RT @aaronareed: Announcing “50 Years of Text Games,” a year-long blog series tracing a path through the history of interactive fiction from…

Sat Jan 02 06:41:46 +0000 2021

RT @zkproofs: Excited that our new paper on more efficient recursive proofs is out!


TL;DR: Incrementally verifiab…

Sat Jan 02 06:45:06 +0000 2021

RT @RPGnet: Check out our traditional Year in Review, by @Appelcline!


Sat Jan 02 06:48:07 +0000 2021

RT @jodobear: I was part of the summer internship learnt a lot and it was a blast with regular guests from the space. Will be joining to co…

Sat Jan 02 07:33:39 +0000 2021

RT @WolfMcNally: Just Released: LifeHash now generates machine vision fiducials! #ARKit #AugmentedReality

https://github.com/BlockchainCommons/LifeHash https:/…

Sun Jan 03 06:34:59 +0000 2021

RT @WolfMcNally: Just Released: LifeHashTool for generating LifeHash visual hash images from the command line!

https://github.com/BlockchainCommons/LifeHashTool htt…

Sun Jan 03 06:35:06 +0000 2021

RT @ChristopherA: Are you a college student in the Southern Hemisphere on your summer break? Or a student on Covid19 lock down? Want to lea…

Mon Jan 04 19:32:37 +0000 2021

🕵🏻‍♂️“We conclude that, the ability of human to identify conflicts in inputs and to adjust their response accordingly, which is well known, leads to unique dynamics when situated in networks. This research may impact numerous fields…” https://vimeo.com/394199689

Tue Jan 05 00:43:13 +0000 2021

RT @FoxCahn: When police use #COVID19 criminalize contact tracing, people will. it undermines public health infrastructure in a pandemic. T…

Tue Jan 05 03:32:42 +0000 2021

RT @EFF: FinCEN’s proposed regulations would undermine the civil liberties of cryptocurrency users, give the government access to troves of…

Tue Jan 05 03:40:45 +0000 2021

RT @bullypulpit_hq: Slack’s down, so we’re considering calling the whole Monday off and just playing our new Fiasco playset. 😬
(It’s free,…

Tue Jan 05 03:43:35 +0000 2021

Today is the anniversary of my first post on Twitter. A rather inane first post, but at 14 years with 15K+ followers and 15K+ posts has become quite an archive of my professional life & thoughts. https://twitter.com/ChristopherA/status/2221703?s=20

Tue Jan 05 08:27:48 +0000 2021

Replying to @infinite_mao

It is tagged Belonging Outside Belonging — but is it a game?

Tue Jan 05 08:52:39 +0000 2021

Given the increased concern in 2021 about privacy & censorship of cryptocurrencies, @BlockchainComns has been working on integrating the @TorProject’s great work into the architecture used by our collaborative wallet community. We call this #TorGap. Support or join our effort! https://twitter.com/ChristopherA/status/1337487024857616384

Tue Jan 05 20:35:38 +0000 2021

I met David Recordan @daveman692 thorough his open source & standards advocacy of oauth and other early digital identity & authentication technologies. I’m please to hear that he will be part of the Biden administration as WH Director of Technology: https://www.zdnet.com/article/open-source-developer-and-manager-david-recordon-named-white-house-director-of-technology/

Wed Jan 06 06:12:15 +0000 2021


A lot of our Q4’s projects are related to multisig, which we see as the future of Bitcoin (and other emerging technologies like DIDs) because they allow for better #SmartCustody of your digital resources. [2/7]

Thu Jan 07 20:35:58 +0000 2021

Today @BlockchainComns posted its Q4 Report, talking about a variety of new releases such as beta of our new @GordianWallet Cosigner app, an updated Learning Bitcoin 2.0 course, a new implementation of seedtool for iOS, a LifeHashTool, and more. https://twitter.com/BlockchainComns/status/1347274478502350848

Thu Jan 07 20:35:58 +0000 2021


The Commons has been working on these issues with our Airgapped Wallet Community, who have also been adopting & porting our first major specification and reference library, Universal Resources, to facilitate interoperable airgapped PSBT wallets. [4/7] https://github.com/BlockchainCommons/Airgapped-Wallet-Community/discussions

