Blockchain Fintech – Adi BEN-ARI, Ben Ari Adi
Abstract for “System and Method for Blockchain Smart Contract Data Privacy”
“System and Method for Executing Cryptographically Secure Transactions in a Network Comprising a Public Leger”
Background for “System and Method for Blockchain Smart Contract Data Privacy”
The following description contains information that could be helpful in understanding the invention. This description does not imply that any information contained herein is prior art, relevant to the presently claimed invention or that any publication explicitly or implicitly referred to is prior art.
“Importantly, although the operational/functional descriptions described herein are understandable by the human mind, they are not abstract ideas of the operations/functions divorced from computational implementation of those operations/functions. The operations/functions are a specification for massively complex computational machines and other means. As discussed in detail below, the operational/functional language must be read in its proper technological context, i.e., as concrete specifications for physical implementations.”
“The logical operations/functions discussed herein are a distillation or description of machine specifications, or other physical mechanisms specified in the operations/functions so that otherwise obscure machine specifications may be understandable to the human brain. The distillation also allows one of skill in the art to adapt the operational/functional description of the technology across many different specific vendors’ hardware configurations or platforms, without being limited to specific vendors’ hardware configurations or platforms.”
“Some of this technical description (e.g. detailed description, drawings claims, etc.) may be set forth in terms of logical operations/functions. These logical operations/functions do not represent abstract ideas. They are representative of the static or sequential specifications of various hardware components. However, those skilled in the art will understand the logical operations/functions to be representative of the static or sequenced specifications for various hardware elements. This is true because tools available to one of skill in the art to implement technical disclosures set forth in operational/functional formats?tools in the form of a high-level programming language (e.g., C, java, visual basic, etc. Tools in the form Very high-speed Hardware Description Language (VHDL)? (a language that uses text for describing logic circuits).) are generators of sequenced or static specifications of various hardware configurations. This is often obscured by the general term “software”. However, the term “software” can sometimes be misleading. is a shorthand for a massively complex interchaining/specification of ordered-matter elements. The term “ordered-matter element”? The term “ordered-matter elements” may be used to refer to physical components in computations such as electronic logic gates and molecular computing logic constituents.
“As outlined above, the reason for the use of functional/operational technical descriptions is at least twofold. First, the use of functional/operational technical descriptions allows near-infinitely complex machines and machine operations arising from interchained hardware elements to be described in a manner that the human mind can process (e.g., by mimicking natural language and logical narrative flow). Second, the use of functional/operational technical descriptions assists the person of skill in the art in understanding the described subject matter by providing a description that is more or less independent of any specific vendor’s piece(s) of hardware.”
“Despite the expressiveness of smart contracts and blockchain, transactional privacy is not available in the current form of these technologies. All actions in a smartcontract are visible to the public. They are also recorded and propagated on the network. They are public in that private data flows through all nodes on the blockchain.
It is inappropriate to make data visible to all parties to a blockchain network. Sometimes, one party may wish to share data with a specific party only. The data will not be visible to all parties on the blockchain.
Private data must be encrypted in order to protect data privacy. Two basic methods for encrypting information are symmetric encryption (also known secret key encryption) or asymmetric encryption. One key (or?shared secret?) is required for symmetric encryption. One key (?shared secret?) is used for both encryption and decryption in symmetric encryption. In asymmetric encryption, encryption is done using a public key, while decryption uses the private key. POP is a combination of public-key encryption and symmetric-key encryption. A symmetric encryption algorithm is used to encrypt the message, which requires a key. Each session key, which is also known as a symmetric key, is only used once. The receiver receives the message and its session keys. To decrypt the message, the session key must be sent by email to the receiver. However, encryption with the public key of the receiver is required to protect it during transmission.
“In addition to the privacy of smart contracts data, there is often an obligation to keep transaction anonymity secret from the majority network participants. We may also wish to allow certain participants to identify the person sending transactions.
“Finally one of the benefits of using blockchain smart contract to store and share information is the ability wrap data with permissions logic to limit who can modify it. This would require us to disclose the public keys of all parties who have granted permission. This is necessary so that smart contract code can be run independently by all nodes. In situations where participants do not want to disclose their identities to others in the network, this may not be feasible.
“It is desirable that these features are available on all standard blockchain smart contracts platforms.”
Smart contracts allow the storage of data in blockchain transactions. Performance is a problem with current contact implementation. Blockchains are being used as shared data storage, but they were not designed to allow fast retrieval data from smart contracts. This limits applications’ ability to take advantage of the blockchain environment and smart contract environment.
“?Hawk?”, a decentralized smart-contract system (see?Hawk : The Blockchain Model of Cryptography & Privacy-Preserving Smart Contracts) This framework is used to build privacy-preserving smart contract. Hawk-generated protocols assume that a special contractual party is called a manager (e.g. An auction manager) is added to the list of users.
“?Enigma? “?Enigma? Guy Zyskind and Oz Nathan. Alex Sandy. With guaranteed privacy, it is not accessible to a third party. Enigma connects to an existing blockchain to offload intensive and private computations to an offchain network.
“None the existing technologies or prior art can address nor provide an integrated solution to selectively control data privacy using blockchain applications.
“There is therefore a long-felt and unmet need to develop a system or method that solves the problems of the prior art.
“As used herein and throughout these claims, the meaning of ‘a? is: ?an,? ?an,? Unless the context clearly indicates otherwise, plural references are allowed. The meaning of ‘in? is also defined in this description. Also,?in? If the context clearly dictates otherwise, it includes?in? Unless the context clearly indicates otherwise.”
“All the methods described herein may be used in any order, unless otherwise specified or clearly contradicted with context. Any and all examples or exemplary languages (e.g. ?such as?) The information provided in respect of certain embodiments is meant to help illuminate the invention, and not limit the scope of the invention. The specification does not contain any language that could be understood as indicating an essential non-claimed element to the practice or application of the invention.
“Groupings of alternative elements and embodiments of the invention described herein should not be taken as limitations. Each member of a group can be claimed separately or together with other members or elements herein. A group may include or exclude one or more members for convenience or patentability. If such an inclusion or deletion occurs, the specification will be deemed to include the modified group and fulfill the written description of all Markush-groups used in the appended claims.
“The following description of preferred embodiments refers to the accompanying drawings, which form a part of this document and which show specific embodiments where the invention can be used. Other embodiments are possible and structural changes can be made without departing completely from the scope. You can practice the present invention according to these claims without any or all of these details. To be clear, the technical material in the technical fields relating to the invention have not been described in detail. This will not obscure the essence of the invention.
“Refer throughout this specification only to?one embodiment?” or ?an embodiment? It means that at least one embodiment includes a particular feature, structure or characteristic related to the embodiment. The phrases “in one embodiment” and “in another embodiment” are examples of this. Or?in one embodiment? This specification does not always refer to the same embodiment. You can combine the features, structures or characteristics in any way you like in any number of embodiments.
