Talk with cryptographers & semiconductor manufacturers about new silicon-based cryptographic functionality. Sign up now for our third virtual #SiliconSalon on January 18 at 9am PT. [1/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Wed Jan 04 09:26:22 +0000 2023


Cramium @crossbarinc will discuss “Silicon & MPC”, overviewing silicon architecture approaches that address concerns of security, performance and efficiency as well as economic concerns and flexibility, all to accommodate future improvements. [4/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


Bunnie from @bunniestudios will present “Toward a More Open Secure Element Chip” — “What are the elements that make a semiconductor more or less “open”? How do you maintain openness in a proprietary ecosystem, and is there a purpose to secrecy in security? [3/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


If you have not seen the presentations and discussions from our last Silicon Salon, they are at https://www.siliconsalon.info/salon2/

We have three more presentations locked down for the 18th: [2/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


We hope to see you all at Silicon Salon 3! [7/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Wed Jan 04 09:26:24 +0000 2023


As usual, our feature presentations will be supplemented by discussions! https://www.siliconsalon.info/salon1/#discussions

Join in to contribute your points of view and your requirements for cryptographic silicon! [6/7]

x-icon Wed Jan 04 09:26:24 +0000 2023


Finally, Kavya Sreedhar will present “A Fast Large-Integer Extended GCD Algorithm and Hardware Design for Verifiable Delay Functions and Modular Inversion”. [5/7] http://ia.cr/2021/1292

x-icon Wed Jan 04 09:26:24 +0000 2023


Replying to @sbisson

@sbisson, beautiful photos. @joncallas pointed me here after seeing: https://twitter.com/gunsnrosesgirl3/status/1598231952854614016

x-icon Thu Jan 05 21:48:56 +0000 2023


For example, in next week’s virtual Silicon Salon 3, Kavya Sreedhar will be presenting about a 16nmn semiconductor design for constant-time modular inversion for Curve25519 using XGCD — 31 times faster than software! But more importantly, it can be hardened in silicon…[2/9]

1612527730691821568-FmDRyAZacAARLrT

x-icon Mon Jan 09 19:12:24 +0000 2023


Why is the discussion & community we are building at #SiliconSalon so important? Our problem is that silicon-based security is lagging, supporting only decade+ old crypto—no blockchain, no ZKP. The result is modern cryptography is done in user space. Let’s solve this!🧵… [1/9]

1612527727697088512-FmDX4tvaMAEa_fL

x-icon Mon Jan 09 19:12:24 +0000 2023


Bunnie of @bunniestudios will be talking about “where to draw the line for openness…the perceived fear/uncertainty/doubt (FUD) around a particular attack surface tends to have an inverse relation to the actual size of the attack surface.”…[3/9]

1612527734361841664-FmDSpAFaMAAF87E

1612527734361841664-FmDSv-qaMAADFPm

x-icon Mon Jan 09 19:12:25 +0000 2023


The goal of the Silicon Salon community hosted by @BlockchainCommons is to bridge the gap between semiconductor manufacture and wallet design, between academia and real-world usage. Take a look at our archives to see what we’ve done so far. [6/9] https://www.siliconsalon.info/

x-icon Mon Jan 09 19:12:26 +0000 2023


Semiconductor designer @CramiumLabs, working on the next generation of secure chips, desires to support MPC-based distributed key management (FROST, Threshold ECDSA, etc), which is receiving insufficient hardware support and academic attention but is an important future.…[5/9]

x-icon Mon Jan 09 19:12:26 +0000 2023


“The current NDA-heavy status quo for chips creates an analytical barrier that prevents us from determining how big the actual attack surface is. Without intimate knowledge of how the hardware is functions, there are important classes of software bugs we can’t analyze.”…[4/9]

x-icon Mon Jan 09 19:12:26 +0000 2023


Together, we can ensure that the next generation of cryptographic semiconductors meets everyone’s needs, advancing the entire cryptography industry. Support our efforts to host these conversations & build this community by sponsoring us at https://github.com/sponsors/BlockchainCommons/ [9/9]

x-icon Mon Jan 09 19:12:27 +0000 2023


We hold these Silicon Salon events quarterly, with our next one in April. We are planning now, and if you have a topic you’d like to present next quarter, let me know: pain points, architectures, secure boot & firmware, supply chains, threats & countermeasures, and more. [8/9]

x-icon Mon Jan 09 19:12:27 +0000 2023


Next week, join cryptographers & semiconductor manufacturers to discuss requirements for new silicon-logic-based cryptographic functionality & leveraging opportunities for semiconductor acceleration. January 18th, 9am-noon PT hosted online via Zoom. [7/9] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Mon Jan 09 19:12:27 +0000 2023


Replying to @peterktodd

User space itself is not necessarily bad, but it increases attack surface. In particular vulnerabilities from improper sandboxing or attacks from lower layers of the stack that user space doesn’t specifically know about or can address.

x-icon Mon Jan 09 20:29:14 +0000 2023


Replying to @peterktodd

Assuming no bugs in user space code (not a given) it still can vulnerable to lower levels, such as network stack, correlation & privacy attacks, boot & hardware vulnerabilities (in particular when hardware is not inspectable). In particular don’t like raw keys in user space.

