Subnostr

Cryptography-savvy people: I am curious, is the following possible?

1) Company A gives employee B a (software and/or hardware) device that allows B to do something, e.g. sign certain transactions in the name of A.

2) B uses the device during his employment.

3) At the end of his employment, B sends A cryptographic proof that he has destroyed the device, i.e. that he is no longer able to sign transactions in the name of A.

Obviously, simply giving B a private key will not work for this, since that can always be written down on a paper napkin. But can a private key be wrapped in some layer of cryptography that still allows for it to be used, and provably destroyed at some point?

#asknostr

Reply to this note

Please Login to reply.

Discussion

[ARCHIVED] Jay 2y ago

One solution is that Company A controls the key and sets up a server and authorizes Employee B to send data to be signed. B never holds the key, just a token that allows access to a signing mechanism. A can revoke the token at any time and remove B's access.

A can't give B something that gives them sovereignty if they want the power to take it away in the future, so they have to retain sovereignty over the signer or have complete control of the employee.