“While various embodiments will be discussed, it will be clear that the invention is not limited to these embodiments. The present technology, on the other hand, is intended to include alternative, modifications, and equivalents that may be included within scope and spirit of the various embodiments as described in the appended claims.
“Additionally, the following description of embodiments provides a detailed understanding of the current technology. The present technology can be used without these details. Other instances include well-known methods, components, circuits, and procedures that have not been described in sufficient detail to not unnecessarily obscure aspects.
“The term “crypto-currency” refers to any type of digital currency. Any type of digital currency is considered crypto-currency.
“The term “ledger” refers to a principal book or computer file for recording transactions. “The term?ledger” refers to a computer file or principal book that records transactions.
“The term “blockchain” is used to describe a public ledger that records peer-to-peer digital transactions such as Bitcom transactions. “Blockchain” refers to a public ledger that records peer-to-peer digital transactions, such as Bitcom transactions.
“Unless otherwise stated, it is appreciated, that the present description and explanations of embodiments use terms such as ‘computing?, or?detecting? ?calculating?, ?processing?, ?performing,? ?identifying,? ?determining? The actions and processes of a computer or similar electronic computing device, such as the computer system or the like, are referred to. A computer system or similar electronic computing device transforms data that is represented as physical (electronic), quantities in the computer’s registers and memory into data that is similarly represented within other information storage, transmission or display devices. This includes integrated circuits, microcode, hardware-based microcode, and chip level firmware.
“Smart contracts” is a term that refers to digital entities. Digital entities that can define complex transaction logic and facilitate cross organizational workflow, including storage of data, access permissions, ordered workflow, and computation, are called “smart contracts.” Digital entities that can define complex transaction logic and facilitate cross organization workflow, including but not limited to storage of data, access permissions, ordered work flow and computation.
“The term “public key” is used to refer to a cryptographic key that has been created with a public key cryptographic algorithm. A cryptographic key that can be used with a public-key cryptographic algorithm and is associated with an entity. It may also be called a “public key”.
“Private key” is a term that refers to a cryptographic key. “Private key” refers to a cryptographic secret that is used in conjunction with a public key cryptographic algorithm. It is unique and not public. Private keys can be stored on devices, in the local system and/or in hardware secure enclaves (HCE), but they can also be recorded off-line in hardware devices, off-line systems and/or on paper.
“The term?Public Key (asymmetrical) cryptographic algorithm” A cryptographic algorithm that uses two keys related to each other, a public and private key. These keys possess the property that it is computationally impossible to derive the private key from a public key.
“Random Number Generator” is a term that refers to a random number generator. “Random Number Generator” refers to Random Number Generators (RNGs), which are used in cryptographic applications. They typically produce a sequence consisting of zero and one bits, which can be combined into sub-sequences of random numbers or blocks. There are two main classes: deterministic or nondeterministic. An algorithm that generates a sequence from an initial value, called a seed, is a deterministic RNG. Nondeterministic RNGs produce output that is dependent upon an unpredictable physical source, which is beyond human control.
“Password” is a term that refers to a string of characters (letters, numbers, and other symbols) used to authenticate an identity or verify access authorization. A string of characters, including numbers and letters, that is used to verify access authorization or authenticate identity.
“The term secret key” is a reference to a cryptographic key that is used with a secret key cryptographic algorithm. “The term “secret key” refers to a cryptographic secret, which is used with a secret cryptographic algorithm and that is unique associated with one or several entities. It should not be made publicly.”
“The term “Public key certificate” is used. A set of data that uniquely identifies an organization, which contains its public key and is digitally signed to make it binding by a trusted party.
“The term “device”, ‘terminal?”, or?computer terminal” is interchangeable. It can be used interchangeably to refer to a mobile phone or tablet, cellular communication device, PDA, personal computer, or any other type of computing device.
“Referring now to the Figures, and especially to FIG. 1. FIG. FIG. 1 illustrates a process flow that uses an embodiment of the invention.
“At the setup phase (see FIG. 2. description below), each party creates a public/private pair for smart contact privacy. Each party then uploads their public key to the Public Keys smart contract. (PSC).
“The use case refers to party A initiating transaction (initiator) to recipient B, smart contract including private and public data 1, 2, etc. It may contain customer attributes like customer name, customer address, and bank account. These customer attributes are part of Known Your Customer transactions (KYC). These steps are followed:
“Referring now to the Figures, and especially to FIG. 2. FIG. FIG. 2 shows a flowchart that illustrates an aspect of the invention. It describes the setup stage and generates?public keys? smart contract. All parties who are interested in sharing data privately can use one public keys smart agreement. This includes all public keys that they used to create the smart contract privacy. A device belonging to a party that is willing to share private information will first check if the public key smart contract has expired at step 2.02. It creates a new smart contract with public keys if this is not the case. It then gets its public key at step 2.06 (generated by the generation a public key cert) and at steps 2.08 and 2.08, they include their public key into the public key smart contract. At step 2.10, it posts the transaction on the blockchain.
“Referring now to the Figures, and especially to FIG. 3. FIG. FIG. 3 shows a flowchart illustrating an aspect of the invention. It describes the role of a device called the initiator party in a transaction. Step 3.02 is where the initiator device generates an encrypted shared secret. Using strong random generators such as those described at FIPS PUB140-2 or using strong password. The shared secret can be unique to each smart-contract, unique to each private information item in each smart-contract, or unique to each update to the private data items. The initiator device does the following for each authorized recipient (3.04), who has access to the private data:
“Step 3.06: Retrieves the public key for the appropriate recipient from smart contract.
“Step 3.08: Encrypt the shared secret using the public key of the recipient.”
“At step 3.12 the initiator device encrypts private data using the sharedkey and at step 3.14 it post the transaction including all additional information (addresses and encrypted shared keys as well as public and private data, if any).
“Referring now to the Figures, and especially to FIG. 4. FIG. FIG. 4. This is a flowchart showing an aspect of the invention. It describes the role of the recipient party to a transaction. The recipient party is authorized to share private data with the initiator. The transaction is received by the device that plays the role of recipient at step 4.04. It uses its private key at step 4.08 to decrypt the encrypted shared key first after retrieving it via shared smart contract. This can be done using any asymmetric cryptographic algorithms. It used the decrypted share key at step 4.10 to decrypt encrypted private data. It stores the public data in step 4.10 and decrypts private data in its local secure cache. Even if the shared secret is changed, previous versions of encrypted data and associated shared secrets can be retrieved from the historical state storage blockchain. The principal benefits of the invention are: the public key and shared secret distribution happens using the blockchain smart contract, so no additional off chain solution is required; data can be made available to multiple recipients (as well the original sender); quick data retrieval from smart contracts.