Thu Jan 07 20:35:59 +0000 2021


Our multisig research has revealed that crucial elements such as sharing xpubs, backing up account descriptors, the m/48’ derivation, various PSBT approaches, and different multisig policy roles are all underspecified, making interoperability difficult. [3/7]

Thu Jan 07 20:35:59 +0000 2021


As the @BlockchainComns Q4 Report’s note, Blockchain Commons needs your support to continue its important work advancing wallet interoperability and the state of the art for Bitcoin and blockchain technology. Thank you! [7/7] https://github.com/sponsors/BlockchainCommons

Thu Jan 07 20:36:00 +0000 2021


It offers advantages such as separation of interests, reduction of single-points-of-failure, non-correlation, and service anonymity. A FAQ discusses why Torgap is a crucial architecture for digital assets [6/7]. https://github.com/BlockchainCommons/torgap/blob/master/Docs/FAQ.md

Thu Jan 07 20:36:00 +0000 2021


The #Torgap architecture was the other major innovation of Q4 that deserves some additional discussion. Basically, it’s a new architecture that improves the security and privacy of connected apps and microservices. [5/7] https://github.com/BlockchainCommons/torgap

Thu Jan 07 20:36:00 +0000 2021

RT @BlockchainComns: Our Principal Architect @ChristopherA continues his work with the Wyoming legislature on a legal definition of Digital…

Thu Jan 07 23:33:18 +0000 2021

RT @valkenburgh: 1/ Here’s a thread on the constitutional challenges to the midnight rulemaking that @coincenter is holding in reserve. The…

Thu Jan 07 23:49:03 +0000 2021

RT @ChristopherA: I’m also interested in contracting a US or Canada-based bookkeeper that knows or is willing to learn basic command line a…

Fri Jan 08 08:40:52 +0000 2021

I’m still trying to find a bookkeeper that can help @BlockchainComns using CLI #PlainTextAccounting tools like Ledger #hLedger #Beancount so that we can do better Bitcoin accounting. Price increases this year are good but complicate accounting for a Bitcoin-centric organization. https://twitter.com/ChristopherA/status/1141938538956460033

Fri Jan 08 08:44:05 +0000 2021

Replying to @adanarama and @hedgiespresso

I’ve a couple of games that are designed to fit on Avery Name Badge 5393 pre-perf’ed paper. It is a great size for print & play, and given good bleed & margins, is roughly the amount interior content that fits on a full-sized playing card. My #GateWatch game playlists used this.

Fri Jan 08 20:00:35 +0000 2021

The @torproject network was attacked yesterday. Tor is not (yet) fully decentralized. When you first connect to the Tor network there is hard coded IPs that your Tor process uses to bootstrap your connection into the network. Our decentralized community should help. #TorGap

Sun Jan 10 21:13:02 +0000 2021


Some details on the attack: “This appears to be a new kind of attack which affects the entire network and involves overloading the consensus authority nodes.” https://darknetdaily.com/?p=1030

Sun Jan 10 21:14:15 +0000 2021


At @BlockchainComns we leverage Tor extensively with our reference architecture, which is why we support the Tor commons as well. Not only financially but with code and services like hosting an exit node. We call this #TorGap: https://twitter.com/ChristopherA/status/1337487024857616384

Sun Jan 10 21:18:53 +0000 2021


We encourage your support of the Tor Commons and Blockchain Commons. We are needing more engineers to volunteer to review and contribute to our open source code tools, but also #devops volunteers to help us maintain & test & scale to make available more #TorGap services.

Sun Jan 10 21:23:03 +0000 2021



Sun Jan 10 21:23:51 +0000 2021


Tor is an essential part of the Bitcoin Lightning network, and is beginning to become even more important to the privacy & safety of Bitcoin itself. If you care about either of those, you should also also consider financially sponsoring the @torproject & @BlockchainComns.

