I've created a secure messaging library that uses the blockchain for the public key infrastructure. So far, this is a fairly straightforward implementation of ECC cryptograpy using the curve that Bitcoin uses for encryption, secp256k1. You can now send a secure message to any public bitcoin address that has spent something. Only the holder of the private key can read the message. The restriction on having an address that has already spent something is the result of the blockchain not containing the public key until someone has actually spent funds from that address.
The v0.1 alpha python code is here:
https://github.com/coinmessage/coinmessage
Among other things this should enable:
- Secure, encrypted messages where only one party has the key to read them.
- Logins to websites without passwords, instead using a challenge/response mechanism like GPG auth.
- A wallet client that can also be used for reading secure messages.
- A consistent pseudonymous internet identity that can provably be the same across websites.
Currently, you can only encrypt and decrypt messages from the python command-line.
I'm posting in the Development and Technical Discussion forum so that I can get feedback on the security implications. I've figured out the math and got it to work, but I'm by no means an ECC expert and would very much welcome feedback.
Thanks!