“Refer to FIG. 5. This graphic illustrates, according a preferred embodiment of this invention, an example computerized system to implement the invention 500. These systems and methods can be implemented using software, hardware or a combination of both. These systems and methods can be implemented with one or more computing devices that may be physically or logically distinct from each other. You can also combine or merge different aspects of the described methods into other functions.
“In some embodiments, you could combine the system elements into one hardware device or separate them into multiple hardware devices.” Multiple hardware devices can be used to physically locate each other, either proximately or distantly.
The methods can be implemented in computer program products accessible from computer-readable or computer-usable storage media that contains program code for use with any computer or instruction execution system. Any apparatus that contains or stores the program code for use with the computer, instruction execution system, apparatus or device is a computer-usable storage medium.
“A data processing system that is suitable for storing and/or executing the corresponding program code may include at least one processor, coupled either directly or indirectly with computerized data storage devices like memory elements. Input/output devices (including keyboards, displays and pointing devices) can be used to input/output data (I/O). The system can also be coupled with other devices. To allow the data processing system’s ability to be connected to other systems, remote printers, or storage devices via interconnected private or public networks, network adapters can also be attached to it. The features can be implemented on a computer equipped with a touch-screen, LCD (liquid crystal display), touch screen, touch-pad, virtual monitor, or other type of display device for user interaction. It also includes a keyboard and input device such as a trackball or mouse, which allow the user to input information to the computer.
A computer program is a collection of instructions that can be used directly or indirectly in a computer. These systems and methods can be implemented with programming languages like C++, Assembly C#?, JAVA?, Flash. ActionScript, Visual Basic?, JavaScript?, PHP, Python, XML, HTML, etc. Or a combination of programming language, including compiled and interpreted languages. It can be deployed in any format, including standalone programs or modules, components, subroutines, or any other unit that is suitable for use within a computing environment. Software can include firmware, resident software and microcode. Protocols such as TCP/UDP/ICMP/HTTP/DNS/SOAP may be used in implementing interfaces between programming modules. These components and functionality can be implemented on any desktop OS running in a virtualized, non-virtualized environment. They can also be used with any programming language that is suitable for software development. Mac?, iOS?, Google? Android?, Unix?/X-Windows?, Windows Mobile?, Windows Phone?, Linux?, etc.”
“The processing system may be in communication to a computerized storage system. A data storage system may include either a relational or non-relational data store such as a MySQL. Other relational databases. You could also use other types of logical and physical databases. A database server could be used to store the data, such as Microsoft SQL Server? or Oracle?, IBM DB2? or SQLITE?. The data store can store information that identifies syntactical tag information and any other information necessary to operate on syntactical tag information. The processing system may use object-oriented programing and store data in objects. These embodiments may employ an object-relational mapping (ORM), which stores data objects in relational databases. Any number of data models can be used to implement the systems and methods described in this article. An RDBMS is an example of a possible implementation. These embodiments allow tables to include columns that indicate coordinates in the RDBMS. Environment tracking systems can store data that represents user events, virtual elements, and other information. Tables in the RDBMS can be used to store data. You can also have pre-defined relationships between the tables. You can also add to the coordinates by adding adjuncts to the tables.”
“Suitable processors are those that can execute a program of instructions, including general and special purpose microprocessors and one or more cores or processors of any type of computer. A processor can receive instructions and data from any computerized data storage device, such as a random access memory or read-only memory. Any processing circuitry or control circuitry that is used to control the operation and performance of an electronic device may be included in a processor.
“The processor can also be operatively coupled with one or more data storage device for storing data. These data storage devices include magnetic disks (including removable and internal hard drives), magneto-optical discs, optical disks as well as read-only, random access, flash storage, and magneto-optical disks. Non-volatile memory can be used to tangibly store computer program instructions or data. This includes all types of non-volatile memory such as flash memory devices, EPROM, EEPROM and flash memory devices. Magnetic disks, removable and internal hard disks, magneto-optical disks, CD-ROM and DVDROM disks. The processor and the memory can be supplemented by, or incorporated in, ASICs (application-specific integrated circuits).”
The systems, modules, or methods described herein are possible to implement using any combination of hardware and software elements. These systems, modules and methods can be implemented with one or more virtual machines, either operating in conjunction or as a stand-alone operation. Virtualization software can be used to encapsulate a physical computing platform into a virtual computer. You can have guest operating system software and virtual system hardware in your virtual machine.
“The systems and methods described in this article can be implemented in any computer system that has a back-end, such a data server, or a middleware, such an application server or Internet server. Or that has a front-end, such a client computer with a graphical user interface, an Internet browser, or any combination thereof. Any form of digital data communication, such as a network, can connect the components of the system. Communication networks can be described as a LAN, WAN or the networks of computers that make up the Internet.
“One or more embodiments may be used with other computer systems configurations including hand-held devices and microprocessors, microprocessor-based consumer electronics, mainframe computers, minicomputers, mainframes computers, or microprocessor-based microprocessor-based consumer electronics. The invention can also be used in distributed computing environments, where remote processing devices are connected through a network to perform tasks.
“Embodiments” are any physical or other computer-readable media that can be used to store and carry computer-executable instructions, and/or data structures. One or more of these processes may be implemented in part by instructions stored on a non-transitory computer readable medium that can be executed by any one or more computing devices. A processor, such as a microprocessor, receives instructions from a nontransitory computer-readable media (e.g. a memory, etc.). These instructions are then executed by the processor, which performs one or more of these processes.
Computer-readable media is any media that can be accessed using a general or special purpose computer system. Computer-readable media that contain computer-executable instruction are not-transitory computer readable storage media (devices). Transmission media are computer-readable media that contain computer-executable instruction. As an example, but not a limitation, disclosures can include at least two distinct types of computer-readable media: nontransitory computer readable storage media (devices), and transmission media.
Non-transitory computer-readable storage media include RAM, ROM and EEPROM. CD-ROM and solid state drives (?SSDs) are also included. (e.g., based upon RAM), Flash memory and phase-change memory? Other types of memory, Flash memory, phase-change memory (?PCM), or other magnetic storage devices.
“A ?network? “A?network?” is a set of data links that allow electronic data to be transferred between computers and/or modules, and/or other electronic devices. The computer correctly views the connection as a transmission medium when information is transmitted or received over a network or other communications connection (either wireless, hardwired, or a combination thereof), to a computer. Transmission media can contain a network or data links that can carry desired program codes in the form or computer-executable instruction or data structures. These can be accessed by general or special purpose computers. Computer-readable media can also include combinations of these.
