RT @SinaKian1: One of the most underrated civil liberties of our time is financial privacy, and I don’t think people understand how big thi…

Fri Apr 01 22:07:06 +0000 2022

Replying to @SinaKian1

I would argue that other US Bill of Rights & UN Universal Declaration of Human Rights require financial privacy to function. Without financial privacy you are vulnerable to coercion—you can’t assemble and join efforts with others, participate in public speech, and more.

Fri Apr 01 22:15:21 +0000 2022

RT @ChristopherA: @SinaKian1 I would argue that other US Bill of Rights & UN Universal Declaration of Human Rights require financial privac…

Fri Apr 01 22:15:42 +0000 2022

I met with staff in the Buenos Aires Mayor’s office recently—they are serious about #SSI 👍 “(Benefits:) Empower individuals and evolve towards a paradigm where individuals and society are the social guarantors and not a few centralized entities.” https://bit.ly/3tYlFho https://twitter.com/CoinDesk/status/1509623251315707907

Sat Apr 02 05:15:30 +0000 2022

Replying to @glennhodl

You are following the wrong accounts, or too many and are unable to filter the noise. Read through my Twitter history and you’ll see high-signal to noise—I don’t waste your time. Others are good as well.

Mon Apr 04 04:18:12 +0000 2022

👍 https://twitter.com/paddi_hansen/status/1511389722790166531

Tue Apr 05 19:42:11 +0000 2022

I’ve worked with many different internet-savvy generations from elders 20 years older than I who had Arpanet, MCI & Compuserve addresses, to young adults that grew up with Wikipedia at their fingertips & voice-activated search. I do find this list reasonably accurate as to Gen-X. https://twitter.com/girdley/status/1511316526481084422

Tue Apr 05 23:52:32 +0000 2022

There is still time left to apply for a Blockchain Commons internship for summer 2022. The deadline is April 22, meetings start May 15th, and the bulk of the project work from 6/20 to 8/25. What type of intern projects are we looking for? … [1/12] https://github.com/BlockchainCommons/Community/discussions/74

Wed Apr 06 17:58:18 +0000 2022

If you’re UNIX command-line focused, you might be interested in expanding our Bitcoin Standup Scripts to install a variety of blockchain packages with a command-line (or config) interface. [4/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2395673

Wed Apr 06 17:58:19 +0000 2022

Do you like hardware projects? One idea is to adapt LetheKit to the SeedSigner platform , which will give you experience with Uniform Resources and two seed creation or signing platforms. [3/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2382520

Wed Apr 06 17:58:19 +0000 2022

We are open to your interests! The best work comes from things that people are enthusiastic about! But, we’ve also written up on Github some ideas for potential projects. See if any strike you or spark ideas of your own. [2/12] https://github.com/BlockchainCommons/Community/discussions/76

Wed Apr 06 17:58:19 +0000 2022

If your focus is human rights or UX, we are seeking better defined use cases, engagement models and designs for digital privacy & cryptocurrency [7/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2395718

Wed Apr 06 17:58:20 +0000 2022

If you have video-oriented or online education skills, you might like to adapt our Learning Bitcoin course into a YouTube learning experience. [6/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2395661

Wed Apr 06 17:58:20 +0000 2022

If you’re not an engineer, but are focused on pre-law or library sciences, you might like to help us create an inventory of current blockchain and identity laws. [5/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2395646

Wed Apr 06 17:58:20 +0000 2022

We hope that you’ll be encouraged to apply for our internship program, with one of these projects, or with ideas of your own. For details on how to apply, see: [10/12] https://github.com/BlockchainCommons/Community/discussions/74

Wed Apr 06 17:58:21 +0000 2022

We’ve written over a dozen ideas to enthuse or inspire. You are also welcome to add your own ideas! [9/12] https://github.com/BlockchainCommons/Community/discussions/76

Wed Apr 06 17:58:21 +0000 2022

If you want to be more on the leading edge of technology, you might like to explore Timelock or other technologies to make it easier to leave digital assets to heirs. [8/12] https://github.com/BlockchainCommons/Community/discussions/76#discussioncomment-2417187

