Revocation Certificates

I have been going through a lot of my PM’s

I didn’t realise the amount of stuff I had put on hold until after the MGRC was formed.

So, in my love of z2z messaging, I remember talking to @tromer in PM’s about if revocation certificates were something that could be in the protocol (I dont see why they are not already)

basic example of cert revocation - the activex example is a pretty good one of the application of how i see it working with messaging.

This isnt too useful for funds. but in a messaging system it is essential to form secure data channels. another forum user @ChileBob is implementing some kind of messaging system with authentication. I am sure he can see the usefulness of being able to revoke certain peoples access to future messages without having to reissue keys for everyone else. (its standard industry practice in secure communication devices.) - multisig is a clunky workaround that can give some similar features.

In addition, I know darkmarkets and other tor sites are crying out for POW to be used in circuit connections as an antidos measure (very similar to adam back’s HashCash (1997) - later used by Hal Finney in RPOW) hashcash

This stuff would actually work and be useful if there was revocation certificates at the protocol level. By this I mean the ability to disassociate a pubkey and privkey.

In a pratical sense, what is being asked for is already covered by industry with datacryptors. the zcash cryptography is inherently more secure than what is normally used - however the hardware implementations of current tech make datacryptors fine.

here is a walk through of how I would see revcerts being used.

  • zkmemos could replace DEK and KEK exchanges - (this has been my major professional interest and why mistfpga got involved with our hardware wallet)
  • zkmemos could be used to establish approved message decryptors - where you would want a public message to be read by a group, but if someone is removed from the group you dont want to have to generate new keys for everyone
  • zkmemos could be used as an antidos measure without the need for the user to do the POW challenge. the 75 second block delay (150-225 seconds if it is challenge response) that tor so desperatly wants.
  • zkmemos could be used to stop people MITMing websites with payment addresses - revocation certs are needed in case of site compromise, again without the need for clients to rekey.

One thing I am not sure about thought because I havent given it much thought yet is how they would impact multisig and payments - This needs serious consideration.

So, my current attempts (they are not past the paper stage) would be to create a zcash z2z messenger that is mergemined, needs no transaction fees. gives no blockrewards and requires no payment to send a message. - this is a seperate chain that is just protected by the main chain (like namecoin/ixcoin/iocoin/etc) so the messaging does not increase the zec blockchain bloat and the messaging chain can be trimmed.

I know projects already do stuff similar to this, this chart is taken from the adamant project site and compares different messenger systems - https://adamant.im/

msgapps.pdf (264.0 KB)

So free z2z is cool af. with revocation certs (even if they are only on the messenger chain) then we can take network security to the next level.

Please could people post problems with this, especially regarding the feasibility of a messenger chain - I tend to be a bit of a blue skies thinker when it comes to stuff like this.

Still working on that ! :slight_smile:

Ideas :-

  • Mine the certs but not the messages, unless you really WANT them archived
  • The pubkey registry is just a public address with a viewkey
  • Stream the mempool to lite clients

Bet @holmesworcester has already solved most of this