“Further,” program code can be transmitted from non-transitory storage media to computer-readable media (devices) automatically upon reaching different computer system components. Computer-executable instructions and data structures can be buffered within RAM of a network interface module (e.g. a?NIC). The data is then transferred to computer system RAM or to less volatile computer storage media (devices), at a computer systems. It is possible to include non-transitory computer readable storage media (devices), in components of computer systems that also use transmission media, or even primarily.
Computer-executable instruction can be described as data and instructions that, when executed by a processor, cause a special purpose computer or general purpose computing device to perform a particular function or group functions. Computer-executable commands can be executed on a general purpose computer in order to transform it into a special-purpose computer that implements elements of the disclosure. Computer executable instructions can be binaries, intermediate format instruction such as assembly language or source code. The subject matter has been described using language that is specific to structural features and/or methodsological acts. However, the subject matter described in the appended claims does not necessarily include the above-described features or acts. The claims are not intended to be implemented in any way other than the examples shown.
“Those skilled in art will recognize that the disclosure can be used in network computing environments with many different computer system configurations. This includes personal computers, desktop computers and laptop computers, message processing devices, multiprocessor systems, microprocessor-based consumer electronics, network computers, minicomputers mainframe computers mobile telephones PDAs, tablets pagers watches routers switches, and the rest. It may also be used in distributed systems environments, where remote and local computer systems are linked through a network. Program modules can be found in both local and distant memory storage devices when operating in a distributed system environment.
“Privacy in Smart Contracts”
“The present invention uses a combination of symmetric and unsymmetric techniques to populate data into a visible shared ledger. The data is encrypted so that only predetermined parties can decrypt it, and thus read the data.”
“The invention allows the transfer of both symmetric and asymmetric keys via the blockchain. No other off-chain mechanism is necessary for the sharing keys. The overall solution is decentralized because there is no central authority or management function that issues certificates. In order to achieve data privacy, data encryption/decryption is performed outside of the blockchain (off-line chain) and so private data should be encrypted on the client side before storing the data into the smart contract.”
Each party creates a private/public key to manage smart contract privacy. The private data are encrypted using a shared secret and symmetric cryptographic algorithms such as Digital Encryption Standard. The smart contract privacy keys are used to encrypt the shared secret. These keys are then stored in the smart contract using a public key (asymmetrical) cryptographic algorithm like RSA encryption. A public/private key pair can be derived by using a public key certificate, which is generated using well-known software like Secure Sockets Layer.
“Refer to FIG. 6 illustrates Fast Retrieval Blockchain Smart Contracts Configuration.
A blockchain smart contract has the ability to create an event. An event is essentially a write to a local file. It occurs alongside any instance of the blockchain within a network. A listening client application can monitor and trigger events when they occur. This invention proposes to create an in memory data cache alongside each instance of the blockchain. Each time a smartcontract is updated by one of the accounts on the network’s blockchain instances, an event is generated. This triggers the cache to store the new state of the smart contract in its cache store. Because it contains privacy data, the cache should be protected and private as it can be decrypted using the recipient’s private key.
“3 Models for Private Key Configuration”
“”
“Private data that is encrypted in the smart contract or anywhere else on the node/server (e.g. It is assumed that the data will be processed only if it is stored in encrypted form in either the smart contract or elsewhere on the node/server (e.g. There are no knowledge-proof algorithms available. Private data processing will only take place at endpoints that have the data in an open (decrypted), format. The processing of private data may be subject to independent validation by other parties if they have received it in open (decrypted). The processing and validation of the process will be multi-step. Independent validation by the parties will be done by sending a smart contract a blockchain transaction. Only once all parties have confirmed that the processing is valid, can the processing be considered complete.
“Anonymous Privacy In Smart Contracts, FIG. 11-14”
“When a user (User 1) wants to share a secret (or smart contract) with another user (User 2,), User 2 will need a way to know that the secret was intended for them. This is usually done by keeping the secret along with the openly viewable public keys (or blockchain address) of the recipient (User 2). The intended recipient (User 2) may prefer anonymity and not reveal that they are the recipient of secret data in smart contracts.
“The answer is to have the intended recipient (Party 2) create an “Anonymous Mail Box Address?” An anonymous post box address is simply an identifier or key that has an associated value. Both of these values reside in the smart contracts.
“The Anonymous Post Box Address is created by User 2 and shared with the User 1. If User 2 has their private key (e.g. If User 2 has their own private key (e.g. User 2 can sign an Anonymous Post Box Address with their user private key and add that signature to the Post Box Address. Both are encrypted using User 1?s public key so that only User 1 can verify the proof. This creates an Anonymous Post Box Address. User 1 receives it in a smart contract.
“The anonymous sender (User 1) may then send shared secrets to the Anonymous Post Box Address using a smart contract that only the intended recipient (User2) will be able to read. The Anonymous Box Address secret can be decrypted using the private key of the intended recipient (User 2). Listening is the act of watching for a Blockchain event that is generated by a smart-contract when the sender (User 1) posts data to the Anonynous Mail Box Address in smart contracts. The listener then listens for the Anonymous Post Box Address.
FIG. 14-17: Anonymous Permissions in Smart Contracts, FIG. 14-17″
By coding rules (?if?) data write permissions can be enforced within a smart contract. Statements) about data updates that query the transaction sender. Every node will execute the code. This means that all nodes and thus every party on the network will see the public address (key) of the user being granted permission/checked.
“Users might wish to conceal the fact they are part of a smart contract and avoid having their public key (address), openly visible in that contract. You can achieve this by using a “Permission Secret?”
“Example: User 1 creates a smart-contract that allows only one user (User 2) to modify data items.
“User 1 will create a unique Permission secret. The Permission Secret is encrypted using User 2?s public key so that only User 2 can decrypt it. To ensure that the Permission Secret is kept secret, User 2 can send it to User 2 via an anonymous post box address. User 1 can have a different private key to the node’s private key. User 1’s identity will be hidden.
“User 1 will then modify the smart contract permission-checking code to include a hash key.”
“When User 2 is ready for modification of data in smart contact, it sends transaction which includes a decrypted copy (open) of the Permission Secret. The Permission Secret is then revealed to all nodes. The smart contract will then haveh the Permission Secret provided and compare it with the hashed Permission Secret provided by User 1. If the match is found, permission will be granted to modify the data. User 1 grants User 2 permission to modify smart contract data, but User 1 does not reveal their identities.
“The Right to be Forgotten”
“There are instances where users wish to have their data deleted from storage systems. Blockchain smart contracts can be used to physically remove historical user data. They also keep the historical state of blockchain smart contracts indefinitely.
The solution to implementing the Right to be Forgotten in blockchain smart contracts is to have data encrypted and decrypted using an intermediary public key by the sender. Data must not be shared with others users. The ability of other users to decrypt data must depend on the intermediary private keys that are hidden off-chain. This key is only accessible by the user who has shared their data. The sender will provide an off-chain service to decrypt data using the intermediary key. They can choose to forget the off-chain encryption service by disabling it and destroying the intermediary key.