Wed Apr 06 17:58:21 +0000 2022

We’ve had great successes in the last few years of internships and also brought some great people into the industry. We’re looking forward to more of each this summer! [12/12]

Wed Apr 06 17:58:22 +0000 2022

We are also seeking volunteers who might be excited to mentor interns and sponsors who might want to fund the program to expand it. Contact us at team@blockchaincommons.com if you are interested in helping out with either role! [11/12]

Wed Apr 06 17:58:22 +0000 2022

Replying to @ChaincodeLabs

Any chance I can get you to share this opportunity with your community?

Thu Apr 07 03:41:48 +0000 2022

I’m looking forward to returning to #RebootingWebOfTrust this September in The Hague— we have a lot to catch up on! Topics range from increased interest by progressive governments in the EU, Buenos Aires, etc., to new privacy threats from authoritarian countries, and much more. https://twitter.com/RWOTEvents/status/1512876315900141569

Sun Apr 10 01:46:19 +0000 2022

I’m seeing this kind of table and warning lately, but the 16-18 character recommendation only applies to legacy sites still use long deprecated MD5. If the server is using more recent bcrypt, Scrypt, PBKDF2, or OPAQUE then 12 is likely fine. PROVIDED you use different passwords. https://twitter.com/ezrabowman/status/1513156787809095688

Mon Apr 11 21:12:38 +0000 2022

Is anyone using code from Bitcoin Lightning’s BOLT #8 “Encrypted and Authenticated Transport” in other contexts? If it is generalizable it looks like it might be a good solution for other privacy protocols that encrypt and authenticate connection with peer. Especially if Schnorr.

Tue Apr 12 01:13:30 +0000 2022

Replying to @SATSCARD, @Coinkite, @BitcoinMagazine and @TAPSIGNER

Our Blockchain Commons reference Gordian Wallet support NFC now. Where can we get details, developer info, and dev sampled to add our support for this?

Wed Apr 13 01:53:55 +0000 2022

The most exciting thing is that our community has really gelled. We’ve got two new sustaining sponsors, @CrossbarInc and http://Proxy.com, bringing new silicon chip design and identity hardware expertise to our commons. [2/12]

Thu Apr 14 11:29:00 +0000 2022

We had a great last quarter for @BlockchainComns. Today’s quarterly report shares details about our recent accomplishments and offers some of our priorities for the coming year. [1/12] https://twitter.com/BlockchainComns/status/1514560141021966336

Thu Apr 14 11:29:00 +0000 2022

We published Gordian Seed Tool 1.4 with support for MicroSDs and NFCs, to make the export of seeds safer and more secure. [5/12] https://apps.apple.com/us/app/gordian-seed-tool/id1545088229

Thu Apr 14 11:29:01 +0000 2022

There’s lots more! We’re working on new crypto-msg and crypto-envelope specs and have released test vectors for crypto-request and crypto-response [4/12]. https://github.com/BlockchainCommons/crypto-commons/blob/master/Docs/crypto-request-test-vectors.md

Thu Apr 14 11:29:01 +0000 2022

We also had a great new independent software contribution to the commons courtesy of Jonas Wagner, @sjlver who produced https://seedtool.info, a WebAssembly web-page version of our seedtool-cli that improves the accessibility of these critical seed functions and SSKR. [3/12]

Thu Apr 14 11:29:01 +0000 2022

Looking forward, we’re thrilled that Rebooting the Web of Trust @RWOTEvents is asking us to save the date for September 26-30, for a new design workshop in The Hague (originally planned pre-covid as our fall 2020 venue!). [8/12] https://www.weboftrust.info/

Thu Apr 14 11:29:02 +0000 2022

SmartCustody saw big expansions. We’ve a raw draft of a new scenario for Bitcoin multisig, which we’re finalizing, and we’ve already published case studies of three hardware and software packages, discussing how well they support Gordian Principles. [7/12] https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Case-Studies-Overview.md