x-icon Mon Jan 09 20:40:21 +0000 2023


Replying to @peterktodd

Yes, FPGA has a role. Bunnie of @bunniestudios has been doing FPGA emulation of RISC-V (see their presentation at the 2nd #SiliconSalon https://www.siliconsalon.info/salon2/#bunnie-studios-presentation)), and in general SS2 was about boot and supply chain.

x-icon Mon Jan 09 22:23:51 +0000 2023


Replying to @peterktodd and @bunniestudios

Part of what Bunnie wants to talk about at the next Silicon Salon is where is the line between proprietary and open hardware? It is really hard to have a completely open design right now, but “more open” is possible. Perfection is the enemy of the good here.

x-icon Mon Jan 09 22:25:37 +0000 2023


RT @TheHackersNews: 🔥 Attention all #opensource developers: If you’re using “jsonwebtoken” library in your projects, you need to take urgen…

x-icon Tue Jan 10 22:18:29 +0000 2023


“As open source software increasingly emerges as a lucrative initial access pathway for threat actors to stage supply chain attacks, it’s crucial that vulnerabilities in such tools are proactively identified, mitigated, and patched by downstream users.” True! https://twitter.com/TheHackersNews/status/1612815649801117698

x-icon Tue Jan 10 22:21:38 +0000 2023


RT @__agwa: New blog post: whoarethey: Determine Who Can Log In to an SSH Server

https://www.agwa.name/blog/post/whoarethey

x-icon Tue Jan 10 22:43:58 +0000 2023


Replying to @KyleOfTheCorn and @SeedSigner

If you want to do this you might want to do it in an interoperable way with Gordian Envelope. I know @FOUNDATIONdvcs is looking into using it to save interoperable backups to SD cards. You can encrypt with passwords or threshold of SSKR shares.

x-icon Wed Jan 11 23:08:35 +0000 2023


Join us this Wednesday to discuss the future of greater support for modern cryptography in silicon! 9am-Noon PT: https://twitter.com/ChristopherA/status/1612527727697088512

x-icon Mon Jan 16 18:20:46 +0000 2023


Continuing on this #PatentBreaker thread: Ideally, the Hilbert curve would be focused on where people actually live. Here is Europe & Asia. Of course any useful Hilbert curve for use zk-proofs to support #LocationPrivacy-focused geomapping would be a much finer grid.

1615138869695090690-Fmof0WvaMAA-Plm

x-icon Tue Jan 17 00:08:09 +0000 2023


Replying to @holochain, @Sheldrake, @molly0xFFF and @generative_

Thanks for the /HT. BTW, the article you link on Progressive Trust is from 2004, there is a more recent article (last month) with an update on my thoughts about Progressive Trust Architectures at https://www.blockchaincommons.com/musings/musings-progressive-trust/

x-icon Tue Jan 17 18:12:14 +0000 2023


A good & broad survey of discourse about Self-Sovereign Identity (aka #SSI) in recent years, by @CollinMcclain. “I want to leave this article with an invitation to think expansively and critically about identity” Yes! 👍 More is needed! https://twitter.com/Holochain/status/1615323677087698949

x-icon Tue Jan 17 18:20:39 +0000 2023


Replying to @MariaShen

Where do blockchain agnostic developers fall on your list? https://www.BlockchainCommons.com works with many chains.

x-icon Tue Jan 17 19:02:52 +0000 2023


The biggest event was the maturation of our Commons from our initial Airgap Wallet community to a more diverse group, including hardware wallets, software designers, and semiconductor manufacturers alike. Welcome to Chia, CrossBar, and Proxy in 2022! [2/9] https://www.blockchaincommons.com/sponsors.html

x-icon Wed Jan 18 20:24:52 +0000 2023


Blockchain Commons celebrates the new year with a report looking back at its considerable progress in 2022. Take a look at our growing community of developers, events, new architectures & specifications, advice and much more! 🧵 [1/9] https://twitter.com/BlockchainComns/status/1615743373201244161

x-icon Wed Jan 18 20:24:52 +0000 2023


CSR is built atop perhaps our biggest initiative for the year: #GordianEnvelope, a new “Smart Documentation” specification for storing data in a privacy-preserving way. A high-level intro: [5/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Wed Jan 18 20:24:53 +0000 2023


Another is Collaborative Seed Recovery (aka CSR). @BitmarkInc, @foundationdvcs, and @proxy are all working with us to create a way to shard your digital assets and store the shares in multiple locations in an interoperable manner. [4/9] https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md

x-icon Wed Jan 18 20:24:53 +0000 2023


The creation of a large community has allowed us to work on some big interoperable projects. One is @SiliconSalon, a quarterly series of events where we bring together different parties to talk about the future of cryptographic semiconductor design. [3/9] https://www.siliconsalon.info/

x-icon Wed Jan 18 20:24:53 +0000 2023


There was much more in 2022, including Seed Tool updates, server updates, more advocacy work in Wyoming & the EU, and updates to #SmartCustody. Read about that, and our plans for 2023. It’s all in our yearly review. [8/9] https://www.blockchaincommons.com/quarterlies/Yearly-2022/

x-icon Wed Jan 18 20:24:54 +0000 2023


Gordian Envelope is supported by a new CLI app, which lets you test out all of Envelope’s privacy-focused features, such as elision and encryption, right now. [7/9] https://github.com/BlockchainCommons/envelope-cli-swift