Summary for “System and Method for Blockchain Smart Contract Data Privacy”
The following description contains information that could be helpful in understanding the invention. This description does not imply that any information contained herein is prior art, relevant to the presently claimed invention or that any publication explicitly or implicitly referred to is prior art.
“Importantly, although the operational/functional descriptions described herein are understandable by the human mind, they are not abstract ideas of the operations/functions divorced from computational implementation of those operations/functions. The operations/functions are a specification for massively complex computational machines and other means. As discussed in detail below, the operational/functional language must be read in its proper technological context, i.e., as concrete specifications for physical implementations.”
“The logical operations/functions discussed herein are a distillation or description of machine specifications, or other physical mechanisms specified in the operations/functions so that otherwise obscure machine specifications may be understandable to the human brain. The distillation also allows one of skill in the art to adapt the operational/functional description of the technology across many different specific vendors’ hardware configurations or platforms, without being limited to specific vendors’ hardware configurations or platforms.”
“Some of this technical description (e.g. detailed description, drawings claims, etc.) may be set forth in terms of logical operations/functions. These logical operations/functions do not represent abstract ideas. They are representative of the static or sequential specifications of various hardware components. However, those skilled in the art will understand the logical operations/functions to be representative of the static or sequenced specifications for various hardware elements. This is true because tools available to one of skill in the art to implement technical disclosures set forth in operational/functional formats?tools in the form of a high-level programming language (e.g., C, java, visual basic, etc. Tools in the form Very high-speed Hardware Description Language (VHDL)? (a language that uses text for describing logic circuits).) are generators of sequenced or static specifications of various hardware configurations. This is often obscured by the general term “software”. However, the term “software” can sometimes be misleading. is a shorthand for a massively complex interchaining/specification of ordered-matter elements. The term “ordered-matter element”? The term “ordered-matter elements” may be used to refer to physical components in computations such as electronic logic gates and molecular computing logic constituents.
“As outlined above, the reason for the use of functional/operational technical descriptions is at least twofold. First, the use of functional/operational technical descriptions allows near-infinitely complex machines and machine operations arising from interchained hardware elements to be described in a manner that the human mind can process (e.g., by mimicking natural language and logical narrative flow). Second, the use of functional/operational technical descriptions assists the person of skill in the art in understanding the described subject matter by providing a description that is more or less independent of any specific vendor’s piece(s) of hardware.”
“Despite the expressiveness of smart contracts and blockchain, transactional privacy is not available in the current form of these technologies. All actions in a smartcontract are visible to the public. They are also recorded and propagated on the network. They are public in that private data flows through all nodes on the blockchain.
It is inappropriate to make data visible to all parties to a blockchain network. Sometimes, one party may wish to share data with a specific party only. The data will not be visible to all parties on the blockchain.
Private data must be encrypted in order to protect data privacy. Two basic methods for encrypting information are symmetric encryption (also known secret key encryption) or asymmetric encryption. One key (or?shared secret?) is required for symmetric encryption. One key (?shared secret?) is used for both encryption and decryption in symmetric encryption. In asymmetric encryption, encryption is done using a public key, while decryption uses the private key. POP is a combination of public-key encryption and symmetric-key encryption. A symmetric encryption algorithm is used to encrypt the message, which requires a key. Each session key, which is also known as a symmetric key, is only used once. The receiver receives the message and its session keys. To decrypt the message, the session key must be sent by email to the receiver. However, encryption with the public key of the receiver is required to protect it during transmission.
“In addition to the privacy of smart contracts data, there is often an obligation to keep transaction anonymity secret from the majority network participants. We may also wish to allow certain participants to identify the person sending transactions.
“Finally one of the benefits of using blockchain smart contract to store and share information is the ability wrap data with permissions logic to limit who can modify it. This would require us to disclose the public keys of all parties who have granted permission. This is necessary so that smart contract code can be run independently by all nodes. In situations where participants do not want to disclose their identities to others in the network, this may not be feasible.
“It is desirable that these features are available on all standard blockchain smart contracts platforms.”
Smart contracts allow the storage of data in blockchain transactions. Performance is a problem with current contact implementation. Blockchains are being used as shared data storage, but they were not designed to allow fast retrieval data from smart contracts. This limits applications’ ability to take advantage of the blockchain environment and smart contract environment.
“?Hawk?”, a decentralized smart-contract system (see?Hawk : The Blockchain Model of Cryptography & Privacy-Preserving Smart Contracts) This framework is used to build privacy-preserving smart contract. Hawk-generated protocols assume that a special contractual party is called a manager (e.g. An auction manager) is added to the list of users.
“?Enigma? “?Enigma? Guy Zyskind and Oz Nathan. Alex Sandy. With guaranteed privacy, it is not accessible to a third party. Enigma connects to an existing blockchain to offload intensive and private computations to an offchain network.
“None the existing technologies or prior art can address nor provide an integrated solution to selectively control data privacy using blockchain applications.
“There is therefore a long-felt and unmet need to develop a system or method that solves the problems of the prior art.
“As used herein and throughout these claims, the meaning of ‘a? is: ?an,? ?an,? Unless the context clearly indicates otherwise, plural references are allowed. The meaning of ‘in? is also defined in this description. Also,?in? If the context clearly dictates otherwise, it includes?in? Unless the context clearly indicates otherwise.”
“All the methods described herein may be used in any order, unless otherwise specified or clearly contradicted with context. Any and all examples or exemplary languages (e.g. ?such as?) The information provided in respect of certain embodiments is meant to help illuminate the invention, and not limit the scope of the invention. The specification does not contain any language that could be understood as indicating an essential non-claimed element to the practice or application of the invention.
“Groupings of alternative elements and embodiments of the invention described herein should not be taken as limitations. Each member of a group can be claimed separately or together with other members or elements herein. A group may include or exclude one or more members for convenience or patentability. If such an inclusion or deletion occurs, the specification will be deemed to include the modified group and fulfill the written description of all Markush-groups used in the appended claims.
“The following description of preferred embodiments refers to the accompanying drawings, which form a part of this document and which show specific embodiments where the invention can be used. Other embodiments are possible and structural changes can be made without departing completely from the scope. You can practice the present invention according to these claims without any or all of these details. To be clear, the technical material in the technical fields relating to the invention have not been described in detail. This will not obscure the essence of the invention.
“Refer throughout this specification only to?one embodiment?” or ?an embodiment? It means that at least one embodiment includes a particular feature, structure or characteristic related to the embodiment. The phrases “in one embodiment” and “in another embodiment” are examples of this. Or?in one embodiment? This specification does not always refer to the same embodiment. You can combine the features, structures or characteristics in any way you like in any number of embodiments.