Sun Jan 10 21:31:14 +0000 2021

RT @ChristopherA: We encourage your support of the Tor Commons and Blockchain Commons. We are needing more engineers to volunteer to review…

Sun Jan 10 21:31:23 +0000 2021

RT @ChristopherA: Tor is an essential part of the Bitcoin Lightning network, and is beginning to become even more important to the privacy…

Sun Jan 10 21:31:27 +0000 2021

Replying to @generativist and @mindspillage

I got involved in this field not because of censorship-resistance being a first principle, but that censorship-resistance can serve even higher principles like anti-coercion & human rights. These are the roots of my architecture design of SSL in 90s and DIDs in the 10s.

Mon Jan 11 00:23:48 +0000 2021

Replying to @generativist and @mindspillage

A challenge of our era is that censorship-resistance is important but that we also need to find ways to support and grow the many commons with wise decision making. I personally do believe we can continue to support censorship-resistance but also ways to avoid cognitive coercion.

Mon Jan 11 00:28:07 +0000 2021

Though there are many other improvements in this latest release of Bitcoin, to me the most important is greater support of Tor, and in particular Tor v3. We support Tor v3 in @GordianWallet. My second favorite change is that no wallet is created by default. https://twitter.com/bitcoincoreorg/status/1349720304680054784

Thu Jan 14 19:40:40 +0000 2021

We released v2 of our “Learning Bitcoin from the Command Line Course” last fall. We feel it is the best way to begin understanding of how Bitcoin really works. With Bitcoin 0.21.0 out today, we need volunteers to help us identify new issues and update it. https://github.com/BlockchainCommons/Learning-Bitcoin-from-the-Command-Line

Thu Jan 14 19:45:36 +0000 2021


You don’t need to be a software engineer to go through the first 8 chapters of the Bitcoin course—any reasonably technical person can do command line basics. Give it a try with new Bitcoin 0.21.0 and let us know if anything is unclear or doesn’t quite work like the older version.

Thu Jan 14 19:49:21 +0000 2021

Replying to @jilliancyork

At the root of the reason why I support anonymity is that it is essential to prevent violence and/or coercion (including financial coercion). This is required for not only things like voting, juries & change advocacy but many other social processes to address imbalances of power.

Fri Jan 15 04:17:56 +0000 2021


Following up on my concern with Apple excluding its own apps from security monitoring (a disaster in the making!), reportedly this has been removed from macOS 11.2 👍: https://www.zdnet.com/article/apple-removes-feature-that-allowed-its-apps-to-bypass-macos-firewalls-and-vpns/

Fri Jan 15 06:40:00 +0000 2021

RT @ChristopherA: Following up on my concern with Apple excluding its own apps from security monitoring (a disaster in the making!), report…

Fri Jan 15 06:40:15 +0000 2021

RT @pwang: Really great post by Paul.
“Decentralization trends toward libertarian ideals, but collective rights are as important as individ…

Fri Jan 15 09:15:41 +0000 2021

I’ve been building tools for & supporting anonymity online for a long time, as they are essential are essential to protect human rights against coercion & violence. But @jilliancyork’s list of reasons why this is important is much better than my list: 👍 https://jilliancyork.com/2021/01/14/everything-old-is-new-part-2-why-online-anonymity-matters/

Fri Jan 15 09:18:16 +0000 2021

Want to host your own Bitcoin Full Node (pruned or archival)? One of the easiest ways is GordianServer for macOS. Just download the .dmg, drag app to your application folder, open app & it does all the hard work. Works with latest Bitcoin 0.21.0 & Big Sur. https://github.com/blockchainCommons/GordianServer-macOS

Fri Jan 15 20:49:56 +0000 2021


Your own personal macOS Gordian Server, once synced, works great with #TorGap mobile wallets like @GordianWallet & @FullyNoded. Also great with our Learning Bitcoin from the Command Line Course: https://github.com/BlockchainCommons/Learning-Bitcoin-from-the-Command-Line

Fri Jan 15 21:54:29 +0000 2021

RT @ChristopherA: Your own personal macOS Gordian Server, once synced, works great with #TorGap mobile wallets like @GordianWallet & @Fully…

