[Linux-aus] Grant application Cryptoproof

Adam Nielsen a.nielsen at shikadi.net
Tue Mar 14 00:58:18 AEDT 2017 

> "I don't believe that cryptoproof is fundamentally capable of achieving 
> it's stated goal of proving a physical object is unique and/or genuine"
> 
> I get this a lot. This tells me that the community member has failed to 
> understand how it works. In a previous comment it was expressed that it 
> wasn't clear how the service would generate revenue even though it's 
> outlined specifically in the announcement section of the website itself.
> The ann page gives explicit reasoning as to why the service is trustless 
> and how it achieves it's goals - 
> https://bitcointalk.org/index.php?topic=1579977.msg15863685#msg15863685
> It's certainly not a concept that's easily grasped, I myself had to 
> wrestle with it for a while but if community members have any points 
> they would like me to clarify or any scenarios that don't seem to make 
> sense please let me know and I'll be happy address them.

// TL;DR: There seem to be a number of unanswered questions and after
// trying to understand what the proposed online service will do, I
// am struggling to find any scenario where it provides something that
// cannot be done already with existing means.

// The long version:

Hi Derren,

I'm also struggling to understand so please bear with me.  Having read
your post at the link, this is my understanding of it.

 * The Bitcoin BIP32 proposal allows people to take an existing Bitcoin
   account/address and deterministically generate additional accounts
   from it, which can be used for sending payment to the original
   account owner, even without access to the original account's private
   key.  The example given is that a web server can create a new address
   for each online shopping transaction, without having access to the
   merchant's private key, and thus funds cannot be spent if the server
   is compromised.

 * Your proposal is based around the idea that these generated keys can
   be traced back to the original parent key, to prove that they are
   all owned by the same entity.

 * You propose to do this by storing the original (public) key (Bitcoin
   account number) on servers controlled by you, and providing a
   service to verify that any given child key/account is attached to
   this parent.

 * The parent key is public, so anyone can also perform this
   verification themselves, with suitable software and no need to
   trust a third party.

 * A merchant needs an SSL certificate hosted at a HTTPS URL in order
   to verify their identity with your proposed service.  Why can't the
   merchant just display the child key (=Bitcoin account number for
   payment) to their customers during checkout, with verification
   provided by the encrypted HTTPS connection and SSL certificate?

 * You propose to record each time a child key is queried through your
   service, under the assumption that the first query will be from the
   original purchaser.  If a query is performed and it is not the first,
   then you seem to suggest that this could mean the item being
   purchased is counterfeit, however this does not make sense to me -
   why would a counterfeiter ask you to pay the original company?

 * You propose that this same query mechanism can be used to confirm
   that only one copy of the item is in existence, by checking how many
   times a child key has been "submitted" previously.  However a
   merchant can simply generate more child addresses at will, so I do
   not see how this mechanism alone would guarantee uniqueness.

 * You say that by branding each purchased item (which I assume means
   physically marking the merchandise with the child key) it will ensure
   that the customer receives the item that was sent, and will quickly
   discover if it has been substituted with another item during
   transit.  This doesn't make a lot of sense to me.  Why does the
   merchant need your service for this?  They have already told the
   customer where to send payment over a secure HTTPS connection, so
   they can just stamp this unique account number on the merchandise
   without using your service and the customer will know what
   identifier to look for.  Also, what's to stop someone intercepting
   the package and simply reading off this watermark and applying it to
   their counterfeit product anyway?

If I am misunderstanding something please correct me.

As far as I can make out, BIP32 suggests that anyone can verify that a
given child key belongs to a given parent key, so there does not appear
to be the need for an online service to do this, other than convenience
until it is included in standard Bitcoin wallet software.

I also cannot see how recording the number of times an address has been
used would prevent counterfeiting.  You can already look up Bitcoin
addresses on blockchain.info to see whether an address has been used
previously or not, so I can't see what your proposed service would add
in this regard.

Lastly, I can't see how physically marking the merchandise would
prevent counterfeiting, and even if it did, I can't see why your
service would need to be involved when the merchant and customer
already have a secure communication channel where they can tell each
other what markings to look for to check product authenticity.

This has turned out to be a rather long message for which I apologise,
but it seems I am grossly misunderstanding how your proposed service
would work!  With the understanding I have as I write this, it seems
that the proposal doesn't really add anything to the Bitcoin ecosystem
that isn't there already.

Hopefully you can explain what I am missing.

Kind regards,
Adam.

More information about the linux-aus mailing list