Thu Apr 14 11:29:02 +0000 2022

We also are now running our own Esplora service both on the public web and via Tor to add another source of truth to Bitcoin blockchain infrastructure. [6/12] http://esplora.blockchaincommons.com/

Thu Apr 14 11:29:02 +0000 2022

You can support our continued work to create an open & interoperable, secure & compassionate digital infrastructure, and advocate for human dignity and enable people to control their own digital destiny — become a patron of Blockchain Commons! [12/12] https://github.com/sponsors/BlockchainCommons

Thu Apr 14 11:29:03 +0000 2022

We’re looking forward to a lot more in 2022. Please take a look at our priorities for the coming year in our full report. See something missing that you’d like us to work on? Sponsor us! [11/12] https://www.blockchaincommons.com/quarterlies/Q1-2022/

Thu Apr 14 11:29:03 +0000 2022

And mid-May, we’re planning a Silicon Salon, to talk about the next generation of secure enclaves in hardware, with sponsorship from our new community member @CrossbarInc. If you are interested in participating in or sponsoring this virtual event, let us know. [10/12]

Thu Apr 14 11:29:03 +0000 2022

We’ve also got our own internship program coming up this summer. Applications are being accepted through April 22nd! [9/12] https://github.com/BlockchainCommons/Community/discussions/74

Thu Apr 14 11:29:03 +0000 2022

RT @hdevalence: ok this is a sick stunt hacking demo https://www.usenix.org/system/files/sec22summer_genkin.pdf https://t.co/l3gCrB3BfY

Thu Apr 14 19:26:29 +0000 2022

RT @colmmacc: @durumcrustulum Evergreen reminder that AES has been broken with demonstrated key-recovery attacks from side-channels in prac…

Thu Apr 14 19:28:49 +0000 2022

Map of laws for compelled decryption and lawful intercept. Too much red & yellow, and I gave some doubts about some of the green in reality. 🕵🏻‍♂️ https://twitter.com/durumcrustulum/status/1514206448137478149

Thu Apr 14 19:34:33 +0000 2022

We’ve (@BlockchainComns) have had interns & contributors from Ethiopia. Already on our roadmap this summer is more support & documents on pseudonymous development best practices (some done in last year’s internship program and available now). https://twitter.com/durumcrustulum/status/1514208918167248896

Thu Apr 14 19:38:43 +0000 2022

This our current guide, lead by @namcios https://github.com/BlockchainCommons/Pseudonymity-Guide

Thu Apr 14 19:42:02 +0000 2022

😂 https://twitter.com/durumcrustulum/status/1514250869230907396

Thu Apr 14 19:48:42 +0000 2022

RT @gtank__: Efficient new CRLs and approximate set representations from ribbon filters. Always within 11% of optimal, available in Rust un…

Thu Apr 14 19:56:28 +0000 2022

The current proprietary silicon ARM processors are not good enough. We need development of Secure Enclave’s that are inspectable and have some form of open development. @BlockchainComns is planning a virtual Silicon Salon to explore this topic with experts mid-May. Contact me. https://twitter.com/durumcrustulum/status/1514597821667635203

Thu Apr 14 20:18:28 +0000 2022

A new low-entry cost journal for academic cryptographic papers is overdue. The current journals (and practices) are insufficient. I’d also like to see more access by practitioners, not just academics. https://twitter.com/durumcrustulum/status/1514615411324559362

Thu Apr 14 20:24:35 +0000 2022

Related from @gtank__ https://twitter.com/gtank__/status/1204221342343684096?s=21&t=EA2qSR11gzRK6DxYKKLx_A

Thu Apr 14 20:27:48 +0000 2022

I fought to allow for TLS to be used for more than http & used my authority as co-editor of IETF TLS 1.0 to register these used with IANA. It isn’t the fault of TLS, but that there are no incentives or financial support for legacy. And everything becomes legacy someday. https://twitter.com/gtank__/status/1514507625844469764

