Talk with cryptographers & semiconductor manufacturers about new silicon-based cryptographic functionality. Sign up now for our third virtual #SiliconSalon on January 18 at 9am PT. [1/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
Cramium @crossbarinc will discuss “Silicon & MPC”, overviewing silicon architecture approaches that address concerns of security, performance and efficiency as well as economic concerns and flexibility, all to accommodate future improvements. [4/7]
Bunnie from @bunniestudios will present “Toward a More Open Secure Element Chip” — “What are the elements that make a semiconductor more or less “open”? How do you maintain openness in a proprietary ecosystem, and is there a purpose to secrecy in security? [3/7]
If you have not seen the presentations and discussions from our last Silicon Salon, they are at https://www.siliconsalon.info/salon2/
We have three more presentations locked down for the 18th: [2/7]
We hope to see you all at Silicon Salon 3! [7/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
As usual, our feature presentations will be supplemented by discussions! https://www.siliconsalon.info/salon1/#discussions
Join in to contribute your points of view and your requirements for cryptographic silicon! [6/7]
Finally, Kavya Sreedhar will present “A Fast Large-Integer Extended GCD Algorithm and Hardware Design for Verifiable Delay Functions and Modular Inversion”. [5/7] http://ia.cr/2021/1292
Replying to @sbisson
@sbisson, beautiful photos. @joncallas pointed me here after seeing: https://twitter.com/gunsnrosesgirl3/status/1598231952854614016
For example, in next week’s virtual Silicon Salon 3, Kavya Sreedhar will be presenting about a 16nmn semiconductor design for constant-time modular inversion for Curve25519 using XGCD — 31 times faster than software! But more importantly, it can be hardened in silicon…[2/9]
Why is the discussion & community we are building at #SiliconSalon so important? Our problem is that silicon-based security is lagging, supporting only decade+ old crypto—no blockchain, no ZKP. The result is modern cryptography is done in user space. Let’s solve this!🧵… [1/9]
Bunnie of @bunniestudios will be talking about “where to draw the line for openness…the perceived fear/uncertainty/doubt (FUD) around a particular attack surface tends to have an inverse relation to the actual size of the attack surface.”…[3/9]
The goal of the Silicon Salon community hosted by @BlockchainCommons is to bridge the gap between semiconductor manufacture and wallet design, between academia and real-world usage. Take a look at our archives to see what we’ve done so far. [6/9] https://www.siliconsalon.info/
Semiconductor designer @CramiumLabs, working on the next generation of secure chips, desires to support MPC-based distributed key management (FROST, Threshold ECDSA, etc), which is receiving insufficient hardware support and academic attention but is an important future.…[5/9]
“The current NDA-heavy status quo for chips creates an analytical barrier that prevents us from determining how big the actual attack surface is. Without intimate knowledge of how the hardware is functions, there are important classes of software bugs we can’t analyze.”…[4/9]
Together, we can ensure that the next generation of cryptographic semiconductors meets everyone’s needs, advancing the entire cryptography industry. Support our efforts to host these conversations & build this community by sponsoring us at https://github.com/sponsors/BlockchainCommons/ [9/9]
We hold these Silicon Salon events quarterly, with our next one in April. We are planning now, and if you have a topic you’d like to present next quarter, let me know: pain points, architectures, secure boot & firmware, supply chains, threats & countermeasures, and more. [8/9]
Next week, join cryptographers & semiconductor manufacturers to discuss requirements for new silicon-logic-based cryptographic functionality & leveraging opportunities for semiconductor acceleration. January 18th, 9am-noon PT hosted online via Zoom. [7/9] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
Replying to @peterktodd
User space itself is not necessarily bad, but it increases attack surface. In particular vulnerabilities from improper sandboxing or attacks from lower layers of the stack that user space doesn’t specifically know about or can address.
