#!/usr/bin/env bash
# timestamp — physicify any file
#
# Usage:
#   timestamp <file>                 # → <file>.attestation.json
#   timestamp <file> <out>           # → <out>
#   timestamp -v <file> <attestation>  # verify
#   timestamp -h                     # help
#
# Wraps the underlying attest.sh / verify.sh primitive in a single
# user-facing tool.  Anyone can:
#
#   1. Pin a file to a real-time moment + the project's witness key.
#      The output is a 1-KB JSON proving "this file's bytes existed at
#      or before pulse_id N, with sig X."
#
#   2. Years later, with only the file + the JSON + the public key
#      (https://ledatic.org/attest/fleet0.pub.pem), reproduce the check.
#
# The witness key is fleet0's Ed25519 (pk_fp = cac5f21a70564aeb).  The
# beacon advances at ~0.5 Hz, so pulse_id N+k gives a real-time lower
# bound of ~2k seconds.  Want stronger: timestamp twice with N pulses
# between calls and you've bounded the moment to ±N pulses.

set -euo pipefail

SELF_DIR="$(cd "$(dirname "$0")" && pwd)"

usage() {
  cat <<EOF
timestamp — pin any file to a real-time moment + Ed25519 witness sig.

Usage:
  timestamp <file>                  Sign <file>; write <file>.attestation.json
  timestamp <file> <out>            Sign <file>; write attestation to <out>
  timestamp -v <file> <att.json>    Verify; exits 0 on ok, non-zero on tamper

Verify against any signed artifact:
  curl -sf https://ledatic.org/attest/verify.sh -o /tmp/v.sh
  chmod +x /tmp/v.sh
  /tmp/v.sh <file> <att.json>

The full chain is described at https://ledatic.org/system.
EOF
}

case "${1:-}" in
  -h|--help|"")
    usage; exit 0 ;;
  -v|--verify)
    shift
    [ "$#" -eq 2 ] || { usage; exit 2; }
    exec "$SELF_DIR/verify.sh" "$1" "$2"
    ;;
  *)
    file=$1
    out=${2:-${file}.attestation.json}
    [ -f "$file" ] || { echo "no such file: $file" >&2; exit 3; }
    exec "$SELF_DIR/attest.sh" "$file" "$out"
    ;;
esac
