Replying to Avatar DataNostrum

Cryptography-savvy people: I am curious, is the following possible?

1) Company A gives employee B a (software and/or hardware) device that allows B to do something, e.g. sign certain transactions in the name of A.

2) B uses the device during his employment.

3) At the end of his employment, B sends A cryptographic proof that he has destroyed the device, i.e. that he is no longer able to sign transactions in the name of A.

Obviously, simply giving B a private key will not work for this, since that can always be written down on a paper napkin. But can a private key be wrapped in some layer of cryptography that still allows for it to be used, and provably destroyed at some point?

#asknostr
Avatar
[ARCHIVED] Jay 2y ago

One solution is that Company A controls the key and sets up a server and authorizes Employee B to send data to be signed. B never holds the key, just a token that allows access to a signing mechanism. A can revoke the token at any time and remove B's access.

A can't give B something that gives them sovereignty if they want the power to take it away in the future, so they have to retain sovereignty over the signer or have complete control of the employee.

Reply to this note

Please Login to reply.

Discussion

Avatar
DataNostrum 2y ago

Thanks - I am not really looking for an implementation of the above scenario that is as favorable as possible to A. Rather, I am wondering whether there could exist a technique to provably destroy such a "wrapped" key by B (not by A).

Avatar
[ARCHIVED] Jay 2y ago

Ah I see. Maybe you can do it with Bitcoin.

Company A sends Employee B some bitcoin C on-chain, where B controls the keys.

B can verify to others that they have control of that bitcoin as proof that A has given them authorization to sign certain data on their behalf, assuming the opposing party knows that the bitcoin was really issued by A.

When B wants to destroy their authorization, they send the bitcoin back to A.