“While various embodiments will be discussed, it will be clear that the invention is not limited to these embodiments. The present technology, on the other hand, is intended to include alternative, modifications, and equivalents that may be included within scope and spirit of the various embodiments as described in the appended claims.
“Additionally, the following description of embodiments provides a detailed understanding of the current technology. The present technology can be used without these details. Other instances include well-known methods, components, circuits, and procedures that have not been described in sufficient detail to not unnecessarily obscure aspects.
“The term “crypto-currency” refers to any type of digital currency. Any type of digital currency is considered crypto-currency.
“The term “ledger” refers to a principal book or computer file for recording transactions. “The term?ledger” refers to a computer file or principal book that records transactions.
“The term “blockchain” is used to describe a public ledger that records peer-to-peer digital transactions such as Bitcom transactions. “Blockchain” refers to a public ledger that records peer-to-peer digital transactions, such as Bitcom transactions.
“Unless otherwise stated, it is appreciated, that the present description and explanations of embodiments use terms such as ‘computing?, or?detecting? ?calculating?, ?processing?, ?performing,? ?identifying,? ?determining? The actions and processes of a computer or similar electronic computing device, such as the computer system or the like, are referred to. A computer system or similar electronic computing device transforms data that is represented as physical (electronic), quantities in the computer’s registers and memory into data that is similarly represented within other information storage, transmission or display devices. This includes integrated circuits, microcode, hardware-based microcode, and chip level firmware.
“Smart contracts” is a term that refers to digital entities. Digital entities that can define complex transaction logic and facilitate cross organizational workflow, including storage of data, access permissions, ordered workflow, and computation, are called “smart contracts.” Digital entities that can define complex transaction logic and facilitate cross organization workflow, including but not limited to storage of data, access permissions, ordered work flow and computation.
“The term “public key” is used to refer to a cryptographic key that has been created with a public key cryptographic algorithm. A cryptographic key that can be used with a public-key cryptographic algorithm and is associated with an entity. It may also be called a “public key”.
“Private key” is a term that refers to a cryptographic key. “Private key” refers to a cryptographic secret that is used in conjunction with a public key cryptographic algorithm. It is unique and not public. Private keys can be stored on devices, in the local system and/or in hardware secure enclaves (HCE), but they can also be recorded off-line in hardware devices, off-line systems and/or on paper.
“The term?Public Key (asymmetrical) cryptographic algorithm” A cryptographic algorithm that uses two keys related to each other, a public and private key. These keys possess the property that it is computationally impossible to derive the private key from a public key.
“Random Number Generator” is a term that refers to a random number generator. “Random Number Generator” refers to Random Number Generators (RNGs), which are used in cryptographic applications. They typically produce a sequence consisting of zero and one bits, which can be combined into sub-sequences of random numbers or blocks. There are two main classes: deterministic or nondeterministic. An algorithm that generates a sequence from an initial value, called a seed, is a deterministic RNG. Nondeterministic RNGs produce output that is dependent upon an unpredictable physical source, which is beyond human control.
“Password” is a term that refers to a string of characters (letters, numbers, and other symbols) used to authenticate an identity or verify access authorization. A string of characters, including numbers and letters, that is used to verify access authorization or authenticate identity.
“The term secret key” is a reference to a cryptographic key that is used with a secret key cryptographic algorithm. “The term “secret key” refers to a cryptographic secret, which is used with a secret cryptographic algorithm and that is unique associated with one or several entities. It should not be made publicly.”
“The term “Public key certificate” is used. A set of data that uniquely identifies an organization, which contains its public key and is digitally signed to make it binding by a trusted party.
“The term “device”, ‘terminal?”, or?computer terminal” is interchangeable. It can be used interchangeably to refer to a mobile phone or tablet, cellular communication device, PDA, personal computer, or any other type of computing device.
“Referring now to the Figures, and especially to FIG. 1. FIG. FIG. 1 illustrates a process flow that uses an embodiment of the invention.
“At the setup phase (see FIG. 2. description below), each party creates a public/private pair for smart contact privacy. Each party then uploads their public key to the Public Keys smart contract. (PSC).
“The use case refers to party A initiating transaction (initiator) to recipient B, smart contract including private and public data 1, 2, etc. It may contain customer attributes like customer name, customer address, and bank account. These customer attributes are part of Known Your Customer transactions (KYC). These steps are followed:
“Referring now to the Figures, and especially to FIG. 2. FIG. FIG. 2 shows a flowchart that illustrates an aspect of the invention. It describes the setup stage and generates?public keys? smart contract. All parties who are interested in sharing data privately can use one public keys smart agreement. This includes all public keys that they used to create the smart contract privacy. A device belonging to a party that is willing to share private information will first check if the public key smart contract has expired at step 2.02. It creates a new smart contract with public keys if this is not the case. It then gets its public key at step 2.06 (generated by the generation a public key cert) and at steps 2.08 and 2.08, they include their public key into the public key smart contract. At step 2.10, it posts the transaction on the blockchain.
“Referring now to the Figures, and especially to FIG. 3. FIG. FIG. 3 shows a flowchart illustrating an aspect of the invention. It describes the role of a device called the initiator party in a transaction. Step 3.02 is where the initiator device generates an encrypted shared secret. Using strong random generators such as those described at FIPS PUB140-2 or using strong password. The shared secret can be unique to each smart-contract, unique to each private information item in each smart-contract, or unique to each update to the private data items. The initiator device does the following for each authorized recipient (3.04), who has access to the private data:
“Step 3.06: Retrieves the public key for the appropriate recipient from smart contract.
“Step 3.08: Encrypt the shared secret using the public key of the recipient.”
“At step 3.12 the initiator device encrypts private data using the sharedkey and at step 3.14 it post the transaction including all additional information (addresses and encrypted shared keys as well as public and private data, if any).
“Referring now to the Figures, and especially to FIG. 4. FIG. FIG. 4. This is a flowchart showing an aspect of the invention. It describes the role of the recipient party to a transaction. The recipient party is authorized to share private data with the initiator. The transaction is received by the device that plays the role of recipient at step 4.04. It uses its private key at step 4.08 to decrypt the encrypted shared key first after retrieving it via shared smart contract. This can be done using any asymmetric cryptographic algorithms. It used the decrypted share key at step 4.10 to decrypt encrypted private data. It stores the public data in step 4.10 and decrypts private data in its local secure cache. Even if the shared secret is changed, previous versions of encrypted data and associated shared secrets can be retrieved from the historical state storage blockchain. The principal benefits of the invention are: the public key and shared secret distribution happens using the blockchain smart contract, so no additional off chain solution is required; data can be made available to multiple recipients (as well the original sender); quick data retrieval from smart contracts.