Replying to @peterktodd
Assuming no bugs in user space code (not a given) it still can vulnerable to lower levels, such as network stack, correlation & privacy attacks, boot & hardware vulnerabilities (in particular when hardware is not inspectable). In particular don’t like raw keys in user space.
Replying to @peterktodd
Yes, FPGA has a role. Bunnie of @bunniestudios has been doing FPGA emulation of RISC-V (see their presentation at the 2nd #SiliconSalon https://www.siliconsalon.info/salon2/#bunnie-studios-presentation)), and in general SS2 was about boot and supply chain.
Replying to @peterktodd and @bunniestudios
Part of what Bunnie wants to talk about at the next Silicon Salon is where is the line between proprietary and open hardware? It is really hard to have a completely open design right now, but “more open” is possible. Perfection is the enemy of the good here.
RT @TheHackersNews: 🔥 Attention all #opensource developers: If you’re using “jsonwebtoken” library in your projects, you need to take urgen…
“As open source software increasingly emerges as a lucrative initial access pathway for threat actors to stage supply chain attacks, it’s crucial that vulnerabilities in such tools are proactively identified, mitigated, and patched by downstream users.” True! https://twitter.com/TheHackersNews/status/1612815649801117698
RT @__agwa: New blog post: whoarethey: Determine Who Can Log In to an SSH Server
Replying to @KyleOfTheCorn and @SeedSigner
If you want to do this you might want to do it in an interoperable way with Gordian Envelope. I know @FOUNDATIONdvcs is looking into using it to save interoperable backups to SD cards. You can encrypt with passwords or threshold of SSKR shares.
Join us this Wednesday to discuss the future of greater support for modern cryptography in silicon! 9am-Noon PT: https://twitter.com/ChristopherA/status/1612527727697088512
Continuing on this #PatentBreaker thread: Ideally, the Hilbert curve would be focused on where people actually live. Here is Europe & Asia. Of course any useful Hilbert curve for use zk-proofs to support #LocationPrivacy-focused geomapping would be a much finer grid.
Replying to @holochain, @Sheldrake, @molly0xFFF and @generative_
Thanks for the /HT. BTW, the article you link on Progressive Trust is from 2004, there is a more recent article (last month) with an update on my thoughts about Progressive Trust Architectures at https://www.blockchaincommons.com/musings/musings-progressive-trust/
A good & broad survey of discourse about Self-Sovereign Identity (aka #SSI) in recent years, by @CollinMcclain. “I want to leave this article with an invitation to think expansively and critically about identity” Yes! 👍 More is needed! https://twitter.com/Holochain/status/1615323677087698949
Replying to @MariaShen
Where do blockchain agnostic developers fall on your list? https://www.BlockchainCommons.com works with many chains.
The biggest event was the maturation of our Commons from our initial Airgap Wallet community to a more diverse group, including hardware wallets, software designers, and semiconductor manufacturers alike. Welcome to Chia, CrossBar, and Proxy in 2022! [2/9] https://www.blockchaincommons.com/sponsors.html
Blockchain Commons celebrates the new year with a report looking back at its considerable progress in 2022. Take a look at our growing community of developers, events, new architectures & specifications, advice and much more! 🧵 [1/9] https://twitter.com/BlockchainComns/status/1615743373201244161
CSR is built atop perhaps our biggest initiative for the year: #GordianEnvelope, a new “Smart Documentation” specification for storing data in a privacy-preserving way. A high-level intro: [5/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/
Another is Collaborative Seed Recovery (aka CSR). @BitmarkInc, @foundationdvcs, and @proxy are all working with us to create a way to shard your digital assets and store the shares in multiple locations in an interoperable manner. [4/9] https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md
The creation of a large community has allowed us to work on some big interoperable projects. One is @SiliconSalon, a quarterly series of events where we bring together different parties to talk about the future of cryptographic semiconductor design. [3/9] https://www.siliconsalon.info/
There was much more in 2022, including Seed Tool updates, server updates, more advocacy work in Wyoming & the EU, and updates to #SmartCustody. Read about that, and our plans for 2023. It’s all in our yearly review. [8/9] https://www.blockchaincommons.com/quarterlies/Yearly-2022/
Gordian Envelope is supported by a new CLI app, which lets you test out all of Envelope’s privacy-focused features, such as elision and encryption, right now. [7/9] https://github.com/BlockchainCommons/envelope-cli-swift
Or if you prefer video, here is a short 7-minute high-level “Introduction to Gordian Envelope”: https://www.youtube.com/watch?v=OcnpYqHn8NQ [6/9]
Become a sponsor to help us continue this development! A half-dozen companies have already joined us to create self-sovereign solutions for the internet! [9/9] https://github.com/sponsors/BlockchainCommons
I’m trying to get a definitive list of Bitcoin wallets that support @BlockchainComns airgap animated QR/UR specs for signing PSBTs. I know of @SparrowWallet, @bluewalletio, @KeystoneWallet & @CasaHODL, but I hear that @nunchuk_io & @Blockstream’s Jade Wallet now do so. Others?
