|
December 13, 2013, 01:32:52 AM |
|
I am sure there are others working on this problem but it is difficult to search. I would appreciate advice on where I should be looking.
Each address represents a configuration repository of trust. The configuration includes public keys, authority delegations, theft notification, and migrate notification. Every public key is named with the name being unique to that address. Authority delegation allows you to designate one or more addresses as having authority over your address. This means they can issue theft and migrate notifications on your behalf. You could delegate authority to a backup address you control or to a third party you trust. You can issue a migrate notification to transfer to a new address.
The theft notification is basically a message that says "do not trust" (DNT) and marks an address as untrustworthy. An address is arguably more valuable if it is usable so a thief would have incentive to avoid this message from going out. As long as you have access to your private key or delegated authority, you can send this message out to burn an address and the thief can't prevent it. The DNT can designate the last reliable message ("anything after X can't be trusted") to prevent the thief from inserting their own authority delegations while retaining yours. Authority delegation can also be given a required time threshold (ie: 2 weeks) before it can be trusted. The only thing a thief would be able to do at this point is mark the address as entirely untrustworthy which is probably more damaging to the thief than it would be to you.
In this way, software can detect stolen keys and prevent unauthorized usage. If your address is stolen and you've delegated authority, you can use your delegations to reroute the chain of trust to a new address and the relying parties can automatically update by following the chain of trust. I believe this would create a repository for exchanging keys that can be trusted and leveraged by third party apps. This would discourage use of the blockchain for storing arbitrary data as you could just as easily sign the data with a key and put it anywhere on the web. If used within bitcoin (the currency) this might make it so the currency is backed by a mutual need for virtual trust; so whereas fiat currency is backed by the shared value of gold, bitcoin can be backed by the shared value of verifiable information and computational work. So long as trust is valuable, so too would bitcoin be.
This is the part where I cover my head and wait to be told I'm going completely off the rails. Again, I'm really just looking to be pointed in the right direction.
|