[Cryptography] Proof that a blockchain address belongs to a known organisation.

Michael Kjörling michael at kjorling.se
Mon Feb 28 13:07:50 EST 2022

On 25 Feb 2022 18:33 +0100, from fredrik.wahlgren at gmail.com (Fredrik Wahlgren):
> As far as I can see, that address could only belong to the red cross as
> long as you trust the math and the Certificate Authority. There can’t be
> any other address wit this special nft that looks like it belongs to the
> red cross.

I'm not so sure. Even assuming for a second that the certificate
actually includes the name of the organisation (basically, requiring
an OV or EV certificate for the purpose), doesn't this at the very
most prove only that the wallet address in question belongs to _an_
organization named "The Red Cross", which might not necessarily be
_the_ "Red Cross" that the user is being led to believe?

Said differently, how does this defend against something like the 2017
Ian Carroll "Stripe, Inc" or James Burton "Identity Verified" attacks?
How does this dynamic change if the attacker is also in a position to
coerce a trusted CA to issue a certificate, such as perhaps an
authoritarian government might be able to?

Keeping in mind that any sufficiently motivated scammer can easily set
up a web site that looks perfectly like the official Red Cross web
site (or whichever other organization the scammer is looking to pose
as), even under a look-alike domain name if they are so inclined. It
might get taken down quickly for being fraudulent, but especially in a
quickly developing situation, quite possibly not quickly enough.

Wouldn't a simpler way to do this be for the _legitimate_ organization
to prominently display the address in question in some usable format
on, say, a "donate" page on their official web site; considering also
that their official web site would very likely already rank quite
highly in search results for the organization's name? That site is
almost certainly already served over HTTPS, so given that "you trust
the math and the CA" you _already_ have a trusted path to what you
believe is the organization's official source of information about
themselves; and if you don't trust HTTPS, why should you trust an even
more convoluted scheme that seems to try to replicate a subset of the
guarantees HTTPS gives you?

If for whatever reason a potential donor is still concerned, they can
also look up other contact details for the organization in question
elsewhere and contact them out-of-band to verify the wallet address. I
have done that myself on at least one occasion when something didn't
quite add up.

Michael Kjörling • https://michael.kjorling.semichael at kjorling.se
 “Remember when, on the Internet, nobody cared that you were a dog?”

More information about the cryptography mailing list