Thu Apr 14 20:35:46 +0000 2022

This why I founded #RebootingwebOfTrust @RWOTEvents 6 years ago. We are making progress, but the legacy can’t be iterated or even refactored. We must go back to first principles. Join us in The Hague September 26th-30th! #RealWorldCrypto https://twitter.com/e7p/status/1514601152339275777

Thu Apr 14 20:51:26 +0000 2022


Thu Apr 14 20:51:46 +0000 2022

Replying to @e7p and @RealWorldCrypto

I think it is worse than that. I’ll bet 90%+ of that 10% only use PGP for verification of downloaded code & maybe some will signing of code & commits. They are not using PGP for email, with the slight exception of Protonmail to Protonmail which almost does not count.

Thu Apr 14 21:33:43 +0000 2022

RT @ChristopherA: @e7p @RealWorldCrypto I think it is worse than that. I’ll bet 90%+ of that 10% only use PGP for verification of downloa…

Thu Apr 14 21:38:00 +0000 2022

There are a variety of techniques to avoid nonce problems in cryptographic protocols, ranging from deterministic nonces, VRFs (Verifiable Random Functional), and various zk- & non-zk tricks for provable inclusion of randomness. For instance… https://twitter.com/cronokirby/status/1514605363282161665

Thu Apr 14 21:51:00 +0000 2022

…here are some approaches between the transaction coordinator & hardware wallet to prevent the signer from exfilitrating secrets in signature nonces. I hope to add this to @BlockchainComns standards this year: https://medium.com/blockstream/anti-exfil-stopping-key-exfiltration-589f02facc2e

Thu Apr 14 21:51:01 +0000 2022

Replying to @e7p and @RealWorldCrypto

I’d rather move to ssh signing of code & commits than continuing to use PGP. We can do better (a goal of #RebootingWebOfTrust) but until then: https://twitter.com/ChristopherA/status/1459578822588731394

Thu Apr 14 21:54:30 +0000 2022

Replying to @arcbtc and @killamikemilla

We also a specific set we use called ByteWords to encode binary data (such as cryptographic seeds) as easy-to-recognize, hard-to-confuse words. Bytewords are also well-integrated with QRs and Wallets interoperability UR standards. https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-012-bytewords.md

Sat Apr 16 03:58:50 +0000 2022

Replying to @arcbtc and @killamikemilla

There was a really nice demo at #RWOT where you played a game-like 3D scenario in exactly the same way, and it would generate seed words. Easy to memorize.

Sat Apr 16 04:02:36 +0000 2022

Replying to @arcbtc and @killamikemilla

Here it is. https://twitter.com/ChristopherA/status/1047643223236083713

Sat Apr 16 04:05:20 +0000 2022

Replying to @arcbtc and @killamikemilla

Lots of other ideas in this #RebootingWebOfTrust collaborative paper. We will be meeting again in The Hague in September (see @RWOTEvents): https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/final-documents/DecentralizedAutonomicData.md

Sat Apr 16 04:09:19 +0000 2022

I can’t seem to find any presentation, paper link or video to #RealWorldCrypto “Threshold Cryptography as a Service” (Rabin, et al) at the program page or via search. I am very interested in this topic as we are implementing. Does anyone have any link or @ contact info? Thanks!

Mon Apr 18 17:40:31 +0000 2022

Replying to @attractfunding

No, it was presented last week at #RealWorldCrypto — @durumcrustulum live blogged about starting at : https://twitter.com/durumcrustulum/status/1514896813018562560

Mon Apr 18 17:54:17 +0000 2022

I have found some older work, but I’m seeking the details behind the live blog slides shared by @durumcrustulum last week starting at: https://twitter.com/durumcrustulum/status/1514896813018562560

Mon Apr 18 17:56:49 +0000 2022

I particularly am interested as FROST is on @BlockchainComns implementation roadmap for ‘22. FROST uses VSS & there are slides that imply some interesting social key recovery possibilities & other ideas. Don’t know if their tech is compatible with FROST’s VSS or secp256k1.