x-icon Wed Jan 18 20:24:54 +0000 2023


Or if you prefer video, here is a short 7-minute high-level “Introduction to Gordian Envelope”: https://www.youtube.com/watch?v=OcnpYqHn8NQ [6/9]

x-icon Wed Jan 18 20:24:54 +0000 2023


Become a sponsor to help us continue this development! A half-dozen companies have already joined us to create self-sovereign solutions for the internet! [9/9] https://github.com/sponsors/BlockchainCommons

x-icon Wed Jan 18 20:24:55 +0000 2023


I’m trying to get a definitive list of Bitcoin wallets that support @BlockchainComns airgap animated QR/UR specs for signing PSBTs. I know of @SparrowWallet, @bluewalletio, @KeystoneWallet & @CasaHODL, but I hear that @nunchuk_io & @Blockstream’s Jade Wallet now do so. Others?

x-icon Wed Jan 18 22:55:43 +0000 2023


Replying to @nvk

The number of steps for careful cold-storage of multisig is too hard, see our tedious example: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Scenario-Multisig.md However, we can do better but it requires to move toward Collaborative Seed Recovery…

x-icon Wed Jan 18 23:54:29 +0000 2023


Replying to @nvk

This is what our developer community is working on to make it easier this Q1: https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md

x-icon Wed Jan 18 23:55:54 +0000 2023


Replying to @nvk

But we also needed to safely store more metadata: descriptors, lighting channel details, FROST shares & authentication, and more, this last Q4 work on Gordian Envelope: https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Wed Jan 18 23:58:32 +0000 2023


Replying to @nvk

When we are done, none of this complexity will be visible to users.

x-icon Wed Jan 18 23:59:00 +0000 2023


RT @nunchuk_io: @ChristopherA @BlockchainComns @SparrowWallet @bluewalletio @KeystoneWallet @CasaHODL @Blockstream Confirm that we do !

x-icon Thu Jan 19 00:00:19 +0000 2023


RT @dstadulis: The endless, recursive assertions, possible with this Gordian Envelope data structure, prime it to handle the evolving deman…

x-icon Thu Jan 19 15:39:01 +0000 2023


Replying to @cryptoecongames

The slides and videos from last week’s #SiliconSalon III are now available at https://www.siliconsalon.info/salon3/, excerpts from facilitated discussion will be out next week.

x-icon Sat Jan 21 01:14:15 +0000 2023


RT @cryptoecongames: This is important. Crypto foundations please take note

x-icon Sat Jan 21 01:14:19 +0000 2023


The slides and videos from last week’s #SiliconSalon III are now available at http://siliconsalon.info/salon3/, excerpts from the facilitated discussion will be out next week.

x-icon Sat Jan 21 05:16:15 +0000 2023


Replying to @cronokirby

This? “Social Security’s total cost is projected to be higher than its total income in 2022 and all later years. Total cost began to be higher than total income in 2021. Social Security’s cost has exceeded its non-interest income since 2010.”

x-icon Mon Jan 23 18:58:54 +0000 2023


Replying to @cronokirby

Definitely lots in there, but what in particular grabbed you as significantly new?

x-icon Mon Jan 23 19:06:35 +0000 2023


Replying to @ApeDurden

It is far less expensive to pay for a comfortable work environment than pay for the extra salaries required for loss of productivity without them. Google is laying off due to bad strategic management leading to paying expensive people to build unfinished & cancelled projects.

x-icon Mon Jan 23 19:13:58 +0000 2023


@WarrenDavidson @RepFrenchHill — need some testimony on self-custody, private keys, digital identity, SSI? I’ve advised on #Wyoming laws and internationally. Talk to me. https://bitcoinmagazine.com/legal/saving-bitcoin-private-keys-from-courts

x-icon Tue Jan 24 00:48:00 +0000 2023


Released yesterday was the “European Declaration on Digital Rights and Principles for the Digital Decade” The first principle is “Putting people at the centre of the digital transformation” 👍 :
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AJOC_2023_023_R_0001

x-icon Tue Jan 24 07:33:45 +0000 2023


I note that this document is in conflict with a number of recent documents from the EU such as the AML rules in the “Transfer of Funds” regulations: https://www.europarl.europa.eu/legislative-train/theme-an-economy-that-works-for-people/file-revision-of-the-regulation-on-transfers-of-funds

x-icon Tue Jan 24 07:41:58 +0000 2023


Some other interesting commentary: “the Declaration remains mostly silent on how to protect safety and human rights, how to strengthen democratic oversight, and how to ensure that nobody is left behind.” https://twitter.com/xotoxot/status/1500732792250023938

x-icon Tue Jan 24 08:00:30 +0000 2023


Replying to @lorenc_dan, @awakecoding and @BenLaurie

You might then like Gordian Envelope which leverages CBOR. It is a structured data format that supports graph data (node or edge or both labeled), elision (redaction, encryption or reference) and is agnostic on curves. https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Thu Jan 26 21:08:12 +0000 2023