Fri Jan 15 22:15:23 +0000 2021

RT @FullyNoded: Gordian Server is definitely the easiest and most secure way to get a node running on your mac. Works out of the box with F…

Sat Jan 16 04:19:40 +0000 2021

Replying to @getsqt

Yes, it is called Bitcoin Standup. But no graphical UX, just scripts: https://github.com/BlockchainCommons/Bitcoin-Standup-Scripts

Sun Jan 17 21:36:07 +0000 2021

RT @FullyNoded: Massive shout out to @BlockchainComns @ChristopherA and the wizard who makes Tor and Libwally possible to run on all these…

Mon Jan 18 17:29:37 +0000 2021

RT @FullyNoded: If you want to incorporate Tor or Libwally (modern bitcoin library with full psbt support) into your swift project the libs…

Mon Jan 18 17:29:42 +0000 2021

#QotD (Quote of the Day) “The power to name is the power to control.” Came up today in the #Wyoming Digital Identity meeting, and it turns out this phrase has deep religious history & philosophical depth. For instance, in Genesis 19-20 delegating power to man to name the beasts.

Mon Jan 18 19:51:27 +0000 2021


Some links: Is Name-Giving an Act of Domination in Genesis 2:23 and Elsewhere? https://www.jstor.org/stable/43717586?seq=1

Mon Jan 18 19:52:02 +0000 2021


See the “Third Commandment: Ethics” section of the “The Ten Commandments” https://www.reconstructionistradio.com/audiobook/that-you-may-prosper/appendix-1-the-ten-commandments/

Mon Jan 18 19:55:17 +0000 2021


This phrase also comes up in a number papers on the Talmud, colonialism, racism, and feminism.

Mon Jan 18 19:58:43 +0000 2021


In a number of fantasy books, such as the Earthsea book by @ursulaleguin, the powers of wizardry come from knowing True Names. And such power can overwhelm consent. This likely came from sources on mythology & esoterica.

Mon Jan 18 20:02:33 +0000 2021


The seminal SF story “True Names” by Vernor Vinge took this Earthsea concept to virtual world (which in many ways this story invented), which I read as a teen, which is probably the origin of my aversion to power of naming.

Mon Jan 18 20:05:16 +0000 2021


I’d not quite connected all the dots of my long-term reservations about technological control of names (DNS, TrueNames/RealNames, etc) back to this particular long history of philosophical and religious thought about the power of names, and the authority to grant them. ៚

Mon Jan 18 20:07:10 +0000 2021


/ht @dazzagreenwood

Mon Jan 18 20:09:44 +0000 2021


I found even more interesting historical references to naming as power in this Wikipedia entry, using Isis controlling Ra by knowing his name, in Jacob wrestling an angel, in Kabbalaism, Daoism, and more : https://en.wikipedia.org/wiki/True_name

Tue Jan 19 00:26:01 +0000 2021

RT @torproject: We’re hiring a Software Developer for our Anti-Censorship Team.

This developer will work to improve the user experience an…

Thu Jan 21 03:23:26 +0000 2021

I’m not always in agreement with the ⁦@NSAGov⁩, but as a co-author of SSL/TLS, I urge you to follow their guidelines and obsolete use of older versions: “only TLS 1.2 or TLS 1.3 be used; and that SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 not be used.” https://www.zdnet.com/article/nsa-urges-system-administrators-to-replace-obsolete-tls-protocols/

Thu Jan 21 07:26:01 +0000 2021

RT @GeorgeKappos: 1/2 Our paper studying privacy in the Lightning Network is out!
We identified 27,183 private channels, discovered hidden…

Sat Jan 23 17:09:45 +0000 2021

RT @pjvangarderen: “Privacy is not a responsibility you should take lightly. It’s not fast, or glamorous or easy. It’s not a path to riches…

Sun Jan 24 04:41:43 +0000 2021

RT @cloudhead: Super excited to announce the project that’s been occupying my evenings over the last year: Nakamoto is a new #Bitcoin light…

Sun Jan 24 04:44:30 +0000 2021

RT @emollick: Cool paper looks at 5,000+ board games to show that amateur game makers can be more creative than professional developers bec…

