[OLD] CRYPTOGRAPHIC PROOF OF ASSOCIATION

[derrend]

New thread here.

[1714784531]

1714784531

[compmaster]

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.

[BG4]

This concept goes good with NFC tags for quick authentication...

[derrend]

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.

Since only the extended public key is submitted there is no trust involved because no private components are contained within the public key

[compmaster]

Nice idea. I'm not into websites anymore though. I only trust decentralized blockchains. I'm excited for the day when blockchains can be searched instantly. I hope you move this project to a blockchain one day in the future.

Since only the extended public key is submitted there is no trust involved because no private components are contained within the public key

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.

[derrend]

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.

All websites are at risk of being hacked in one way or another, even the btc blockchain is not immune it's just unlikely but we take every precaution we can, hashed addresses etc.
Our database will be distributed across our servers but we probably wont ever store data in the blockchain.

We could register scans on the btc blockchain right now and just log the transaction numbers but then we would end up maintaining a database again, only now we are forcing btc node maintainers to store extra data unnecessarily and adding to a blockchain already over 30GB in size.

Being able to keep track of this information without burdening the blockchain is a feature of CPOP.

[jdebunt]

Congratz, let's see if the "real world" shows an interest in the campaign

[btcdrak]

What if someone hacked the website database and changed data? This is my #1 problem with all current websites. I will still support your project while its built with the traditional full-stack model. I hope you switch one day in like 2 or 3 years once blockchain tech is more advanced.

I suppose all websites are at risk of being hacked in one way or another, even the btc blockchain is not immune it's just unlikely but we take every precaution we can, hashed addresses etc.
Our database will be decentralised across our servers but we probably wont ever store data in the blockchain.

We could register scans on the btc blockchain right now and just log the transaction numbers but then we would end up maintaining a database again, only now we are forcing btc node maintainers to store extra data unnecessarily and adding to a blockchain already over 30GB in size.

Being able to keep track of this information without burdening the blockchain is a feature of CPOP.

Sorry but this is handwaving away a serious objection. If you are calling something cryptographic proof-of-publication it really needs to have both cryptography and proof-of-publication as part of it's methodology.

There is no proof-of-publication in this scheme which would make data tamper-proof.
You are relying on a public key for validation but if the public master key is leaked then anyone can derive all the public keys/bitcoin addresses. The entire security of your system relies on your ability to not get hacked, and for the client to not reveal their public master key allowing anyone to generate addresses without anyone's knowledge. If this were cryptographically secure then it wouldn't matter if your database were hacked because no-one could derive the public bitcoin addresses anyway. If you were using real proof-of-publication then your data couldn't be tampered with.

[btcdrak]

It's not 'publication' it's 'production' and you reveal no secrets when you divulge a public key (apart from its subkeys in this case).
'cryptographic probability of production' would be technically correct but since Heisenberg showed us that all certainty is a matter of likelihood I don't feel guilty about using the word 'proof' because a measure of likelihood is what it provides.

But it does matter because you are using the derives public keys/addresses as proof of knowing the public master. The scheme is not sound because a leak of your database leaks every possible key, allowing un-noticed forgery.

[derrend]

It's not publication, it's production.
Publication suggests a way to derive if an object existed at a particular time which is not the case regarding CPOP because there is no blockchain involved.

If this were cryptographically secure then it wouldn't matter if your database were hacked because no-one could derive the public bitcoin addresses anyway. If you were using real proof-of-publication then your data couldn't be tampered with.

This is exactly the case with CPOP.

The scheme is not sound because a leak of your database leaks every possible key, allowing un-noticed forgery.

Not true, You're assuming we keep the public master on record which we do not.
We log the hashed versions of the subkey addresses so a database hack would be no use to forgers.

At no time is the master public key written to disk.

[bitlover]

So you have master key from which unique baby public keys are created. Then someone registers their master-key in your system and, from then on, people can check how many times a related public key has been submitted before.

Right?

Now riddle me this:

1) what the hell does this have to do with bitcoin or any other cryptocurrency? It's just a centralized service that uses basic cryptography. Why would people trust your service? it can be hacked, your internal database modified, etc.

2) Are you seriously expecting people to print (and scan!) QR codes on individual pills?  Really?

3) Finally, what is stopping some asshole from taking a pill from a bottle and replacing it with another pill with the same code?

