[Cryptography] Proof that a blockchain address belongs to a known organisation.

Fredrik Wahlgren fredrik.wahlgren at gmail.com
Fri Feb 25 12:33:24 EST 2022 

Let’s say you are a charitable organisation like the red cross and that you
now want to accept cryptocurrency donations. You want to prove that a
certain address belongs to the red cross and could not possibly be owned by
anyone else. How do you do?

This problem is different from how a stranger could prove that they hold
the private keys to a given address. You could give them a string like ”It
was a cold and stormy night” and then that stranger would encrypt using the
private key. Now you decrypt it using the public key and if you get that
string, then that stranger owns whatever there is. But it only proves
ownership, it doesn’t tell who the stranger it, it could be a scammer
dressed like a red cross employee.

I think I have found a solution and it os pretty simple.

1) Let your wallet create a receiving address.
2) Create a pdf and enter the address you just created.
3) Sign the pdf using a trusted CA, why not the same used to digitally sign
the wallet.
4) The pdf should now be minted as an ntf and sent to the address created
in the first step.

Now, let’s say you want to donate some coins becuse you trust the red cross
will use those coins for the purpose they claim like humanitarian help in
the Ukraine. You certainly don’t want russian scammers to be the
recipients. How do you do? This requires some additional coding for the
wallet. Minting the ntf should be automated.

1) Enter the address you think is right.
2) The wallet should recognise the existense of a special ntf, a special
purpose ntf.
3) The wallet needs to check that the address in the ntf matches the
address where it resides.
4) Check the integrity of the file, after all it could have been damaged at
some point.
5) Check if the certificate has expired or been revoked.
6) If everything checks, show the name of the entity that signed the pdf
which can be found in the signature. The red cross.

As far as I can see, that address could only belong to the red cross as
long as you trust the math and the Certificate Authority. There can’t be
any other address wit this special nft that looks like it belongs to the
red cross.

I think it solves a very real problem. However, it only works for companies
and charitable organisations. It doesn’t work well for ”John Smith”.

What are your thoughts? Are there any weaknesses? Could it be done some
other way?

/Fredrik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220225/15e3b29c/attachment.htm>

More information about the cryptography mailing list