Mon Jan 25 04:57:28 +0000 2021

Another reminder of the need to preserve pseudonymity as only with it can we have truly open uncoerced discourse to solve real problems “She can still keep blogging because she’s pseudonymous—and has been since 2004. Many of my friends from that era…are in dire straits.”—@zeynep https://twitter.com/zeynep/status/1353508592578654211

Mon Jan 25 19:13:18 +0000 2021


Remember that many of these countries are allies of the US & Europe, and we continue to look the other way when digital civil rights are abridged and result in violation of human rights. And remember, coercion isn’t only violence—it includes attacks against financial livelihood.

Mon Jan 25 19:18:02 +0000 2021

RT @Fonta1n3: 1/ Hey multisig users, introducing Gordian Cosigner!

@BlockchainComns has taken me on to build a dedicated Cosigner app for…

Mon Jan 25 23:03:44 +0000 2021

RT @Fonta1n3: 2/ The idea is you can use it to create/add cosigners, create/import accounts and add psbt’s to sign.

All functionality cur…

Mon Jan 25 23:03:57 +0000 2021

RT @Fonta1n3: 3/ The repo is here: https://github.com/BlockchainCommons/GordianCosigner-Catalyst

Mon Jan 25 23:04:00 +0000 2021

RT @Fonta1n3: Should mention this is interoperable with @GordianWallet @SpecterWallet @FullyNoded @SparrowWallet @bluewalletio @ElectrumWal…

Mon Jan 25 23:04:04 +0000 2021

I think this is a very important question. Being able to actively be able to survive the uncomfortable heights of uncertainty is required to achieve the best solutions, otherwise we risk being lost in desolate valleys where choices are sub-optimum but certain. https://twitter.com/rdonoghue/status/1353791153712164865

Mon Jan 25 23:30:02 +0000 2021

Though I share concern about extremists use of the internet, it is mass social media’s amplification effect that caused the greater harm, not the anonymity. I feel the greater risk is to not allow the vulnerable to speak freely without coercion. Thus my support of anonymity. https://twitter.com/SarahJamieLewis/status/1354117439731232768

Tue Jan 26 22:43:55 +0000 2021

Replying to @1stCrassCitizen

I agree with your statement in general but it has an important subtlety missing. Having privacy often requires silence & invisibility. Having anonymity means you can have a voice, even if that is solely the freedom of an uncoerced choice at the ballet box or with your pocketbook.

Tue Jan 26 23:03:45 +0000 2021

I’d love to see this fee estimation added to the self-sovereign @SpotBit service via a #TorGap, along with the pricing history it is already hosting. See https://www.spotbit.info/spotbit/ or it’s onion: http://h6zwwkcivy2hjys6xpinlnz2f74dsmvltzsd4xb42vinhlcaoe7fdeqd.onion https://twitter.com/RCasatta/status/1353704085493526529

Tue Jan 26 23:13:11 +0000 2021

#smartfriends: I need to file US 1099s, from multiple of my companies, to subcontractors before end of the week. The software service I used last year was $5 per person to efile, print & mail the forms. Maybe worth it but the UX was annoying. What the the best service for this?

Wed Jan 27 01:47:04 +0000 2021


“… In an open society, the ability to buy political books, have discreet medical procedures, and build communities without government surveillance is essential.” — @gladstein

Wed Jan 27 01:55:41 +0000 2021

👍 “Most Americans may not yet grasp that financial privacy is just as important as communications privacy for our democracy—that your spending habits say more about you than your words… https://twitter.com/gladstein/status/1354116825345257473

Wed Jan 27 01:55:41 +0000 2021

RT @hackylawyER: 1/ ** Some professional news **

I’m delighted to announce that I’ve joined the faculty at the University of @NotreDame as…

Wed Jan 27 01:58:09 +0000 2021

RT @marksammiller: @msimoni Hi @msimoni glad you like it! Both @ChristopherA and Jonathan Shapiro (Shap) have looked into it. Shap rebuilt…

Wed Jan 27 08:30:53 +0000 2021

Replying to @marksammiller and @msimoni

I still have some of the original Xanadu documents in three-ring binders, mostly from the Spire release. These include a chapter on the Club System. I’m still interested in implementing a cryptographic version of it with Schnorr someday, maybe with the next version of #LSATs.