Replying to @nvk
The number of steps for careful cold-storage of multisig is too hard, see our tedious example: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Scenario-Multisig.md However, we can do better but it requires to move toward Collaborative Seed Recovery…
Replying to @nvk
This is what our developer community is working on to make it easier this Q1: https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md
Replying to @nvk
But we also needed to safely store more metadata: descriptors, lighting channel details, FROST shares & authentication, and more, this last Q4 work on Gordian Envelope: https://www.blockchaincommons.com/introduction/Envelope-Intro/
Replying to @nvk
When we are done, none of this complexity will be visible to users.
RT @nunchuk_io: @ChristopherA @BlockchainComns @SparrowWallet @bluewalletio @KeystoneWallet @CasaHODL @Blockstream Confirm that we do !
RT @dstadulis: The endless, recursive assertions, possible with this Gordian Envelope data structure, prime it to handle the evolving deman…
Replying to @cryptoecongames
The slides and videos from last week’s #SiliconSalon III are now available at https://www.siliconsalon.info/salon3/, excerpts from facilitated discussion will be out next week.
RT @cryptoecongames: This is important. Crypto foundations please take note
The slides and videos from last week’s #SiliconSalon III are now available at http://siliconsalon.info/salon3/, excerpts from the facilitated discussion will be out next week.
Replying to @cronokirby
This? “Social Security’s total cost is projected to be higher than its total income in 2022 and all later years. Total cost began to be higher than total income in 2021. Social Security’s cost has exceeded its non-interest income since 2010.”
Replying to @cronokirby
Definitely lots in there, but what in particular grabbed you as significantly new?
Replying to @ApeDurden
It is far less expensive to pay for a comfortable work environment than pay for the extra salaries required for loss of productivity without them. Google is laying off due to bad strategic management leading to paying expensive people to build unfinished & cancelled projects.
