[Cryptography] Proof that a blockchain address belongs to a known organisation.

[Bryan Bishop]

On Tue, Mar 1, 2022 at 5:53 PM Ben Laurie <ben at links.org> wrote:

> Whether the original requirements ("You want to prove that a certain
> address belongs to the red cross and could not possibly be owned by anyone
> else.") are *actually* what you want to prove is another question.
>

Indeed. Once a payment is made, the receiver can say that they did not
successfully receive, even if the recipient originally attested to owning
the used address. Such an attestation can be removed (deleted from a
website), revoked, difficult to verify for users, plus there's
man-in-the-middle issues. There could be an interactive proof protocol
where the receiver signmessages using the secret key against a user chosen
message, but this would only show that someone somewhere at some time had
access to the secret key-- a good start if your goal is to merely ensure
that you never send bitcoin to an unusable key, I guess.

A fraudulent sender can also make the claim that one of his bitcoin
payments is paying the merchant ("if you don't have access to the coins,
then your wallet must have a problem- not my problem, it's in the
blockchain") when the sender really still does have access to the coins.
Invoice fraud is often a problem for big corporates; the fraudster would
forge an invoice, insert a real address that the fraudster controls, and
show it as evidence of payment to an unsuspecting company.

Also, I have not considered this in depth, but if you must trust a CA for
setting up your payment (even if you are using bitcoin) then you may be
losing a lot of decentralization/decentralized trustlessness?

- Bryan
https://twitter.com/kanzure
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220301/3e0e5689/attachment.htm>