The HMAC-based One-time Password used by Open Authenticator for production is completely consistent with TOTP. The application code is completely open source, supervised by the community, and is an Authenticator with no backdoor security.