Hyperledger - Aft... - Via 'Steve anon US lawyer ' - I must ...


Deventer, M.O. (Oskar) van <oskar.vandeventer@...>
 

Dear Steve Anon and Andreas Freund,

 

Thank you for your comments, which I received via Google Docs. The Hyperledger Requirements WG (this email list) is the proper place to discuss these comments, hence I am responding here.

 

  • I found it curious that creating a new set of private keys would be unacceptable.

I believe you misread the requirement. The requirement prohibits the handing over of private keys. It does not say anything about creating new keys. Or did I misunderstand you?

 

  • That side party of course has its own uniquely identifiable and immutable key or identifier.

Sure. I 100% agree. What am I missing?

 

  • Ideally, a user (human or machine) should not be able to see their private key …

I agree.

 

  • Generally speaking a smart contract of even moderate complexity is actually a smart contract system ... at minimum controller, permissions, functions ... permission contract based on hashes of private keys, and sig of a standard message, can be updated through the control contract etc. ... by now standard MO for smart contract development

If there exist blockchain implementation that intrinsically satisfy all my requirements, then please tell me which. I believe that the “after-the-fact” requirements have not been considered by many blockchain projects. I also believe that they are valid requirements.

 

Best regards,

 

Oskar

 

 

From: Andreas Freund (Google Docs) [mailto:d+MTA5ODc1OTgwNjAwMDc1MTUwNjY3-MTAzNTMzNjc5Njk5NDU1ODU5NTU0@...]
Sent: Tuesday, 18 July, 2017 22:59
To: Deventer, M.O. (Oskar) van <oskar.vandeventer@...>
Subject: Hyperledger - Aft... - Via 'Steve anon US lawyer ' - I must ...

 

Andreas Freund replied to a comment on Hyperledger - After-the-fact mandate changes

clive boulton

clive boulton

3.1 No handing over of private keys

Via 'Steve anon US lawyer ' - I must say that section 3.1 peaked my interest more than any other. I found it curious that creating a new set of private keys would be unacceptable. Consider assigning permissions to a side party like an auditor, trustee [guardian] or agent] who is given certain responsibilities over the immutable object that is otherwise owned by and initiating author. That side party of course has its own uniquely identifiable and immutable key or identifier. As it should. Otherwise there is no proper means for auditing the controller use of the smart contract by the trustee [guardian] or agent.

Those are my thoughts. Thanks for asking.

Steve

Andreas Freund

Andreas Freund

Ideally, a user (human or machine) should not be able to see their private key ... reside in a TEE/TPM where it is created and all signing takes place ... there needs to be a key backup and recovery mechanism that does not violate privacy, is secure and does not allow for collusion either. Hard but doable.

Generally speaking a smart contract of even moderate complexity is actually a smart contract system ... at minimum controller, permissions, functions ... permission contract based on hashes of private keys, and sig of a standard message, can be updated through the control contract etc. ... by now standard MO for smart contract development

 

Open

 

Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

You have received this email because you are subscribed to all discussions on Hyperledger - After-the-fact mandate changes.Change what Google Docs sends you.You can reply to this email to reply to the discussion.

 

 

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.