@WarrenDavidson @RepFrenchHill — need some testimony on self-custody, private keys, digital identity, SSI? I’ve advised on #Wyoming laws and internationally. Talk to me. https://bitcoinmagazine.com/legal/saving-bitcoin-private-keys-from-courts
Released yesterday was the “European Declaration on Digital Rights and Principles for the Digital Decade” The first principle is “Putting people at the centre of the digital transformation” 👍 :
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AJOC_2023_023_R_0001
I note that this document is in conflict with a number of recent documents from the EU such as the AML rules in the “Transfer of Funds” regulations: https://www.europarl.europa.eu/legislative-train/theme-an-economy-that-works-for-people/file-revision-of-the-regulation-on-transfers-of-funds
Some other interesting commentary: “the Declaration remains mostly silent on how to protect safety and human rights, how to strengthen democratic oversight, and how to ensure that nobody is left behind.” https://twitter.com/xotoxot/status/1500732792250023938
Replying to @lorenc_dan, @awakecoding and @BenLaurie
You might then like Gordian Envelope which leverages CBOR. It is a structured data format that supports graph data (node or edge or both labeled), elision (redaction, encryption or reference) and is agnostic on curves. https://www.blockchaincommons.com/introduction/Envelope-Intro/
It’s an open meeting, so you can attend to listen to our short presentation and to participate in any Q&A that follows. [4/6]
We’ve already submitted an IETF Draft of Envelope, so we’re thrilled to also be able to present it to W3C and the CCG [3/6]. https://blockchaincommons.github.io/WIPs-IETF-draft-envelope/draft-mcnally-envelope.html
Gordian Envelope is Blockchain Commons’ privacy-focused and structure-focused “Smart Document” that allows for the storage and transmission of sensitive information. [2/6] https://www.blockchaincommons.com/introduction/Envelope-Intro/
This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Group. We’d love you to join us! [1/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000
Then join us Tuesday morning to learn more! [6/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000
Watch our introductory video for an overview of Envelope, its structure, and what it can do! [5/6] https://www.youtube.com/watch?v=OcnpYqHn8NQ
Replying to @lorenc_dan, @awakecoding and @BenLaurie
There is a W3C-CCG discussion next Tuesday: https://twitter.com/ChristopherA/status/1618720700390584320
I’m intrigued by the use case for #GordianEnvelope in AI model training sets. For instance, @MosaicML says they can create a Stable Diffusion class model for $160K https://www.mosaicml.com/blog/training-stable-diffusion-from-scratch-costs-160k. We could collect data & collaboratively build a validatable & certifiable sourced model.
RT @ChristopherA: This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Gr…
Here is a general use case for Gordian Envelopes in Software & AI Industry. I’d love thoughts on extending it further for AI model collaboration, validation, and certification. https://github.com/BlockchainCommons/Gordian/blob/master/Envelope/Use-Cases/Software.md
Join us tomorrow in the @W3C Credential Community for a discussion about Gordian Envelope. https://twitter.com/ChristopherA/status/1618720700390584320
I divide this into three parts: scope minimization, content minimization, and temporal minimization. You want to provide the minimal content for the minimal scope over the minimal amount of time. [3/9]
Data Minimization is the practice of limiting the amount of shared data to the minimum necessary: just enough to do what you need to do. A best-practice generally for security, but mandatory for #PersonalData under #GDPR. [2/9]
My latest “Musings of a Trust Architect” article covers #DataMinimization and #SelectiveDisclosure, both crucial privacy protecting data-management techniques: [1/9] https://www.blockchaincommons.com/musings/musings-data-minimization/
Take a look at the full article on Data Minimization and Selective Disclosure for more details on all of this! Or my previous musing post on architectures for Progressive Trust. I’d love to hear your comments and thoughts! [7/9] https://www.blockchaincommons.com/musings.html
I then share some brief details on three different Selective Disclosure cryptographic techniques: Hash-based Elision (or Redaction), Zero-Knowledge Proof (ZKP) and Blind Signature, and well some possible adjacent, less explored approaches. [6/9]
My requirements for Selective Disclosure include: granularity, control, transparency, security, privacy, compliance, auditability, and flexibility [5/9].