Mon Apr 18 18:03:03 +0000 2022

Replying to @JWWeatherman_

There is also an experimental cli app mori-cli https://github.com/BlockchainCommons/mori-cli by former @BlockchainComns intern @negrunch which we used for some testing of these timelock concepts. We will be exploring more this year in hope to add to #SmartCustody scenarios when mature. Support us!

Mon Apr 18 23:28:25 +0000 2022

@Caralie_C There are a few days left before our application deadline for our @BlockchainComns internship program. If you know of some good applicants can you pass this on? https://bitcoinmagazine.com/business/blockchain-commons-announces-bitcoin-internship-program

Wed Apr 20 15:29:42 +0000 2022

Replying to @claudiorlandi and @satrajit_

I actually did look at this video (slipped parts) but you didn’t bring up FROST. What do you think of it?

Wed Apr 20 18:05:48 +0000 2022

I still have not been able to find slides, paper or video for this talk at #RealWorldCrypto - anyone have contact info for Rabin? @KazueSako @josephbonneau PM me if you do. Thanks! https://twitter.com/ChristopherA/status/1516109432387616768

Wed Apr 20 18:15:40 +0000 2022

Replying to @claudiorlandi and @satrajit_

I’d still be interested in your approach. Does your threshold ECDSA also do a Peterson VSS? We’d like to puzzle out how to do this safely with support from cloud services. Do you have slides or a paper?

Wed Apr 20 23:07:02 +0000 2022

RT @claudiorlandi: @ChristopherA @satrajit_ Slides of the talk: https://cse.iitkgp.ac.in/ncsam/slides/talk-3-claudio-orlandi.pdf
Main papers described: https://eprint.iacr.org/2019/889 http…

Thu Apr 21 17:08:29 +0000 2022

RT @TBD54566975: The Break Down: What are DIDs?

Thu Apr 21 19:10:55 +0000 2022

Tomorrow is the last day for applications to our Blockchain Commons internship program starting next month. We have applicants from all over the world, and not only engineers but students with other skills to bring to our community. Share if know someone who should be involved! https://twitter.com/ChristopherA/status/1511765254744682499

Thu Apr 21 19:20:24 +0000 2022

I’m pleased to hear that PETS (Privacy Enhancing Technologies Symposium) will be moving out of the academic publishing straightjacket to open access. As a non-academic who has dabbled in academia, having so much quality work behind paywalls hurts our work towards a better future. https://twitter.com/PET_Symposium/status/1517919439274102785

Sun Apr 24 20:11:07 +0000 2022

I’ve mixed feelings about MetaMask moving to closed source. Yes, we need funding models for infrastructure, but Consensys has already made a fortune of off tokens. I also really don’t like their risky privacy & security architecture. We need a better solution to both problems! https://twitter.com/MetaMask/status/1296586344299294720

Mon Apr 25 22:32:51 +0000 2022

I’ve also long been concerned about the centralized nature of Metamask, Infura & Consensys. There also really is no transparency. If anything we need funding models that also support open development (just open source isn’t good enough), not moving to closed decisions.

Mon Apr 25 22:38:08 +0000 2022

…will be hard. Metamask and almost all derivatives suffer from hot keys, key reuse, confused deputy problems, and more. Can be solved (it is not inherently an ETH blockchain problem but a wallet design problem) but expensive.

Mon Apr 25 23:21:11 +0000 2022

Blockchain Commons has been investigating with the support of our Sustaining Patrons if we could offer a superior architecture for ETH (and related account based chains). We certainly can (and will) offer #SmartCustody advice as best practices, but to replace architecture…

Mon Apr 25 23:21:11 +0000 2022

Replying to @edmundedgar, @LefterisJP and @rotkiapp


Mon Apr 25 23:39:17 +0000 2022

Replying to @AnastasiaU and @GetBlockWallet

Don’t forget @BlockchainComns — we create open & interoperable, secure & compassionate, digital infrastructure and advocate for human dignity online by enabling people to control their own digital destiny.