Wed Jan 27 08:36:43 +0000 2021


You could choose to store your keys in hot wallets, which are directly connected to the internet, or in cold storage, which takes them offline. Each has its own advantages and limitations. [2/10]

Wed Jan 27 17:45:52 +0000 2021

Bitcoin has quadrupled in value in the last year, which makes #SmartCustody more important than ever. Your holdings might now be worth more than you think. How secure are your digital assets? [1/10] https://twitter.com/ChristopherA/status/1267560481855639553

Wed Jan 27 17:45:52 +0000 2021


Because you don’t want to be these guys: millionaires on paper who can’t access their digital funds. (Key Fragility, or accidental key loss, is a prime adversary in #SmartCustody) [4/10] https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html

Wed Jan 27 17:45:53 +0000 2021


The #SmartCustody process teaches you how to use cold storage safely and securely, so that you can protect your digital funds yourself. Though emerging tools are changing the landscape, this process remains today the best way to manage self-custody. [3/10] https://github.com/BlockchainCommons/SmartCustodyBook

Wed Jan 27 17:45:53 +0000 2021


Using the #SmartCustody procedures we offer, you spend two hours to setup two Ledgers and a metal tile to preserve your master seeds no matter what. The procedure balances safety, security, and usability and improves on old non-redundant and insecure methods. [5/10]

Wed Jan 27 17:45:54 +0000 2021


If you’d prefer a personal consultation, I can review your current custody setup and suggest revisions to enable #SmartCustody. Send me a message to set up an introductory conversation. [8/10]

Wed Jan 27 17:45:55 +0000 2021


You can download the book right now. It’s entirely free thanks to our early patrons. [7/10] https://bit.ly/SmartCustodyBookV101

Wed Jan 27 17:45:55 +0000 2021


If you want, you can also take the next step, using our risk modeling to reshape this basic procedure to best accomodate your assets and your suspected adversaries. [6/10]

Wed Jan 27 17:45:55 +0000 2021


If you’d like to help Blockchain Commons to carefully review & add these mulitsig and other methods to v2 of #SmartCustody, consider making a one-time donation of Bitcoin at our BTCPay (https://smartcustody.btcpay.blockchaincommons.com/) or becoming a GitHub patron (https://github.com/sponsors/BlockchainCommons). [10/10]

Wed Jan 27 17:45:56 +0000 2021


There’s more for #SmartCustody in the future! Blockchain Commons is actively working on new methods like airgaps, torgaps, and multsigs, along with new hardware like @GordianWallet, @COLDCARDwallet, @CoboVault, @FOUNDATIONdvcs & #SpectreWallet. [9/10] https://github.com/BlockchainCommons/SmartCustodyBook/blob/master/TODO.md

Wed Jan 27 17:45:56 +0000 2021

I presented to @marksammiller in the early 90s during the tail days of Xanadu how the Club System could be implemented cryptographically with RSA. Today with Schnorr musig, adapter signatures, LSATs, smart signature scripts & other modern cryptography could be even more powerful. https://twitter.com/msimoni/status/1354172410786938888

Wed Jan 27 18:32:20 +0000 2021

Replying to @rsnous and @msimoni

There were multiple architectures in the days before unix won the early race. Many had other concepts like object capabilities that would have been a much better today than legacy approaches that evolved into what we do now. Breaking these legacy “darkitectures” is important.