“Refer to FIG. 5. This graphic illustrates, according a preferred embodiment of this invention, an example computerized system to implement the invention 500. These systems and methods can be implemented using software, hardware or a combination of both. These systems and methods can be implemented with one or more computing devices that may be physically or logically distinct from each other. You can also combine or merge different aspects of the described methods into other functions.
“In some embodiments, you could combine the system elements into one hardware device or separate them into multiple hardware devices.” Multiple hardware devices can be used to physically locate each other, either proximately or distantly.
The methods can be implemented in computer program products accessible from computer-readable or computer-usable storage media that contains program code for use with any computer or instruction execution system. Any apparatus that contains or stores the program code for use with the computer, instruction execution system, apparatus or device is a computer-usable storage medium.
“A data processing system that is suitable for storing and/or executing the corresponding program code may include at least one processor, coupled either directly or indirectly with computerized data storage devices like memory elements. Input/output devices (including keyboards, displays and pointing devices) can be used to input/output data (I/O). The system can also be coupled with other devices. To allow the data processing system’s ability to be connected to other systems, remote printers, or storage devices via interconnected private or public networks, network adapters can also be attached to it. The features can be implemented on a computer equipped with a touch-screen, LCD (liquid crystal display), touch screen, touch-pad, virtual monitor, or other type of display device for user interaction. It also includes a keyboard and input device such as a trackball or mouse, which allow the user to input information to the computer.
A computer program is a collection of instructions that can be used directly or indirectly in a computer. These systems and methods can be implemented with programming languages like C++, Assembly C#?, JAVA?, Flash. ActionScript, Visual Basic?, JavaScript?, PHP, Python, XML, HTML, etc. Or a combination of programming language, including compiled and interpreted languages. It can be deployed in any format, including standalone programs or modules, components, subroutines, or any other unit that is suitable for use within a computing environment. Software can include firmware, resident software and microcode. Protocols such as TCP/UDP/ICMP/HTTP/DNS/SOAP may be used in implementing interfaces between programming modules. These components and functionality can be implemented on any desktop OS running in a virtualized, non-virtualized environment. They can also be used with any programming language that is suitable for software development. Mac?, iOS?, Google? Android?, Unix?/X-Windows?, Windows Mobile?, Windows Phone?, Linux?, etc.”
“The processing system may be in communication to a computerized storage system. A data storage system may include either a relational or non-relational data store such as a MySQL. Other relational databases. You could also use other types of logical and physical databases. A database server could be used to store the data, such as Microsoft SQL Server? or Oracle?, IBM DB2? or SQLITE?. The data store can store information that identifies syntactical tag information and any other information necessary to operate on syntactical tag information. The processing system may use object-oriented programing and store data in objects. These embodiments may employ an object-relational mapping (ORM), which stores data objects in relational databases. Any number of data models can be used to implement the systems and methods described in this article. An RDBMS is an example of a possible implementation. These embodiments allow tables to include columns that indicate coordinates in the RDBMS. Environment tracking systems can store data that represents user events, virtual elements, and other information. Tables in the RDBMS can be used to store data. You can also have pre-defined relationships between the tables. You can also add to the coordinates by adding adjuncts to the tables.”
“Suitable processors are those that can execute a program of instructions, including general and special purpose microprocessors and one or more cores or processors of any type of computer. A processor can receive instructions and data from any computerized data storage device, such as a random access memory or read-only memory. Any processing circuitry or control circuitry that is used to control the operation and performance of an electronic device may be included in a processor.
“The processor can also be operatively coupled with one or more data storage device for storing data. These data storage devices include magnetic disks (including removable and internal hard drives), magneto-optical discs, optical disks as well as read-only, random access, flash storage, and magneto-optical disks. Non-volatile memory can be used to tangibly store computer program instructions or data. This includes all types of non-volatile memory such as flash memory devices, EPROM, EEPROM and flash memory devices. Magnetic disks, removable and internal hard disks, magneto-optical disks, CD-ROM and DVDROM disks. The processor and the memory can be supplemented by, or incorporated in, ASICs (application-specific integrated circuits).”
The systems, modules, or methods described herein are possible to implement using any combination of hardware and software elements. These systems, modules and methods can be implemented with one or more virtual machines, either operating in conjunction or as a stand-alone operation. Virtualization software can be used to encapsulate a physical computing platform into a virtual computer. You can have guest operating system software and virtual system hardware in your virtual machine.
“The systems and methods described in this article can be implemented in any computer system that has a back-end, such a data server, or a middleware, such an application server or Internet server. Or that has a front-end, such a client computer with a graphical user interface, an Internet browser, or any combination thereof. Any form of digital data communication, such as a network, can connect the components of the system. Communication networks can be described as a LAN, WAN or the networks of computers that make up the Internet.
“One or more embodiments may be used with other computer systems configurations including hand-held devices and microprocessors, microprocessor-based consumer electronics, mainframe computers, minicomputers, mainframes computers, or microprocessor-based microprocessor-based consumer electronics. The invention can also be used in distributed computing environments, where remote processing devices are connected through a network to perform tasks.
“Embodiments” are any physical or other computer-readable media that can be used to store and carry computer-executable instructions, and/or data structures. One or more of these processes may be implemented in part by instructions stored on a non-transitory computer readable medium that can be executed by any one or more computing devices. A processor, such as a microprocessor, receives instructions from a nontransitory computer-readable media (e.g. a memory, etc.). These instructions are then executed by the processor, which performs one or more of these processes.
Computer-readable media is any media that can be accessed using a general or special purpose computer system. Computer-readable media that contain computer-executable instruction are not-transitory computer readable storage media (devices). Transmission media are computer-readable media that contain computer-executable instruction. As an example, but not a limitation, disclosures can include at least two distinct types of computer-readable media: nontransitory computer readable storage media (devices), and transmission media.
Non-transitory computer-readable storage media include RAM, ROM and EEPROM. CD-ROM and solid state drives (?SSDs) are also included. (e.g., based upon RAM), Flash memory and phase-change memory? Other types of memory, Flash memory, phase-change memory (?PCM), or other magnetic storage devices.
“A ?network? “A?network?” is a set of data links that allow electronic data to be transferred between computers and/or modules, and/or other electronic devices. The computer correctly views the connection as a transmission medium when information is transmitted or received over a network or other communications connection (either wireless, hardwired, or a combination thereof), to a computer. Transmission media can contain a network or data links that can carry desired program codes in the form or computer-executable instruction or data structures. These can be accessed by general or special purpose computers. Computer-readable media can also include combinations of these.
“Further,” program code can be transmitted from non-transitory storage media to computer-readable media (devices) automatically upon reaching different computer system components. Computer-executable instructions and data structures can be buffered within RAM of a network interface module (e.g. a?NIC). The data is then transferred to computer system RAM or to less volatile computer storage media (devices), at a computer systems. It is possible to include non-transitory computer readable storage media (devices), in components of computer systems that also use transmission media, or even primarily.