Tue Apr 26 00:37:07 +0000 2022

It has gotten to the point where I believe sales of tokens promised to hardware vendors & exchanges make more cash than any profits from the product. Great for getting a funding for a wallet company going, but what about long term? The incentives are biased against the consumer.

Tue Apr 26 19:49:12 +0000 2022

Though I don’t see any particularly exciting features in the technology behind @CeloOrg $CELO token, I can see a niche appeal of a token for local economies, ecology, web3, etc. But how do we evaluate that? Approval by @Ledger is helpful signal, but was that blessing paid for?

Tue Apr 26 19:49:12 +0000 2022

I appreciate the hard work Ledger & other hardware wallet vendors do to support cryptocurrency ecosystems. However, the practice of being paid to add a token or currency results in incentives that are harmful for long-term support of wallet infrastructure. Needs transparency! … https://twitter.com/Ledger/status/1518922851096711169

Tue Apr 26 19:49:12 +0000 2022

So what #transparency standards should we ask of our wallet vendors? Compensation, supply chain, chips, open source used, design principles? @BlockchainComns has started some case studies on different wallets—what other information do we need to add? https://github.com/BlockchainCommons/SmartCustody/blob/355b64c721aebc720c0dd586d0f57d82cda923b5/Docs/Case-Studies-Overview.md

Tue Apr 26 19:49:13 +0000 2022

This is also related to my concerns about other parts of the cryptocurrency ecosystem, such as the recent change by Consensys to take the dominant ETH Metamask wallet to closed source. #Transparency is missing! https://twitter.com/ChristopherA/status/1518719716407136256

Tue Apr 26 19:49:13 +0000 2022

I don’t know how to solve this problem, but #transparency would help. I’d be much more likely to purchase (and recommend) wallet hardware where I can possibly understand the economic biases and make decisions accordingly.

Tue Apr 26 19:49:13 +0000 2022

And as always, your ongoing support is needed to continue our work. Become a monthly patron of @BlockchainComns at https://GitHub.com/sponsors/BlockchainCommons!

Tue Apr 26 19:49:14 +0000 2022

Let us know what else you want to see in these case studies, and get your wallet vendors to support us to be able to offer more of them, and keep them up to date. https://twitter.com/ChristopherA/status/1491828888984379406

Tue Apr 26 19:49:14 +0000 2022

Replying to @kanzure

In theory, you could have a large number of heterogeneous computers at many locations participate in a DKG (distributed key generation, like what is created in the first steps of FROST multisig) to always sign for you. That is the concept behind white-city https://github.com/ZenGo-X/white-city/blob/master/White-City-Report/whitecity_new.pdf

Wed Apr 27 04:00:18 +0000 2022

Replying to @kanzure

In practice, I think it is too easy to deny with large k of m thresholds due with DDOS, network partition attacks, latency etc. So having some additional hardware trust for smaller quorums and faster latency is useful.

Wed Apr 27 04:03:24 +0000 2022

Replying to @kanzure

/cc @zmanian

Wed Apr 27 04:05:28 +0000 2022

Replying to @cronokirby


Sat Apr 30 02:21:06 +0000 2022

Replying to @cronokirby


Sat Apr 30 02:22:13 +0000 2022

Replying to @cronokirby


Sat Apr 30 02:22:57 +0000 2022

Replying to @cronokirby and @espadrine

Implementions in multiple languages https://github.com/BlockchainCommons/LifeHash

Sat Apr 30 02:24:11 +0000 2022

Replying to @btcitadad

Support @BlockchainComns — we create open & interoperable, secure & compassionate digital infrastructure and advocate for human dignity online by enabling people to control their own digital destiny. https://www.blockchaincommons.com

Sat Apr 30 02:31:37 +0000 2022

RT @Hacxyk: 11/n
DeFi hacks are reckless. Even after being examined by best-of-the-best researchers in the space, there’s still loopholes t…

Sat Apr 30 22:12:54 +0000 2022