Selective Disclosure is then the next step: how you share limited amounts of information while also minimizing risks of correlation. [4/9]
Become a patron of Blockchain Commons if work of this sort is important to you! Or write to me directly if you’d like to become more involved as a contributor. [9/9] https://www.blockchaincommons.com/sponsors.html
These concepts are already influencing the @BlockchainComns work on Gordian Envelope. I hope they’ll be a general building block for the next generation of private data storage. [8/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/
RT @OpenSourceOrg: The ultimate list of reactions to the Cyber Resilience Act from ARGH! to ZOMG! https://blog.opensource.org/the-ultimate-list-of-reactions-to-the-cyber-resilience-act/
RT @OpenSourceOrg: The EU Cyber Resilience Act has noble aims but its wording and framing can harm #OpenSource. It must be fixed. https://t…
date: “2023-01-31” time: 23:59:59 +0000 —
Talk with cryptographers & semiconductor manufacturers about new silicon-based cryptographic functionality. Sign up now for our third virtual #SiliconSalon on January 18 at 9am PT. [1/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
Cramium @crossbarinc will discuss “Silicon & MPC”, overviewing silicon architecture approaches that address concerns of security, performance and efficiency as well as economic concerns and flexibility, all to accommodate future improvements. [4/7]
Bunnie from @bunniestudios will present “Toward a More Open Secure Element Chip” — “What are the elements that make a semiconductor more or less “open”? How do you maintain openness in a proprietary ecosystem, and is there a purpose to secrecy in security? [3/7]
If you have not seen the presentations and discussions from our last Silicon Salon, they are at https://www.siliconsalon.info/salon2/
We have three more presentations locked down for the 18th: [2/7]
We hope to see you all at Silicon Salon 3! [7/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
As usual, our feature presentations will be supplemented by discussions! https://www.siliconsalon.info/salon1/#discussions
Join in to contribute your points of view and your requirements for cryptographic silicon! [6/7]
Finally, Kavya Sreedhar will present “A Fast Large-Integer Extended GCD Algorithm and Hardware Design for Verifiable Delay Functions and Modular Inversion”. [5/7] http://ia.cr/2021/1292
Replying to @sbisson
@sbisson, beautiful photos. @joncallas pointed me here after seeing: https://twitter.com/gunsnrosesgirl3/status/1598231952854614016
For example, in next week’s virtual Silicon Salon 3, Kavya Sreedhar will be presenting about a 16nmn semiconductor design for constant-time modular inversion for Curve25519 using XGCD — 31 times faster than software! But more importantly, it can be hardened in silicon…[2/9]
Why is the discussion & community we are building at #SiliconSalon so important? Our problem is that silicon-based security is lagging, supporting only decade+ old crypto—no blockchain, no ZKP. The result is modern cryptography is done in user space. Let’s solve this!🧵… [1/9]
Bunnie of @bunniestudios will be talking about “where to draw the line for openness…the perceived fear/uncertainty/doubt (FUD) around a particular attack surface tends to have an inverse relation to the actual size of the attack surface.”…[3/9]
The goal of the Silicon Salon community hosted by @BlockchainCommons is to bridge the gap between semiconductor manufacture and wallet design, between academia and real-world usage. Take a look at our archives to see what we’ve done so far. [6/9] https://www.siliconsalon.info/
Semiconductor designer @CramiumLabs, working on the next generation of secure chips, desires to support MPC-based distributed key management (FROST, Threshold ECDSA, etc), which is receiving insufficient hardware support and academic attention but is an important future.…[5/9]
“The current NDA-heavy status quo for chips creates an analytical barrier that prevents us from determining how big the actual attack surface is. Without intimate knowledge of how the hardware is functions, there are important classes of software bugs we can’t analyze.”…[4/9]
Together, we can ensure that the next generation of cryptographic semiconductors meets everyone’s needs, advancing the entire cryptography industry. Support our efforts to host these conversations & build this community by sponsoring us at https://github.com/sponsors/BlockchainCommons/ [9/9]
We hold these Silicon Salon events quarterly, with our next one in April. We are planning now, and if you have a topic you’d like to present next quarter, let me know: pain points, architectures, secure boot & firmware, supply chains, threats & countermeasures, and more. [8/9]
Next week, join cryptographers & semiconductor manufacturers to discuss requirements for new silicon-logic-based cryptographic functionality & leveraging opportunities for semiconductor acceleration. January 18th, 9am-noon PT hosted online via Zoom. [7/9] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527
Replying to @peterktodd
User space itself is not necessarily bad, but it increases attack surface. In particular vulnerabilities from improper sandboxing or attacks from lower layers of the stack that user space doesn’t specifically know about or can address.