Computer-executable instruction can be described as data and instructions that, when executed by a processor, cause a special purpose computer or general purpose computing device to perform a particular function or group functions. Computer-executable commands can be executed on a general purpose computer in order to transform it into a special-purpose computer that implements elements of the disclosure. Computer executable instructions can be binaries, intermediate format instruction such as assembly language or source code. The subject matter has been described using language that is specific to structural features and/or methodsological acts. However, the subject matter described in the appended claims does not necessarily include the above-described features or acts. The claims are not intended to be implemented in any way other than the examples shown.
“Those skilled in art will recognize that the disclosure can be used in network computing environments with many different computer system configurations. This includes personal computers, desktop computers and laptop computers, message processing devices, multiprocessor systems, microprocessor-based consumer electronics, network computers, minicomputers mainframe computers mobile telephones PDAs, tablets pagers watches routers switches, and the rest. It may also be used in distributed systems environments, where remote and local computer systems are linked through a network. Program modules can be found in both local and distant memory storage devices when operating in a distributed system environment.
“Privacy in Smart Contracts”
“The present invention uses a combination of symmetric and unsymmetric techniques to populate data into a visible shared ledger. The data is encrypted so that only predetermined parties can decrypt it, and thus read the data.”
“The invention allows the transfer of both symmetric and asymmetric keys via the blockchain. No other off-chain mechanism is necessary for the sharing keys. The overall solution is decentralized because there is no central authority or management function that issues certificates. In order to achieve data privacy, data encryption/decryption is performed outside of the blockchain (off-line chain) and so private data should be encrypted on the client side before storing the data into the smart contract.”
Each party creates a private/public key to manage smart contract privacy. The private data are encrypted using a shared secret and symmetric cryptographic algorithms such as Digital Encryption Standard. The smart contract privacy keys are used to encrypt the shared secret. These keys are then stored in the smart contract using a public key (asymmetrical) cryptographic algorithm like RSA encryption. A public/private key pair can be derived by using a public key certificate, which is generated using well-known software like Secure Sockets Layer.
“Refer to FIG. 6 illustrates Fast Retrieval Blockchain Smart Contracts Configuration.
A blockchain smart contract has the ability to create an event. An event is essentially a write to a local file. It occurs alongside any instance of the blockchain within a network. A listening client application can monitor and trigger events when they occur. This invention proposes to create an in memory data cache alongside each instance of the blockchain. Each time a smartcontract is updated by one of the accounts on the network’s blockchain instances, an event is generated. This triggers the cache to store the new state of the smart contract in its cache store. Because it contains privacy data, the cache should be protected and private as it can be decrypted using the recipient’s private key.
“3 Models for Private Key Configuration”
“”
“Private data that is encrypted in the smart contract or anywhere else on the node/server (e.g. It is assumed that the data will be processed only if it is stored in encrypted form in either the smart contract or elsewhere on the node/server (e.g. There are no knowledge-proof algorithms available. Private data processing will only take place at endpoints that have the data in an open (decrypted), format. The processing of private data may be subject to independent validation by other parties if they have received it in open (decrypted). The processing and validation of the process will be multi-step. Independent validation by the parties will be done by sending a smart contract a blockchain transaction. Only once all parties have confirmed that the processing is valid, can the processing be considered complete.
“Anonymous Privacy In Smart Contracts, FIG. 11-14”
“When a user (User 1) wants to share a secret (or smart contract) with another user (User 2,), User 2 will need a way to know that the secret was intended for them. This is usually done by keeping the secret along with the openly viewable public keys (or blockchain address) of the recipient (User 2). The intended recipient (User 2) may prefer anonymity and not reveal that they are the recipient of secret data in smart contracts.
“The answer is to have the intended recipient (Party 2) create an “Anonymous Mail Box Address?” An anonymous post box address is simply an identifier or key that has an associated value. Both of these values reside in the smart contracts.
“The Anonymous Post Box Address is created by User 2 and shared with the User 1. If User 2 has their private key (e.g. If User 2 has their own private key (e.g. User 2 can sign an Anonymous Post Box Address with their user private key and add that signature to the Post Box Address. Both are encrypted using User 1?s public key so that only User 1 can verify the proof. This creates an Anonymous Post Box Address. User 1 receives it in a smart contract.
“The anonymous sender (User 1) may then send shared secrets to the Anonymous Post Box Address using a smart contract that only the intended recipient (User2) will be able to read. The Anonymous Box Address secret can be decrypted using the private key of the intended recipient (User 2). Listening is the act of watching for a Blockchain event that is generated by a smart-contract when the sender (User 1) posts data to the Anonynous Mail Box Address in smart contracts. The listener then listens for the Anonymous Post Box Address.
FIG. 14-17: Anonymous Permissions in Smart Contracts, FIG. 14-17″
By coding rules (?if?) data write permissions can be enforced within a smart contract. Statements) about data updates that query the transaction sender. Every node will execute the code. This means that all nodes and thus every party on the network will see the public address (key) of the user being granted permission/checked.
“Users might wish to conceal the fact they are part of a smart contract and avoid having their public key (address), openly visible in that contract. You can achieve this by using a “Permission Secret?”
“Example: User 1 creates a smart-contract that allows only one user (User 2) to modify data items.
“User 1 will create a unique Permission secret. The Permission Secret is encrypted using User 2?s public key so that only User 2 can decrypt it. To ensure that the Permission Secret is kept secret, User 2 can send it to User 2 via an anonymous post box address. User 1 can have a different private key to the node’s private key. User 1’s identity will be hidden.
“User 1 will then modify the smart contract permission-checking code to include a hash key.”
“When User 2 is ready for modification of data in smart contact, it sends transaction which includes a decrypted copy (open) of the Permission Secret. The Permission Secret is then revealed to all nodes. The smart contract will then haveh the Permission Secret provided and compare it with the hashed Permission Secret provided by User 1. If the match is found, permission will be granted to modify the data. User 1 grants User 2 permission to modify smart contract data, but User 1 does not reveal their identities.
“The Right to be Forgotten”
“There are instances where users wish to have their data deleted from storage systems. Blockchain smart contracts can be used to physically remove historical user data. They also keep the historical state of blockchain smart contracts indefinitely.
The solution to implementing the Right to be Forgotten in blockchain smart contracts is to have data encrypted and decrypted using an intermediary public key by the sender. Data must not be shared with others users. The ability of other users to decrypt data must depend on the intermediary private keys that are hidden off-chain. This key is only accessible by the user who has shared their data. The sender will provide an off-chain service to decrypt data using the intermediary key. They can choose to forget the off-chain encryption service by disabling it and destroying the intermediary key.
Click here to view the patent on Google Patents.