It’s an open meeting, so you can attend to listen to our short presentation and to participate in any Q&A that follows. [4/6]

x-icon Thu Jan 26 21:21:04 +0000 2023


We’ve already submitted an IETF Draft of Envelope, so we’re thrilled to also be able to present it to W3C and the CCG [3/6]. https://blockchaincommons.github.io/WIPs-IETF-draft-envelope/draft-mcnally-envelope.html

x-icon Thu Jan 26 21:21:04 +0000 2023


Gordian Envelope is Blockchain Commons’ privacy-focused and structure-focused “Smart Document” that allows for the storage and transmission of sensitive information. [2/6] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Thu Jan 26 21:21:04 +0000 2023


This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Group. We’d love you to join us! [1/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000

1618720700390584320-FnbZ1nQaUAAAWvj

x-icon Thu Jan 26 21:21:04 +0000 2023


Then join us Tuesday morning to learn more! [6/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000

x-icon Thu Jan 26 21:21:05 +0000 2023


Watch our introductory video for an overview of Envelope, its structure, and what it can do! [5/6] https://www.youtube.com/watch?v=OcnpYqHn8NQ

x-icon Thu Jan 26 21:21:05 +0000 2023


Replying to @lorenc_dan, @awakecoding and @BenLaurie

There is a W3C-CCG discussion next Tuesday: https://twitter.com/ChristopherA/status/1618720700390584320

x-icon Thu Jan 26 21:22:00 +0000 2023


I’m intrigued by the use case for #GordianEnvelope in AI model training sets. For instance, @MosaicML says they can create a Stable Diffusion class model for $160K https://www.mosaicml.com/blog/training-stable-diffusion-from-scratch-costs-160k. We could collect data & collaboratively build a validatable & certifiable sourced model.

x-icon Mon Jan 30 19:38:59 +0000 2023


RT @ChristopherA: This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Gr…

x-icon Mon Jan 30 19:43:51 +0000 2023


Here is a general use case for Gordian Envelopes in Software & AI Industry. I’d love thoughts on extending it further for AI model collaboration, validation, and certification. https://github.com/BlockchainCommons/Gordian/blob/master/Envelope/Use-Cases/Software.md

x-icon Mon Jan 30 19:44:03 +0000 2023


Join us tomorrow in the @W3C Credential Community for a discussion about Gordian Envelope. https://twitter.com/ChristopherA/status/1618720700390584320

x-icon Mon Jan 30 19:45:19 +0000 2023


I divide this into three parts: scope minimization, content minimization, and temporal minimization. You want to provide the minimal content for the minimal scope over the minimal amount of time. [3/9]

x-icon Tue Jan 31 18:34:54 +0000 2023


Data Minimization is the practice of limiting the amount of shared data to the minimum necessary: just enough to do what you need to do. A best-practice generally for security, but mandatory for #PersonalData under #GDPR. [2/9]

x-icon Tue Jan 31 18:34:54 +0000 2023


My latest “Musings of a Trust Architect” article covers #DataMinimization and #SelectiveDisclosure, both crucial privacy protecting data-management techniques: [1/9] https://www.blockchaincommons.com/musings/musings-data-minimization/

x-icon Tue Jan 31 18:34:54 +0000 2023


Take a look at the full article on Data Minimization and Selective Disclosure for more details on all of this! Or my previous musing post on architectures for Progressive Trust. I’d love to hear your comments and thoughts! [7/9] https://www.blockchaincommons.com/musings.html

x-icon Tue Jan 31 18:34:55 +0000 2023


I then share some brief details on three different Selective Disclosure cryptographic techniques: Hash-based Elision (or Redaction), Zero-Knowledge Proof (ZKP) and Blind Signature, and well some possible adjacent, less explored approaches. [6/9]

x-icon Tue Jan 31 18:34:55 +0000 2023


My requirements for Selective Disclosure include: granularity, control, transparency, security, privacy, compliance, auditability, and flexibility [5/9].

x-icon Tue Jan 31 18:34:55 +0000 2023


Selective Disclosure is then the next step: how you share limited amounts of information while also minimizing risks of correlation. [4/9]

x-icon Tue Jan 31 18:34:55 +0000 2023


Become a patron of Blockchain Commons if work of this sort is important to you! Or write to me directly if you’d like to become more involved as a contributor. [9/9] https://www.blockchaincommons.com/sponsors.html

x-icon Tue Jan 31 18:34:56 +0000 2023


These concepts are already influencing the @BlockchainComns work on Gordian Envelope. I hope they’ll be a general building block for the next generation of private data storage. [8/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Tue Jan 31 18:34:56 +0000 2023


RT @OpenSourceOrg: The ultimate list of reactions to the Cyber Resilience Act from ARGH! to ZOMG! https://blog.opensource.org/the-ultimate-list-of-reactions-to-the-cyber-resilience-act/

x-icon Wed Feb 01 04:29:16 +0000 2023


RT @OpenSourceOrg: The EU Cyber Resilience Act has noble aims but its wording and framing can harm #OpenSource. It must be fixed. https://t…

x-icon Wed Feb 01 04:30:04 +0000 2023


date: “2023-01-31” time: 23:59:59 +0000 —

Talk with cryptographers & semiconductor manufacturers about new silicon-based cryptographic functionality. Sign up now for our third virtual #SiliconSalon on January 18 at 9am PT. [1/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Wed Jan 04 09:26:22 +0000 2023