Like, I don't want to be mean, but this is among the dumbest ideas I've ever heard.

[derrend]

1) what the hell does this have to do with bitcoin or any other cryptocurrency? It's just a centralized service that uses basic cryptography. Why would people trust your service? it can be hacked, your internal database modified, etc.

It's bitcoin addresses that are logged and so the association with cryptocurrency, we take every security precaution, master keys are not stored, subkey addresses are hashed, etc.

2) Are you seriously expecting people to print (and scan!) QR codes on individual pills?  Really?

No, that would be silly, the pills are so numerous for a start that people wouldn't bother to scan them on a regular basis. I suspect the bottle would be more sensible. The image gets the idea across quite nicely though.

3) Finally, what is stopping some asshole from taking a pill from a bottle and replacing it with another pill with the same code?

Well that's a murderer and there's no stopping him.

Like, I don't want to be mean, but this is among the dumbest ideas I've ever heard.

I think it could be useful actually for any business who cared to participate. Nobody can be forced to use the service.

[bitlover]

It's bitcoin addresses that are logged and so the association with cryptocurrency, we take every security precaution, we dont store any master keys, the subkey addresses are stored as hashes, etc.

Just because you have a string of numbers in the form of a bitcoin address doesn't mean that you are actually using the cryptocurrency. They are just unique identifiers derived from a master key, it has nothing to do with cryptocurrencies. Can you prove ownership of the baby address inthe blockchain? nope. Do you use those addresses (to receive some dust, for instance) in any way? nope.

So what if you don't store any master keys? you are still a centralized point of failure. When you say that a certain address has not been submitted before, why should I trust you? (since the database that counts how many times it has been submitted can be altered)

No, that would be silly, the pills are so numerous for a start that people wouldn't bother to scan them on a regular basis. I suspect the bottle would be more sensible. The image gets the idea across quite nicely though.

Then what's the point of this? Just put a tamper-proof device in the bottle and be done with it. The image does get an idea across quite nicely, shame it is not actually the idea you have.

Like, if the image you are using to get your point across shows something that is, in your own words "silly" and you cannot even be bothered to put enough effort to a) show a proper representation of your idea and b) learn how to photoshop a QR code on top of an image. Why would anybody believe you are going to be acting professionally?

Well that's a murderer and there's no stopping him.

Well, you have convinced me of the usefulness of your system.

[derrend]

They are just unique identifiers derived from a master key, it has nothing to do with cryptocurrencies.

Please realise these unique identifiers are valid addresses on the bitcoin blockchain.

So what if you don't store any master keys? you are still a centralized point of failure. When you say that a certain address has not been submitted before, why should I trust you? (since the database that counts how many times it has been submitted can be altered)

There are over two billion subkeys per master key, the website is based on the idea that your particular key has been manipulated is so unlikely that you can rationally trust the result.

put a tamper-proof device in the bottle and be done with it.

That is indeed an alternative solution.

[bitlover]

Plase realise these unique identifiers are valid addresses on the bitcoin blockchain.

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).

[derrend]

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).

Yes, the holder of the master private key. Which isn't us because we never have access to that.

[bitlover]

I realize it. Now, tell me, does anybody have the master keys for those unique addresses?  (not the master-key from which they were derived, but the actual key to spend any bitcoin inside them).

Yes, the holder of the master private key. Which isn't us because we don't have access to that.

Great, so what do they use those addresses for? Do they send/receive any bitcoin to it? Nope. You're not using the blockchain in any way, as you have already admitted, so what does this thing have to do with cryptocurrencies?

You could do the same using regular OpenPGP subkeys and registering them in your centralized system. People already use similar cryptographic solutions for all kinds of things (but not pills, because that's pretty silly) so why would they use your service?

[derrend]

Great, so what do they use those addresses for? Do they send/receive any bitcoin to it? Nope.

No harm in giving them the option though.

You're not using the blockchain in any way, as you have already admitted, so what does this thing have to do with cryptocurrencies?

There would be no advantage to logging hits in the blockchain, you would still end up maintaining a database only you're needlessly impacting the blockchain now.

so why would they use your service?

We can discover the answer to that question by providing it in the first place .

[bitlover]

We can discover the answer to that question by providing it in the first place .

Good luck.

[UserVVIP]

So what exactly does this service do you?

I already have my private key encrypted.