as ciphertext.
Each PNG carries the unlock key
The minted coin image contains a small hidden payload in its pixels. The verifier extracts that payload from the uploaded PNG and uses it to decrypt the matching public record.
Records are chained together
Every token record includes the hash of the previous record. Changing an older public record would break the link for every later coin.
The issuer signs the record hash
The private key stays on the minting computer. The public website publishes only
public_key.pem, which lets anyone verify the signature.
Encrypted Registry Details
What the JSON shows
The public JSON keeps structural verification data readable: token ID, image filename, image hash, previous record hash, record hash, issuer signature, verification URL, and encryption metadata.
What the JSON hides
Human-readable details such as title, description, issuer, coin type, recipient,
purpose, note, and date are encrypted into private_fields_ciphertext.
Browsing the registry does not reveal those values.
What the coin provides
The PNG contains a hidden private_fields_key. When the coin is uploaded,
the browser uses that key with AES-GCM to decrypt the public JSON locally.
What gets displayed
After decryption, the verifier checks the decrypted details against
private_fields_sha256. If the checks pass, it displays the coin details on
the verify page.
Hash Chain
Canonical record hash
Each JSON record is canonicalized into a stable key order, then hashed with SHA-256.
The record_hash and issuer_signature fields are excluded from
that hash so the record can contain its own hash and signature.
Previous hash link
Every token record stores the previous record's record_hash in
previous_hash. That means coin 2 depends on coin 1, coin 3 depends on coin
2, and so on.
Tamper evidence
If someone edits an older JSON file, its record_hash changes. The next
record's previous_hash no longer matches, so the chain check fails.
Coin-bound readable data
The encrypted details live in the JSON, but they are only readable when paired with the appropriate coin PNG because the decrypt key is hidden inside that coin.
Minting Flow
Create the coin locally
The minting GUI runs on the issuer's computer. It accepts the artwork, title, description, recipient text, and other commemorative fields.
Render the PNG
OmegaChain generates a coin image, blends in the artwork, and hides a verification payload inside the image pixels. Recipient and message details are not printed visibly on the PNG.
Hash the image and record
The PNG gets a SHA-256 image hash. The JSON token record is canonicalized, then
hashed with SHA-256 while excluding record_hash and issuer_signature.
Human-readable coin details, recipient text, and stamp details are encrypted with
AES-GCM before the public record is signed. The decrypt key is hidden in the minted PNG.
Sign the record hash
The issuer private key signs the record hash. The signature proves that the issuer approved that exact record.
Publish only the public records
The public website receives the verifier page, public key, genesis record, and token JSON records. The public JSON can carry encrypted coin details without publishing readable titles, names, or messages. The minted coin PNGs remain private unless the issuer gives one to a recipient.
Verification Flow
- The recipient opens the static verifier page and selects their OmegaChain PNG.
- The browser reads the hidden payload from the uploaded image. The image is not sent to a server.
- The verifier loads the matching public token JSON record.
- It recalculates the canonical record hash and compares it to the published
record_hash. - It verifies the issuer signature using the published public key.
- It hashes the uploaded PNG and checks that hash against
image_sha256. - It uses the key hidden in the PNG to decrypt human-readable coin details from the public JSON.
- It loads the previous public record and checks that
previous_hashlinks correctly. - If all checks pass, the page displays Verified.
What The Checks Prove
Authenticity
A valid signature means the record was signed by the holder of the OmegaChain private key.
Image integrity
A matching image hash means the uploaded PNG is byte-for-byte the same image recorded at minting time.
Tamper evidence
A matching record hash and previous hash link mean the public JSON record still fits into the append-only chain.
Uniqueness in the registry
Each token ID identifies one public record in the OmegaChain registry. The coin is unique as a signed commemorative record, not as a financial asset.
What It Does Not Mean
- It does not make the coin money, an investment, or a tradeable asset.
- It does not prevent someone from copying the image file.
- It does not encrypt details from someone who already has the minted PNG.
- It does not require a blockchain, mining, wallets, gas fees, or a token marketplace.
- It does not publish private keys or store recipients' uploaded coin images on the website.
Why This Design
The goal is simple public verification without financial baggage. A GitHub Pages site can host the verifier, public key, and token records as static files. The issuer can mint coins locally, give PNGs directly to recipients, update the public records, and push the site. Recipients can later verify their coin with only a browser.