Cramium @crossbarinc will discuss “Silicon & MPC”, overviewing silicon architecture approaches that address concerns of security, performance and efficiency as well as economic concerns and flexibility, all to accommodate future improvements. [4/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


Bunnie from @bunniestudios will present “Toward a More Open Secure Element Chip” — “What are the elements that make a semiconductor more or less “open”? How do you maintain openness in a proprietary ecosystem, and is there a purpose to secrecy in security? [3/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


If you have not seen the presentations and discussions from our last Silicon Salon, they are at https://www.siliconsalon.info/salon2/

We have three more presentations locked down for the 18th: [2/7]

x-icon Wed Jan 04 09:26:23 +0000 2023


We hope to see you all at Silicon Salon 3! [7/7] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Wed Jan 04 09:26:24 +0000 2023


As usual, our feature presentations will be supplemented by discussions! https://www.siliconsalon.info/salon1/#discussions

Join in to contribute your points of view and your requirements for cryptographic silicon! [6/7]

x-icon Wed Jan 04 09:26:24 +0000 2023


Finally, Kavya Sreedhar will present “A Fast Large-Integer Extended GCD Algorithm and Hardware Design for Verifiable Delay Functions and Modular Inversion”. [5/7] http://ia.cr/2021/1292

x-icon Wed Jan 04 09:26:24 +0000 2023


Replying to @sbisson

@sbisson, beautiful photos. @joncallas pointed me here after seeing: https://twitter.com/gunsnrosesgirl3/status/1598231952854614016

x-icon Thu Jan 05 21:48:56 +0000 2023


For example, in next week’s virtual Silicon Salon 3, Kavya Sreedhar will be presenting about a 16nmn semiconductor design for constant-time modular inversion for Curve25519 using XGCD — 31 times faster than software! But more importantly, it can be hardened in silicon…[2/9]

1612527730691821568-FmDRyAZacAARLrT

x-icon Mon Jan 09 19:12:24 +0000 2023


Why is the discussion & community we are building at #SiliconSalon so important? Our problem is that silicon-based security is lagging, supporting only decade+ old crypto—no blockchain, no ZKP. The result is modern cryptography is done in user space. Let’s solve this!🧵… [1/9]

1612527727697088512-FmDX4tvaMAEa_fL

x-icon Mon Jan 09 19:12:24 +0000 2023


Bunnie of @bunniestudios will be talking about “where to draw the line for openness…the perceived fear/uncertainty/doubt (FUD) around a particular attack surface tends to have an inverse relation to the actual size of the attack surface.”…[3/9]

1612527734361841664-FmDSpAFaMAAF87E

1612527734361841664-FmDSv-qaMAADFPm

x-icon Mon Jan 09 19:12:25 +0000 2023


The goal of the Silicon Salon community hosted by @BlockchainCommons is to bridge the gap between semiconductor manufacture and wallet design, between academia and real-world usage. Take a look at our archives to see what we’ve done so far. [6/9] https://www.siliconsalon.info/

x-icon Mon Jan 09 19:12:26 +0000 2023


Semiconductor designer @CramiumLabs, working on the next generation of secure chips, desires to support MPC-based distributed key management (FROST, Threshold ECDSA, etc), which is receiving insufficient hardware support and academic attention but is an important future.…[5/9]

x-icon Mon Jan 09 19:12:26 +0000 2023


“The current NDA-heavy status quo for chips creates an analytical barrier that prevents us from determining how big the actual attack surface is. Without intimate knowledge of how the hardware is functions, there are important classes of software bugs we can’t analyze.”…[4/9]

x-icon Mon Jan 09 19:12:26 +0000 2023


Together, we can ensure that the next generation of cryptographic semiconductors meets everyone’s needs, advancing the entire cryptography industry. Support our efforts to host these conversations & build this community by sponsoring us at https://github.com/sponsors/BlockchainCommons/ [9/9]

x-icon Mon Jan 09 19:12:27 +0000 2023


We hold these Silicon Salon events quarterly, with our next one in April. We are planning now, and if you have a topic you’d like to present next quarter, let me know: pain points, architectures, secure boot & firmware, supply chains, threats & countermeasures, and more. [8/9]

x-icon Mon Jan 09 19:12:27 +0000 2023


Next week, join cryptographers & semiconductor manufacturers to discuss requirements for new silicon-logic-based cryptographic functionality & leveraging opportunities for semiconductor acceleration. January 18th, 9am-noon PT hosted online via Zoom. [7/9] https://www.eventbrite.com/e/silicon-salon-3-tickets-492802494527

x-icon Mon Jan 09 19:12:27 +0000 2023


Replying to @peterktodd

User space itself is not necessarily bad, but it increases attack surface. In particular vulnerabilities from improper sandboxing or attacks from lower layers of the stack that user space doesn’t specifically know about or can address.

x-icon Mon Jan 09 20:29:14 +0000 2023


Replying to @peterktodd

Assuming no bugs in user space code (not a given) it still can vulnerable to lower levels, such as network stack, correlation & privacy attacks, boot & hardware vulnerabilities (in particular when hardware is not inspectable). In particular don’t like raw keys in user space.