Replying to @peterktodd
Assuming no bugs in user space code (not a given) it still can vulnerable to lower levels, such as network stack, correlation & privacy attacks, boot & hardware vulnerabilities (in particular when hardware is not inspectable). In particular don’t like raw keys in user space.
Replying to @peterktodd
Yes, FPGA has a role. Bunnie of @bunniestudios has been doing FPGA emulation of RISC-V (see their presentation at the 2nd #SiliconSalon https://www.siliconsalon.info/salon2/#bunnie-studios-presentation)), and in general SS2 was about boot and supply chain.
Replying to @peterktodd and @bunniestudios
Part of what Bunnie wants to talk about at the next Silicon Salon is where is the line between proprietary and open hardware? It is really hard to have a completely open design right now, but “more open” is possible. Perfection is the enemy of the good here.
RT @TheHackersNews: 🔥 Attention all #opensource developers: If you’re using “jsonwebtoken” library in your projects, you need to take urgen…
“As open source software increasingly emerges as a lucrative initial access pathway for threat actors to stage supply chain attacks, it’s crucial that vulnerabilities in such tools are proactively identified, mitigated, and patched by downstream users.” True! https://twitter.com/TheHackersNews/status/1612815649801117698
RT @__agwa: New blog post: whoarethey: Determine Who Can Log In to an SSH Server
Replying to @KyleOfTheCorn and @SeedSigner
If you want to do this you might want to do it in an interoperable way with Gordian Envelope. I know @FOUNDATIONdvcs is looking into using it to save interoperable backups to SD cards. You can encrypt with passwords or threshold of SSKR shares.
Join us this Wednesday to discuss the future of greater support for modern cryptography in silicon! 9am-Noon PT: https://twitter.com/ChristopherA/status/1612527727697088512
Continuing on this #PatentBreaker thread: Ideally, the Hilbert curve would be focused on where people actually live. Here is Europe & Asia. Of course any useful Hilbert curve for use zk-proofs to support #LocationPrivacy-focused geomapping would be a much finer grid.
Replying to @holochain, @Sheldrake, @molly0xFFF and @generative_
Thanks for the /HT. BTW, the article you link on Progressive Trust is from 2004, there is a more recent article (last month) with an update on my thoughts about Progressive Trust Architectures at https://www.blockchaincommons.com/musings/musings-progressive-trust/
A good & broad survey of discourse about Self-Sovereign Identity (aka #SSI) in recent years, by @CollinMcclain. “I want to leave this article with an invitation to think expansively and critically about identity” Yes! 👍 More is needed! https://twitter.com/Holochain/status/1615323677087698949
Replying to @MariaShen
Where do blockchain agnostic developers fall on your list? https://www.BlockchainCommons.com works with many chains.
The biggest event was the maturation of our Commons from our initial Airgap Wallet community to a more diverse group, including hardware wallets, software designers, and semiconductor manufacturers alike. Welcome to Chia, CrossBar, and Proxy in 2022! [2/9] https://www.blockchaincommons.com/sponsors.html
Blockchain Commons celebrates the new year with a report looking back at its considerable progress in 2022. Take a look at our growing community of developers, events, new architectures & specifications, advice and much more! 🧵 [1/9] https://twitter.com/BlockchainComns/status/1615743373201244161
CSR is built atop perhaps our biggest initiative for the year: #GordianEnvelope, a new “Smart Documentation” specification for storing data in a privacy-preserving way. A high-level intro: [5/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/
Another is Collaborative Seed Recovery (aka CSR). @BitmarkInc, @foundationdvcs, and @proxy are all working with us to create a way to shard your digital assets and store the shares in multiple locations in an interoperable manner. [4/9] https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md
The creation of a large community has allowed us to work on some big interoperable projects. One is @SiliconSalon, a quarterly series of events where we bring together different parties to talk about the future of cryptographic semiconductor design. [3/9] https://www.siliconsalon.info/
There was much more in 2022, including Seed Tool updates, server updates, more advocacy work in Wyoming & the EU, and updates to #SmartCustody. Read about that, and our plans for 2023. It’s all in our yearly review. [8/9] https://www.blockchaincommons.com/quarterlies/Yearly-2022/
Gordian Envelope is supported by a new CLI app, which lets you test out all of Envelope’s privacy-focused features, such as elision and encryption, right now. [7/9] https://github.com/BlockchainCommons/envelope-cli-swift
Or if you prefer video, here is a short 7-minute high-level “Introduction to Gordian Envelope”: https://www.youtube.com/watch?v=OcnpYqHn8NQ [6/9]
Become a sponsor to help us continue this development! A half-dozen companies have already joined us to create self-sovereign solutions for the internet! [9/9] https://github.com/sponsors/BlockchainCommons
I’m trying to get a definitive list of Bitcoin wallets that support @BlockchainComns airgap animated QR/UR specs for signing PSBTs. I know of @SparrowWallet, @bluewalletio, @KeystoneWallet & @CasaHODL, but I hear that @nunchuk_io & @Blockstream’s Jade Wallet now do so. Others?
