Subnostr

One solution is that Company A controls the key and sets up a server and authorizes Employee B to send data to be signed. B never holds the key, just a token that allows access to a signing mechanism. A can revoke the token at any time and remove B's access.

A can't give B something that gives them sovereignty if they want the power to take it away in the future, so they have to retain sovereignty over the signer or have complete control of the employee.

DataNostrum 2y ago

Thanks - I am not really looking for an implementation of the above scenario that is as favorable as possible to A. Rather, I am wondering whether there could exist a technique to provably destroy such a "wrapped" key by B (not by A).

Reply to this note

Please Login to reply.

Discussion

[ARCHIVED] Jay 2y ago

Ah I see. Maybe you can do it with Bitcoin.

Company A sends Employee B some bitcoin C on-chain, where B controls the keys.

B can verify to others that they have control of that bitcoin as proof that A has given them authorization to sign certain data on their behalf, assuming the opposing party knows that the bitcoin was really issued by A.

When B wants to destroy their authorization, they send the bitcoin back to A.