x-icon Mon Jan 09 20:40:21 +0000 2023


Replying to @peterktodd

Yes, FPGA has a role. Bunnie of @bunniestudios has been doing FPGA emulation of RISC-V (see their presentation at the 2nd #SiliconSalon https://www.siliconsalon.info/salon2/#bunnie-studios-presentation)), and in general SS2 was about boot and supply chain.

x-icon Mon Jan 09 22:23:51 +0000 2023


Replying to @peterktodd and @bunniestudios

Part of what Bunnie wants to talk about at the next Silicon Salon is where is the line between proprietary and open hardware? It is really hard to have a completely open design right now, but “more open” is possible. Perfection is the enemy of the good here.

x-icon Mon Jan 09 22:25:37 +0000 2023


RT @TheHackersNews: 🔥 Attention all #opensource developers: If you’re using “jsonwebtoken” library in your projects, you need to take urgen…

x-icon Tue Jan 10 22:18:29 +0000 2023


“As open source software increasingly emerges as a lucrative initial access pathway for threat actors to stage supply chain attacks, it’s crucial that vulnerabilities in such tools are proactively identified, mitigated, and patched by downstream users.” True! https://twitter.com/TheHackersNews/status/1612815649801117698

x-icon Tue Jan 10 22:21:38 +0000 2023


RT @__agwa: New blog post: whoarethey: Determine Who Can Log In to an SSH Server

https://www.agwa.name/blog/post/whoarethey

x-icon Tue Jan 10 22:43:58 +0000 2023


Replying to @KyleOfTheCorn and @SeedSigner

If you want to do this you might want to do it in an interoperable way with Gordian Envelope. I know @FOUNDATIONdvcs is looking into using it to save interoperable backups to SD cards. You can encrypt with passwords or threshold of SSKR shares.

x-icon Wed Jan 11 23:08:35 +0000 2023


Join us this Wednesday to discuss the future of greater support for modern cryptography in silicon! 9am-Noon PT: https://twitter.com/ChristopherA/status/1612527727697088512

x-icon Mon Jan 16 18:20:46 +0000 2023


Continuing on this #PatentBreaker thread: Ideally, the Hilbert curve would be focused on where people actually live. Here is Europe & Asia. Of course any useful Hilbert curve for use zk-proofs to support #LocationPrivacy-focused geomapping would be a much finer grid.

1615138869695090690-Fmof0WvaMAA-Plm

x-icon Tue Jan 17 00:08:09 +0000 2023


Replying to @holochain, @Sheldrake, @molly0xFFF and @generative_

Thanks for the /HT. BTW, the article you link on Progressive Trust is from 2004, there is a more recent article (last month) with an update on my thoughts about Progressive Trust Architectures at https://www.blockchaincommons.com/musings/musings-progressive-trust/

x-icon Tue Jan 17 18:12:14 +0000 2023


A good & broad survey of discourse about Self-Sovereign Identity (aka #SSI) in recent years, by @CollinMcclain. “I want to leave this article with an invitation to think expansively and critically about identity” Yes! 👍 More is needed! https://twitter.com/Holochain/status/1615323677087698949

x-icon Tue Jan 17 18:20:39 +0000 2023


Replying to @MariaShen

Where do blockchain agnostic developers fall on your list? https://www.BlockchainCommons.com works with many chains.

x-icon Tue Jan 17 19:02:52 +0000 2023


The biggest event was the maturation of our Commons from our initial Airgap Wallet community to a more diverse group, including hardware wallets, software designers, and semiconductor manufacturers alike. Welcome to Chia, CrossBar, and Proxy in 2022! [2/9] https://www.blockchaincommons.com/sponsors.html

x-icon Wed Jan 18 20:24:52 +0000 2023


Blockchain Commons celebrates the new year with a report looking back at its considerable progress in 2022. Take a look at our growing community of developers, events, new architectures & specifications, advice and much more! 🧵 [1/9] https://twitter.com/BlockchainComns/status/1615743373201244161

x-icon Wed Jan 18 20:24:52 +0000 2023


CSR is built atop perhaps our biggest initiative for the year: #GordianEnvelope, a new “Smart Documentation” specification for storing data in a privacy-preserving way. A high-level intro: [5/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Wed Jan 18 20:24:53 +0000 2023


Another is Collaborative Seed Recovery (aka CSR). @BitmarkInc, @foundationdvcs, and @proxy are all working with us to create a way to shard your digital assets and store the shares in multiple locations in an interoperable manner. [4/9] https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md

x-icon Wed Jan 18 20:24:53 +0000 2023


The creation of a large community has allowed us to work on some big interoperable projects. One is @SiliconSalon, a quarterly series of events where we bring together different parties to talk about the future of cryptographic semiconductor design. [3/9] https://www.siliconsalon.info/

x-icon Wed Jan 18 20:24:53 +0000 2023


There was much more in 2022, including Seed Tool updates, server updates, more advocacy work in Wyoming & the EU, and updates to #SmartCustody. Read about that, and our plans for 2023. It’s all in our yearly review. [8/9] https://www.blockchaincommons.com/quarterlies/Yearly-2022/

x-icon Wed Jan 18 20:24:54 +0000 2023


Gordian Envelope is supported by a new CLI app, which lets you test out all of Envelope’s privacy-focused features, such as elision and encryption, right now. [7/9] https://github.com/BlockchainCommons/envelope-cli-swift