Replying to @nvk
The number of steps for careful cold-storage of multisig is too hard, see our tedious example: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Scenario-Multisig.md However, we can do better but it requires to move toward Collaborative Seed Recovery…
Replying to @nvk
This is what our developer community is working on to make it easier this Q1: https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md
Replying to @nvk
But we also needed to safely store more metadata: descriptors, lighting channel details, FROST shares & authentication, and more, this last Q4 work on Gordian Envelope: https://www.blockchaincommons.com/introduction/Envelope-Intro/
Replying to @nvk
When we are done, none of this complexity will be visible to users.
RT @nunchuk_io: @ChristopherA @BlockchainComns @SparrowWallet @bluewalletio @KeystoneWallet @CasaHODL @Blockstream Confirm that we do !
RT @dstadulis: The endless, recursive assertions, possible with this Gordian Envelope data structure, prime it to handle the evolving deman…
Replying to @cryptoecongames
The slides and videos from last week’s #SiliconSalon III are now available at https://www.siliconsalon.info/salon3/, excerpts from facilitated discussion will be out next week.
RT @cryptoecongames: This is important. Crypto foundations please take note
The slides and videos from last week’s #SiliconSalon III are now available at http://siliconsalon.info/salon3/, excerpts from the facilitated discussion will be out next week.
Replying to @cronokirby
This? “Social Security’s total cost is projected to be higher than its total income in 2022 and all later years. Total cost began to be higher than total income in 2021. Social Security’s cost has exceeded its non-interest income since 2010.”
Replying to @cronokirby
Definitely lots in there, but what in particular grabbed you as significantly new?
Replying to @ApeDurden
It is far less expensive to pay for a comfortable work environment than pay for the extra salaries required for loss of productivity without them. Google is laying off due to bad strategic management leading to paying expensive people to build unfinished & cancelled projects.