Wed Jan 27 18:41:11 +0000 2021

If you have used my “Learning Bitcoin from the Command Line” course, Bitcoin Standup, Gordian Server, or @FullyNoded, I encourage you to fill out this survey. https://twitter.com/achow101/status/1351632999167778820

Wed Jan 27 18:46:44 +0000 2021

Rebooting Web of Trust (#RWOT) is back, with a virtual salon this February 25th. We’re creating a future for decentralized and self-sovereign identity on the internet, where you remain in control [1/7]. https://decentralizedprivacy2021.eventbrite.com

Wed Jan 27 21:43:21 +0000 2021


Today reminds us that protecting identity info is vitally important: before WWII, the Dutch had very complete records; when the Nazis took over, they were able to abuse them and 75% of the Netherlands’ Jews died. [2/7] https://twitter.com/ChristopherA/status/1243439314295390208

Wed Jan 27 21:43:22 +0000 2021


I hope you’ll join me for the next step. After nine in-person workshops, this year’s virtual salon gives you the opportunity to learn what we’ve been doing and have your say, without having to travel. I hope to see you there. [7/7] https://decentralizedprivacy2021.eventbrite.com

Wed Jan 27 21:43:23 +0000 2021


The focus on digital civil and human rights, which was one of my founding principles at #RWOT, is also deeply embedded in my new work for Blockchain Commons: we are intent on preserving human privacy and dignity on the internet. [6/7] http://www.blockchaincommons.com/

Wed Jan 27 21:43:23 +0000 2021


One of the technologies we incubated was the Decentralized Identifier (DID), which I’ve since helped to bring to a v1.0 working draft at W3C. [5/7] https://www.w3.org/TR/did-core/

Wed Jan 27 21:43:23 +0000 2021


#RWOT has been addressing this danger since 2015. We’ve incubated new technologies for managing decentralized information, but open questions remain on how to manage privacy risks. [4/7] https://www.weboftrust.info/pastevents.html

Wed Jan 27 21:43:23 +0000 2021


We need to protect our information to avoid abuses, and that means keeping it away from centralized entities, who even with the best intentions could be exploited. Dreamer data in the US offers a more recent example. [3/7] https://www.wired.com/story/daca-trump-dreamer-data/

Wed Jan 27 21:43:23 +0000 2021

RT @Appelcline: Rebooting Web of Trust has been part of my life since 2015. Great to see it coming back as a virtual salon in February (and…

Wed Jan 27 23:01:31 +0000 2021

I’ve been waiting for hardware to start supporting this. Why? If your wallet’s firmware becomes compromised in an “evil maid attack” it can slowly leak the seed in the “random” nonce required by the signatures. Enough transactions watched seed is revealed. This prevents that. https://twitter.com/jonasschnelli/status/1354505121821061121

Thu Jan 28 05:45:44 +0000 2021


We’re also working on best-practices standards for what each phase needs. When do we document? When do we interact with testers? When do we do static analysis? When do we security review? [3/5] https://github.com/BlockchainCommons/Community/blob/master/release-path-standards.md

Thu Jan 28 19:50:32 +0000 2021


We recently put the spotlight on ourselves by detailing what our various development phases mean, from Research to Release. [2/5] https://github.com/BlockchainCommons/Community/blob/master/release-path.md

Thu Jan 28 19:50:32 +0000 2021

Codifying best practices is one of our most important tasks at Blockchain Commons. We want to both represent what the blockchain industry is doing and to present our own conclusions for how to design safe, secure, decentralized software. [1/5] https://www.blockchaincommons.com/

Thu Jan 28 19:50:32 +0000 2021


Let me know here, or join me in our Airgapped Wallet Community, where we’re working together to instill the growing blockchain industry with the knowledge and wisdom of all of its participants. [5/5] https://github.com/BlockchainCommons/Airgapped-Wallet-Community/discussions/41

Thu Jan 28 19:50:33 +0000 2021


There is a balancing act as a startup between doing too little & doing to much, so this is very much a work-in-progress, and we’d love to get your feedback. What requirements do you set for your own critical code and when? How can we improve and fill out our best practices? [4/5]

Thu Jan 28 19:50:33 +0000 2021

RT @FiloSottile: Exploitable heap overflow in libgcrypt 1.9.0 (┛ಠ_ಠ)┛彡┻━┻

It’s the crypto library that gpg uses. Homebrew has 1.9.0 right…

Fri Jan 29 18:25:26 +0000 2021

Replying to @TokensoftInc and @chris_walker_

You should look at our new UR work for airgapped QR codes between bitcoin wallets , which is exploring similar space, but also supports animated QRs when the QR gets too large, self-describing binary data, shamir, and many other benefits. https://github.com/BlockchainCommons/Airgapped-Wallet-Community/discussions

Sat Jan 30 01:14:17 +0000 2021

Replying to @TokensoftInc and @chris_walker_

More details in this blog post, and in our Research repo. https://www.blockchaincommons.com/projects/Blockchain-Commons-URs-Support-Airgapped-PSBTs/

Sat Jan 30 01:15:49 +0000 2021

Replying to @TokensoftInc and @chris_walker_

Features include:

  • Transport binary data of arbitrary content and length using a sequence of one or more URIs or QR codes.
  • Remain agnostic about whether QR codes are displayed together or time-sequenced (animated).

Sat Jan 30 01:16:53 +0000 2021

Replying to @TokensoftInc and @chris_walker_

  • Avoid the use of QR code binary mode to support transparency and wide compatibility with QR code reader libraries.
  • Use the alphanumeric QR code mode for efficiency.

Sat Jan 30 01:17:14 +0000 2021

Replying to @TokensoftInc and @chris_walker_

  • Be case agnostic, allowing use of all upper case letters (for QR code transport) or all lower case letters (canonical for display and URIs)
  • Include a CRC32 checksum of the entire msg in each part to tie them together and ensure the transmitted message has been reconstructed.

Sat Jan 30 01:17:46 +0000 2021

Replying to @TokensoftInc and @chris_walker_

  • Each single part should also be a valid URI and not require escaping (e.g. percent-encoding) of any of its characters.
  • Support the addition of structure in the binary data. Initially specify how binary data representing undifferentiated byte strings should be encoded.

Sat Jan 30 01:18:04 +0000 2021

Replying to @TokensoftInc and @chris_walker_

  • Support transmitting an arbitrary amount of data both as a minimal, finite sequence of parts and as an indefinite sequence of parts using a “rateless encoding” Fountain Code based on Luby Transform code.

Sat Jan 30 01:18:14 +0000 2021

Replying to @TokensoftInc and @chris_walker_

Specs at https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-005-ur.md and multiple implementations available in multiple languages.

Sat Jan 30 01:19:47 +0000 2021

Replying to @chris_walker_ and @TokensoftInc

Precisely. We have more UX work to do with one or two round two-party protocols, but we also want to make airgap possible for multi-round, multi-party proofs as well, which is harder.

Sat Jan 30 02:03:58 +0000 2021

Replying to @chris_walker_ and @TokensoftInc

Another area of active research and early implementation is #TorGap. Combed with UR you can initiate a secure connection via a QR exchange along with a proof-of-control of keys, but then use a unique P2P only Tor address for additional connections. https://github.com/blockchainCommons/torgap/

Sat Jan 30 02:07:24 +0000 2021

👍 “liberal democracies chose surveillance over democracy as the guiding principle of social order. With this forfeit…governments crippled their ability to sustain the trust of their people, intensifying the rationale for surveillance.” — @shoshanazuboff https://www.nytimes.com/2021/01/29/opinion/sunday/facebook-surveillance-society-technology.html

Sat Jan 30 04:23:29 +0000 2021


… “Society renews itself as common sense evolves. This requires trustworthy, transparent, respectful institutions of social discourse, especially when we disagree. Instead we are saddled with the opposite”

Sat Jan 30 04:25:35 +0000 2021

Useful new cryptographic privacy-enhancing technique, helps address: “failure to protect recipient metadata can harm privacy even when the recipient uses an anonymous communications network to access the store.” https://twitter.com/secparam/status/1356010294212890632

Sun Jan 31 23:13:14 +0000 2021

RT @SarahJamieLewis: tl;dr anonymity is hard even when everyone is doing the same thing, allow people to do different things at your (syste…

Sun Jan 31 23:14:17 +0000 2021

RT @SarahJamieLewis: fuzzytags: an experimental rust implementation of a probabilistic cryptographic tagging structure for metadata resista…

Sun Jan 31 23:14:23 +0000 2021