x-icon Wed Jan 18 20:24:54 +0000 2023


Or if you prefer video, here is a short 7-minute high-level “Introduction to Gordian Envelope”: https://www.youtube.com/watch?v=OcnpYqHn8NQ [6/9]

x-icon Wed Jan 18 20:24:54 +0000 2023


Become a sponsor to help us continue this development! A half-dozen companies have already joined us to create self-sovereign solutions for the internet! [9/9] https://github.com/sponsors/BlockchainCommons

x-icon Wed Jan 18 20:24:55 +0000 2023


I’m trying to get a definitive list of Bitcoin wallets that support @BlockchainComns airgap animated QR/UR specs for signing PSBTs. I know of @SparrowWallet, @bluewalletio, @KeystoneWallet & @CasaHODL, but I hear that @nunchuk_io & @Blockstream’s Jade Wallet now do so. Others?

x-icon Wed Jan 18 22:55:43 +0000 2023


Replying to @nvk

The number of steps for careful cold-storage of multisig is too hard, see our tedious example: https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/Scenario-Multisig.md However, we can do better but it requires to move toward Collaborative Seed Recovery…

x-icon Wed Jan 18 23:54:29 +0000 2023


Replying to @nvk

This is what our developer community is working on to make it easier this Q1: https://github.com/BlockchainCommons/Gordian/blob/master/CSR/README.md

x-icon Wed Jan 18 23:55:54 +0000 2023


Replying to @nvk

But we also needed to safely store more metadata: descriptors, lighting channel details, FROST shares & authentication, and more, this last Q4 work on Gordian Envelope: https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Wed Jan 18 23:58:32 +0000 2023


Replying to @nvk

When we are done, none of this complexity will be visible to users.

x-icon Wed Jan 18 23:59:00 +0000 2023


RT @nunchuk_io: @ChristopherA @BlockchainComns @SparrowWallet @bluewalletio @KeystoneWallet @CasaHODL @Blockstream Confirm that we do !

x-icon Thu Jan 19 00:00:19 +0000 2023


RT @dstadulis: The endless, recursive assertions, possible with this Gordian Envelope data structure, prime it to handle the evolving deman…

x-icon Thu Jan 19 15:39:01 +0000 2023


Replying to @cryptoecongames

The slides and videos from last week’s #SiliconSalon III are now available at https://www.siliconsalon.info/salon3/, excerpts from facilitated discussion will be out next week.

x-icon Sat Jan 21 01:14:15 +0000 2023


RT @cryptoecongames: This is important. Crypto foundations please take note

x-icon Sat Jan 21 01:14:19 +0000 2023


The slides and videos from last week’s #SiliconSalon III are now available at http://siliconsalon.info/salon3/, excerpts from the facilitated discussion will be out next week.

x-icon Sat Jan 21 05:16:15 +0000 2023


Replying to @cronokirby

This? “Social Security’s total cost is projected to be higher than its total income in 2022 and all later years. Total cost began to be higher than total income in 2021. Social Security’s cost has exceeded its non-interest income since 2010.”

x-icon Mon Jan 23 18:58:54 +0000 2023


Replying to @cronokirby

Definitely lots in there, but what in particular grabbed you as significantly new?

x-icon Mon Jan 23 19:06:35 +0000 2023


Replying to @ApeDurden

It is far less expensive to pay for a comfortable work environment than pay for the extra salaries required for loss of productivity without them. Google is laying off due to bad strategic management leading to paying expensive people to build unfinished & cancelled projects.

x-icon Mon Jan 23 19:13:58 +0000 2023


@WarrenDavidson @RepFrenchHill — need some testimony on self-custody, private keys, digital identity, SSI? I’ve advised on #Wyoming laws and internationally. Talk to me. https://bitcoinmagazine.com/legal/saving-bitcoin-private-keys-from-courts

x-icon Tue Jan 24 00:48:00 +0000 2023


Released yesterday was the “European Declaration on Digital Rights and Principles for the Digital Decade” The first principle is “Putting people at the centre of the digital transformation” 👍 :
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ%3AJOC_2023_023_R_0001

x-icon Tue Jan 24 07:33:45 +0000 2023


I note that this document is in conflict with a number of recent documents from the EU such as the AML rules in the “Transfer of Funds” regulations: https://www.europarl.europa.eu/legislative-train/theme-an-economy-that-works-for-people/file-revision-of-the-regulation-on-transfers-of-funds

x-icon Tue Jan 24 07:41:58 +0000 2023


Some other interesting commentary: “the Declaration remains mostly silent on how to protect safety and human rights, how to strengthen democratic oversight, and how to ensure that nobody is left behind.” https://twitter.com/xotoxot/status/1500732792250023938

x-icon Tue Jan 24 08:00:30 +0000 2023


Replying to @lorenc_dan, @awakecoding and @BenLaurie

You might then like Gordian Envelope which leverages CBOR. It is a structured data format that supports graph data (node or edge or both labeled), elision (redaction, encryption or reference) and is agnostic on curves. https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Thu Jan 26 21:08:12 +0000 2023


