Modify the timestamped_graph.md

Author: Susmita-Chakrabarty

timestamped_graph.md

@@ -10,13 +10,28 @@ The timestamped snapshot feature enables graphs to store their historical states
 - **Anomaly Detection in Secure Networks**: Helps in detecting unusual patterns in cryptographic protocols and secure transactions.
 - **Time-Series Graph Analysis**: Supports applications in secure financial transactions and privacy-preserving communications.
 - **Cryptographic Security (Future Enhancement)**: Can be extended to sign snapshots using HMAC for integrity verification and encrypted storage.
+- **Environment Variable-Based Secret Key**: Adds security by keeping cryptographic secrets out of the source code, reducing exposure to attacks.
 
 ## How It Works
 
-### **Snapshot Storage**
+### **Snapshot Storage & Security Enhancements**
 
 - When `add_snapshot()` is called, a deep copy of the graph is saved with a unique timestamp.
-- Snapshots are stored in an internal dictionary where timestamps serve as keys.
+- Each snapshot is **serialized and cryptographically signed** using an **HMAC signature**.
+- The system stores the HMAC signature alongside the snapshot to verify its integrity before retrieval.
+
+### **Why We Use an Environment Variable for the Secret Key**
+To **prevent hardcoding secrets in the source code**, we store the **HMAC secret key in an environment variable** instead of defining it directly in the script. This offers:
+1. **Better Security**: Secrets stored in environment variables are not exposed in source code repositories.
+2. **Protection Against Attacks**: If an attacker gains access to the codebase, they **cannot retrieve the HMAC key** without environment access.
+3. **Separation of Concerns**: The cryptographic key can be changed without modifying the code, making key rotation easier.
+
+## **Security Best Practices**
+To ensure maximum security when handling cryptographic keys, follow these best practices:
+
+1. **Always set the HMAC key before running the program:**
+   ```bash
+   export HMAC_SECRET_KEY=$(python3 -c "import secrets; print(secrets.token_hex(32))")
 
 ### **Retrieving Historical States**
 
@@ -53,6 +68,8 @@ old_graph = graph.get_snapshot(graph.list_snapshots()[0])
 - **Encrypted Graph Storage for Privacy-Critical Applications**: Apply homomorphic encryption or privacy-preserving encryption to protect sensitive data, such as medical records, customer transactions, or identity graphs.
 - **Efficient Storage for Large-Scale Graphs**: Introduce optimized serialization techniques to store historical snapshots with minimal overhead, making it scalable for real-world enterprise applications.
 - **Integrity Verification for Regulatory Compliance**: Ensure snapshots cannot be altered without detection by integrating cryptographic hash functions. This is crucial for auditing in banking, supply chain security, and legal record-keeping.
+- **Regulatory Compliance and Auditing**: Extend integrity verification using Merkle trees for large-scale verification. Implement tamper-proof logging for financial transactions.
+- **Efficient storage for large graphs**: Introduce optimized serialization techniques to minimize storage costs.
 
 ## Conclusion