@WarrenDavidson @RepFrenchHill — need some testimony on self-custody, private keys, digital identity, SSI? I’ve advised on #Wyoming laws and internationally. Talk to me. https://bitcoinmagazine.com/legal/saving-bitcoin-private-keys-from-courts
Released yesterday was the “European Declaration on Digital Rights and Principles for the Digital Decade” The first principle is “Putting people at the centre of the digital transformation” 👍 :
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AJOC_2023_023_R_0001
I note that this document is in conflict with a number of recent documents from the EU such as the AML rules in the “Transfer of Funds” regulations: https://www.europarl.europa.eu/legislative-train/theme-an-economy-that-works-for-people/file-revision-of-the-regulation-on-transfers-of-funds
Some other interesting commentary: “the Declaration remains mostly silent on how to protect safety and human rights, how to strengthen democratic oversight, and how to ensure that nobody is left behind.” https://twitter.com/xotoxot/status/1500732792250023938
Replying to @lorenc_dan, @awakecoding and @BenLaurie
You might then like Gordian Envelope which leverages CBOR. It is a structured data format that supports graph data (node or edge or both labeled), elision (redaction, encryption or reference) and is agnostic on curves. https://www.blockchaincommons.com/introduction/Envelope-Intro/
It’s an open meeting, so you can attend to listen to our short presentation and to participate in any Q&A that follows. [4/6]
We’ve already submitted an IETF Draft of Envelope, so we’re thrilled to also be able to present it to W3C and the CCG [3/6]. https://blockchaincommons.github.io/WIPs-IETF-draft-envelope/draft-mcnally-envelope.html
Gordian Envelope is Blockchain Commons’ privacy-focused and structure-focused “Smart Document” that allows for the storage and transmission of sensitive information. [2/6] https://www.blockchaincommons.com/introduction/Envelope-Intro/
This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Group. We’d love you to join us! [1/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000
Then join us Tuesday morning to learn more! [6/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000
Watch our introductory video for an overview of Envelope, its structure, and what it can do! [5/6] https://www.youtube.com/watch?v=OcnpYqHn8NQ
Replying to @lorenc_dan, @awakecoding and @BenLaurie
There is a W3C-CCG discussion next Tuesday: https://twitter.com/ChristopherA/status/1618720700390584320
I’m intrigued by the use case for #GordianEnvelope in AI model training sets. For instance, @MosaicML says they can create a Stable Diffusion class model for $160K https://www.mosaicml.com/blog/training-stable-diffusion-from-scratch-costs-160k. We could collect data & collaboratively build a validatable & certifiable sourced model.
RT @ChristopherA: This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Gr…
Here is a general use case for Gordian Envelopes in Software & AI Industry. I’d love thoughts on extending it further for AI model collaboration, validation, and certification. https://github.com/BlockchainCommons/Gordian/blob/master/Envelope/Use-Cases/Software.md
Join us tomorrow in the @W3C Credential Community for a discussion about Gordian Envelope. https://twitter.com/ChristopherA/status/1618720700390584320
I divide this into three parts: scope minimization, content minimization, and temporal minimization. You want to provide the minimal content for the minimal scope over the minimal amount of time. [3/9]
Data Minimization is the practice of limiting the amount of shared data to the minimum necessary: just enough to do what you need to do. A best-practice generally for security, but mandatory for #PersonalData under #GDPR. [2/9]
My latest “Musings of a Trust Architect” article covers #DataMinimization and #SelectiveDisclosure, both crucial privacy protecting data-management techniques: [1/9] https://www.blockchaincommons.com/musings/musings-data-minimization/
Take a look at the full article on Data Minimization and Selective Disclosure for more details on all of this! Or my previous musing post on architectures for Progressive Trust. I’d love to hear your comments and thoughts! [7/9] https://www.blockchaincommons.com/musings.html
I then share some brief details on three different Selective Disclosure cryptographic techniques: Hash-based Elision (or Redaction), Zero-Knowledge Proof (ZKP) and Blind Signature, and well some possible adjacent, less explored approaches. [6/9]
My requirements for Selective Disclosure include: granularity, control, transparency, security, privacy, compliance, auditability, and flexibility [5/9].
Selective Disclosure is then the next step: how you share limited amounts of information while also minimizing risks of correlation. [4/9]
Become a patron of Blockchain Commons if work of this sort is important to you! Or write to me directly if you’d like to become more involved as a contributor. [9/9] https://www.blockchaincommons.com/sponsors.html
These concepts are already influencing the @BlockchainComns work on Gordian Envelope. I hope they’ll be a general building block for the next generation of private data storage. [8/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/
RT @OpenSourceOrg: The ultimate list of reactions to the Cyber Resilience Act from ARGH! to ZOMG! https://blog.opensource.org/the-ultimate-list-of-reactions-to-the-cyber-resilience-act/
RT @OpenSourceOrg: The EU Cyber Resilience Act has noble aims but its wording and framing can harm #OpenSource. It must be fixed. https://t…