It’s an open meeting, so you can attend to listen to our short presentation and to participate in any Q&A that follows. [4/6]

x-icon Thu Jan 26 21:21:04 +0000 2023


We’ve already submitted an IETF Draft of Envelope, so we’re thrilled to also be able to present it to W3C and the CCG [3/6]. https://blockchaincommons.github.io/WIPs-IETF-draft-envelope/draft-mcnally-envelope.html

x-icon Thu Jan 26 21:21:04 +0000 2023


Gordian Envelope is Blockchain Commons’ privacy-focused and structure-focused “Smart Document” that allows for the storage and transmission of sensitive information. [2/6] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Thu Jan 26 21:21:04 +0000 2023


This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Group. We’d love you to join us! [1/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000

1618720700390584320-FnbZ1nQaUAAAWvj

x-icon Thu Jan 26 21:21:04 +0000 2023


Then join us Tuesday morning to learn more! [6/6] https://www.w3.org/events/meetings/80a1023e-569b-4714-8fab-d1b84f2c3478/20240604T120000

x-icon Thu Jan 26 21:21:05 +0000 2023


Watch our introductory video for an overview of Envelope, its structure, and what it can do! [5/6] https://www.youtube.com/watch?v=OcnpYqHn8NQ

x-icon Thu Jan 26 21:21:05 +0000 2023


Replying to @lorenc_dan, @awakecoding and @BenLaurie

There is a W3C-CCG discussion next Tuesday: https://twitter.com/ChristopherA/status/1618720700390584320

x-icon Thu Jan 26 21:22:00 +0000 2023


I’m intrigued by the use case for #GordianEnvelope in AI model training sets. For instance, @MosaicML says they can create a Stable Diffusion class model for $160K https://www.mosaicml.com/blog/training-stable-diffusion-from-scratch-costs-160k. We could collect data & collaboratively build a validatable & certifiable sourced model.

x-icon Mon Jan 30 19:38:59 +0000 2023


RT @ChristopherA: This Tuesday at noon ET / 9am PT, @BlockchainComns is presenting on Gordian Envelope for the W3C Credentials Community Gr…

x-icon Mon Jan 30 19:43:51 +0000 2023


Here is a general use case for Gordian Envelopes in Software & AI Industry. I’d love thoughts on extending it further for AI model collaboration, validation, and certification. https://github.com/BlockchainCommons/Gordian/blob/master/Envelope/Use-Cases/Software.md

x-icon Mon Jan 30 19:44:03 +0000 2023


Join us tomorrow in the @W3C Credential Community for a discussion about Gordian Envelope. https://twitter.com/ChristopherA/status/1618720700390584320

x-icon Mon Jan 30 19:45:19 +0000 2023


I divide this into three parts: scope minimization, content minimization, and temporal minimization. You want to provide the minimal content for the minimal scope over the minimal amount of time. [3/9]

x-icon Tue Jan 31 18:34:54 +0000 2023


Data Minimization is the practice of limiting the amount of shared data to the minimum necessary: just enough to do what you need to do. A best-practice generally for security, but mandatory for #PersonalData under #GDPR. [2/9]

x-icon Tue Jan 31 18:34:54 +0000 2023


My latest “Musings of a Trust Architect” article covers #DataMinimization and #SelectiveDisclosure, both crucial privacy protecting data-management techniques: [1/9] https://www.blockchaincommons.com/musings/musings-data-minimization/

x-icon Tue Jan 31 18:34:54 +0000 2023


Take a look at the full article on Data Minimization and Selective Disclosure for more details on all of this! Or my previous musing post on architectures for Progressive Trust. I’d love to hear your comments and thoughts! [7/9] https://www.blockchaincommons.com/musings.html

x-icon Tue Jan 31 18:34:55 +0000 2023


I then share some brief details on three different Selective Disclosure cryptographic techniques: Hash-based Elision (or Redaction), Zero-Knowledge Proof (ZKP) and Blind Signature, and well some possible adjacent, less explored approaches. [6/9]

x-icon Tue Jan 31 18:34:55 +0000 2023


My requirements for Selective Disclosure include: granularity, control, transparency, security, privacy, compliance, auditability, and flexibility [5/9].

x-icon Tue Jan 31 18:34:55 +0000 2023


Selective Disclosure is then the next step: how you share limited amounts of information while also minimizing risks of correlation. [4/9]

x-icon Tue Jan 31 18:34:55 +0000 2023


Become a patron of Blockchain Commons if work of this sort is important to you! Or write to me directly if you’d like to become more involved as a contributor. [9/9] https://www.blockchaincommons.com/sponsors.html

x-icon Tue Jan 31 18:34:56 +0000 2023


These concepts are already influencing the @BlockchainComns work on Gordian Envelope. I hope they’ll be a general building block for the next generation of private data storage. [8/9] https://www.blockchaincommons.com/introduction/Envelope-Intro/

x-icon Tue Jan 31 18:34:56 +0000 2023


RT @OpenSourceOrg: The ultimate list of reactions to the Cyber Resilience Act from ARGH! to ZOMG! https://blog.opensource.org/the-ultimate-list-of-reactions-to-the-cyber-resilience-act/

x-icon Wed Feb 01 04:29:16 +0000 2023


RT @OpenSourceOrg: The EU Cyber Resilience Act has noble aims but its wording and framing can harm #OpenSource. It must be fixed. https://t…

x-icon Wed Feb 01 04:30:04 +0000 2023

Updated: