The Uniform Resources specification is one of Blockchain Commons’ most notable wallet enhancements of 2020: it enables airgapped PSBTs and is supported through a variety of reference libraries, including C++ and Swift implementations. Third parties have already ported the UR encoder to Python, Java, and Rust.
Uniform Resources, or URs, are a method for encoding binary data in plain text strings that are also well-formed URIs. They are simultaneously intended to address the challenges of QR codes, which are the main way that Bitcoin wallets transmit data across airgaps. While QR codes themselves are standard, the data encoded within QR codes is not, resulting in inconsistent usage among developers.
URs were created to resolve these interoperability issues by creating a standardized method for encoding binary data. They’re built on CBOR, the Concise Binary Object Representation described in IETF RFC 7049. The CBOR data is encoded in a typed UR object, which creates a self-describing, structured binary representation. URs can be transmitted as text or encoded via other means, including QR codes. Once received, URs can be decoded by different apps on different machines without having to guess about the contents or the encoding methods.
Blockchain Commons has recently released v2.0 of our Learning Bitcoin from the Command Line course.
Learning Bitcoin was one of our first projects, launched back in 2017 with support from Blockstream. The intent of the course was to teach the fundamentals of Bitcoin programming through Bitcoin Core and its RPC-based command-line interface. We chose this methodology because Bitcoin Core is one of the most robust, secure, and safe cryptocurrency interfaces in existence. We believe it’s the solid foundation for programming Bitcoin; it also allows you to interact with Bitcoin in a way that teaches the fundamentals.
Blockchain Commons’ overarcing goal has always been to improve the open infrastructure of the blockchain industry, and one of the ways to do that is to build the next generation of engineers. Our course was very successful in this regard. It has helped Bitcoin novices to become Bitcoin developers: some have created their own open-source projects and others have been hired for entry-level jobs. Some of Blockchain Commons’ own engineers, including many of our interns, got their start with the Learning Bitcoin course. Even GitHub’s raw numbers reveal the interest in the course, with 100 Watches, 350 Forks, and 1300 Stars.
However, Bitcoin is still undergoing rapid development, which led to the need for v2.0 of the course, to update it for the most recent releases Bitcoin 0.20.0 & 0.20.1: every example in the course has been updated and revised accordingly. The updated course has also has been expanded to include a number of new topics. New sections discuss wallet descriptors, SegWit, and how SegWit’s new transaction types interact with Bitcoin Scripts. We’ve also added new chapters for larger topics:
- A chapter on PSBTs looks at Partially Signed Bitcoin Transactions as well as how they can be used with Bitcoin Core’s Hardware Interface.
- Though our focus is on the command-line interface, we also show how to create simple C programs to talk to Bitcoin Core using RPC and ZMQ (zeromq.org) libraries.
- Libwally from Blockstream is a great library to use with command-line programs, so another new Chapter covers leveraging its wallet and other cryptographic features.
- We also touch upon RPC programming in Go, Java, NodeJS, Python, Rust, and Swift.
- Finally, we’re proud to present our first look at using the Lightning Network from the command-line interface, focusing on Blockstream’s C-Lightning, in a two chapter finale to the book.
Bitcoin is quickly evolving, but the Learning Bitcoin course from Blockchain Commons is now updated to teach all about its newest concepts. If you’re a novice looking to learn about programming Bitcoin, an educator needing to teach students blockchain technologies, or an expert wanting to help us by reviewing, adding to, or translating the course, please take a look!
However, we need your support. Where v1 of Learning Bitcoin was largely sponsored by Blockstream, v2 was done with our own resources. We hope that you can help us recoup those costs, so that we can continue to create open infrastructure of all sorts. If you think that education resources of this sort are important, please become an Sustaining Sponsor, or if you prefer, make a one-time donation at our BTCPay. As an individual, you can join as one of our many individual sponsors to financially support future development of Learning Bitcoin, other educational resources, and open infrastructure.
Thank you for your help in improving our techological commons for blockchain and Bitcoin users!
Blockchain Commons has released a feature-complete version of LetheKit, a do-it-yourself hardware platform that allows you to conduct cryptographic operations on an airgapped device. Complete information for creating your own LetheKit and downloading its software can be found in Blockchain Commons’ LetheKit repo.
Because you build LetheKit yourself and use open-source software, you know everything about your kit, and can depend on it for safe Bitcoin seed generation.
Building on Libbitcoin
Today we are announcing the availability of the open source Bitcoin framework for iOS. We have been working with veteran iOS developer Wolf McNally on wallet apps for iOS that will support airgapped transaction signing and BTCR Decentralized Identity (DID). As part of this effort we chose to build on the open source libbitcoin library.
Our first #SmartCustody workshop will be on Tue, January 29, 2019, 10:00 AM – 4:00 PM PST, at 554 San Antonio Road, Palo Alto, CA 94040-1217, Map.
You can signup for the Workshop on EventBrite.
This is the first of three different #SmartCustody workshops. This workshop is designed for individual holders of digital assets, in particular cryptocurrency traders and those high net-worth individuals who are already familiar & working with digital assets, but are seeking to learn best practices for protecting themselves and their business from theft, fraud, or loss.
- Are you considering all possible threats to your digital assets?
- Do you have comprehensive procedures to assess your risk profile?
- How does your system stack up against others in industry?
Future workshops will be focused on holders of digital assets that have fiduciary responsibility to others, such as small investment funds & family firms, or those who are required to use third-party qualified custodians for management of digital assets due to the amount of funds held.
These #SmartCustody workshops are a project of Blockchain Commons, which supports blockchain infrastructure, internet security & cryptographic research.
In Q1 2021, Blockchain Commons largely focused on working with companies to integrate our Gordian architecture, best practices, specifications, reference libraries, and reference applications into their wallets and services. This included:
- Released three Gordian reference apps for public beta testing on Apple’s TestFlight;
- Planned the creation of an independent Gordian Recovery app for use with third-party wallets;
- Updated our
keytool-clicommand-line interface app for new UR (Universal Resource) usages and future specifications;
- Refined our Lifehash specification to optimaize for black & white usage;
- Tested new improvements to Lethekit;
- Supported the adoption of Gordian best practices by a variety of manufacturers; and
- Worked directly with our sustaining sponsor Bitmark to architect their new Autonomy bitcoin app.
We also did work to support the wider community, including:
- Produced a major design document on multisigs;
- Supported DID’s advancement on its standards track;
- Worked to develop the did:onion DID method;
- Developed packages to support activists; and
- Testified to legislatures in Nevada, North Dakota, and Wyoming.
In Fall 2020, Blockchain Commons continued to work on creating architectures, specifications, and applications to support blockchain infrastructure.
This has included:
- Releasing a trio of Gordian Cosigner apps;
- Advancing wallet interoperability specifications in the Airgapped Wallet community that we host;
- Researching new multisig specifications;
- Releasing a third platform for our seedtool application;
- Publishing Learning Bitcoin from the Command Line 2.0;
- Debuting our new torgap architecture;
- Organizing our reference crypto libraries and applications;
- Starting a DID architecture review;
- Working on Digital Identity laws; and
- Starting our 2021 blockchain internship program.
Here’s a bit more information on everything:
Gordian Cosigner Releases. We have released alpha versions of the entire Gordian Cosigner family of apps, for Android, iOS, and MacOS. These applications support the signing of multisig transactions in an airgapped manner, creating a new level of support for what we see as the future of Bitcoin transactions. Though the iOS and MacOS apps were created in-house, the Android app was developed by Bitmark, who is both a sustaining and contributing sponsor to Blockchain Commons. We are expecting public Testflights of the apps in January, but before we have a full public release, we need to work with the Airgapped Wallet Community on related specifications.
Wallet Community Expansion. We are continuing the successful collaboration with our Airgapped Wallet Community, which has also given us a seat at the table for discussions of wallet standardization. Our Universal Resources (UR) specification and its animated QRs are increasingly being adopted, with our UR library now available in C++, Java, Python, Rust, and Swift. We’ve also been doing extensive work with Bitmark on their Autonomy wallet release, which is built on our Gordian architecture design.
Wallet Community Multisig Research. Our early work with multisigs has shown that critical elements like the m/48’ derivation, PSBTs, and descriptors are all underspecified given modern bitcoin architecture. In addition, current multisig usage doesn’t include schemes to prevent xpub reuse or to secure internal metadata in support of cosigning. In conjuction with our wallet community, we are working on standardizing the methodology for creating account maps for multisig cosigning; investigating ways to store full wallet descriptors and metadata for multisigs without creating new privacy problems; and defining the different roles of multisig cosigners. Some multisig issues are UX-focused, and so we are also defining user interfaces that can help humans to make meaningful decisions when cosigning. This research has included a new release of our Swift-based LifeHashTool. We hope to do more in Q1, to further enable Gordian Cosigner as our premiere multisig release.
Seedtool Expansion. Our seedtool apps, which offer best-practices examples of offline seed generation, continue to expand. We’d previously released a seedtool as part of our LetheKit and upgraded the separate command-line version to beta last quarter. At this point our initial iterations of our seedtools are fully feature-complete, though we’re also planning for future versions with camera support. This quarter we also released an alpha for a third platform: an iOS seedtool, currently code-named Fehu.
Learning Bitcoin 2.0 Release. As planned we released Learning Bitcoin from the Command Line 2.0 at the end of October. Our popular Bitcoin tutorial is now a complete 19-chapter course that starts with the fundamentals of Bitcoin Core usage and continues on through using Lightning and programming in seven languages.
Torgap Architectural Focus. Blockchain Commons is not just about specifications, tutorials, and applications, but also architectures. We want to prototype and exemplify the best methods for creating safe, secure, and private Bitcoin and blockchain systems. This quarter we went public with our work on Torgap, which is a new methodology to ensure separation of interests (and lots of other advantages) by using Tor to segregate neworked services. Not only have we created a Torgap repo as a nexus for the work, but we’ve also been looking at varied Torgap possibilities, including DIDs over Torgaps using a did:onion method and open timestamps over Torgaps.
Crypto Commons Reference Code. We’ve created a large amount of content at Blockchain Commons, and so one of our challenges is making it accessible. We did this in Q4 not just through our core Torgap repo, but also through a similar Crypto Commons repo. It links up all of our crypto reference libraries (which went beta in Q3) as well as the various apps and command-line programs that exercise them, including the new bytewords-cli.
Architectural Review Begun. Blockchain Commons also does more direct work with companies to improve the usage and trust for blockchain systems. This quarter we have begun a security architecture review of a major Decentralized IDentifier (DID) deployment that should reach one million or more people. We’ve been involved with DIDs since they were incubated at Rebooting the Web of Trust, so we’re proud to do the first major review of such a system.
Decentralized Identity Evangelization. Christopher Allen is continuing his work with the Wyoming legislature, where he is now a member of Digital Identity and DAO subcomittees. He’s been working on what will be the first laws anywhere to recognize personal digital identity (as opposed to digital data, which is the focus of many current laws). This legal definition is intended to work with legacy identity systems, but also to support future decentralization. He also has been leading another bill to give special legal protection for private keys.
Trusted Processor Research. We are always researching and analyzing the newest cryptography and blockchain innovations. This quarter that included an examination of trusted processors. We hope to advance that toward interoperable specifications for trusted hardware in the future.
Internship Planning. Finally, we are planning for new intern cohorts for 2021. We have posted a complete announcement.
For other recent announcements, see:
- The Q3 Quarterly Report (10/6)
- Blockchain Releases Feature-complete LetheKit (10/28)
- Learning Bitcoin Upgrades to v2 (10/30)
- Blockchain Commons Joins COPA (11/10)
- Blockchain Commons’ Uniform Resources (URs) Support Airgapped PSBTs & More
If you’d like to support our work at Blockchain Commons, so that we can create the next specifications, architectures, reference applications, and reference libraries to be used by the whole community, please become a sponsor. You can alternatively make a one-time bitcoin donation at our BTCPay.
Thanks to our sustaining sponsors, Bitmark, Blockchainbird, and Unchained Capital, as well as our GitHub Sponsors, including Flip Abignale (@flip-btcmag), Dario (@mytwocentimes), Foundation Devices (@Foundation-Devices), Adrian Gropper (@agropper), Zach Herbert (@zachherbert), Eric Kuhn (@erickuhn19), Alexandre Linhares (@Alex-Linhares), Trent McConaghy (@trentmc), Mark S. Miller (@erights), @modl21, Protocol Labs (@protocol), Dan Trevino (@dantrevino), and Glenn Willen (@gwillen).
Christopher Allen, Executive Director, Blockchain Common
In summer 2020 (Q3), Blockchain Commons really came together as both a professional organization and as a collective to support open infrastructure for blockchain.
This quarter, in addition to the ongoing financial contributions from our Sustaining Patrons, we’ve begun receiving our first funds from Github Sponsors, which has totaled more than $8,000 to date, including mostly contributions from small sponsors. We’ve in turn been able to use those additional funds on a wider variety of projects. Simultaneously, we’ve also been revising our vision, strategy, marketing, and branding plan, to both set the future of Blockchain Commons and to explain its benefits to the wider world.
Blockchain Commons has been accepted into the new GitHub discussion program, allowing for more freeform discussions within the context of our GitHub repos. As we are a GitHub-centric organization, we are now using this as the main venue for discussions about philosophies, goals, standards, and projects. Please join us!
We are currently focusing on three different discussion areas:
- Gordian System Discussions — for users and developers of the Gordian system, including the Gordian Server, Bitcoin Standup technology, QuickConnect, and the Gordian Wallet. If you want to talk about our linked full-node and wallet technology, suggest new additions to our Bitcoin Standup standards, or discuss the implementation our standalone wallet, the Discussions area of the main Gordian repo is the place.
- Wallet Standard Discussions — for standards and open-source developers who want to talk about wallet standards, please use the Discussions area of the Airgapped Signing repo. This is where you can talk about projects like our LetheKit and command line tools such as seedtool, both of which are intended to testbed wallet technologies, plus the libraries that we’ve built to support your own deployment of wallet technology such as bc-bip39, bc-slip39, bc-shamir, Shamir Secret Key Recovery, bc-ur, and the bc-crypto-base. If it’s a wallet-focused technology or a more general discussion of wallet standards,discuss it here.
- Blockchain Commons Discussions — for developers, interns, and patrons of Blockchain Commons, please use the discussions area of the Community repo to talk about general Blockchain Commons issues, the intern program, or topics other than the Gordian System or the wallet standards, each of which have their own discussion areas.
We of course will continue to use the Issues and the PR features of GitHub for discussions of repo-focused topics and for individual fixes, respectively, but the discussion areas are a great place to talk about more general topics.
Come join us in our new Blockchain Commons community!
To fulfill its commitment to open source and to a defensive patent strategy, Blockchain Commons has joined COPA, the Cryptocurrency Open Patent Alliance.
COPA is a non-profit community that was formed by Square out of concern that misguided and offensive use of patents can stifle innovation, and that companies not focused on patent creation themselves would be unable to defend themselves from aggressive (often non-practicing) patent holders. Members of COPA pledge not to use their patents offensively and instead pool their crypto-patents to form a shared patent library.
Blockchain Commons was resolute in joining COPA because it addresses problems and resolves frustrations that Commons Founder Christopher Allen has long observed with the American patent system.
The goal of social key recovery is for the user to specify groups of individuals that together possess the ability to recover the root secret of a wallet. A good social key recovery protocol should not just reflect what cryptographic primitives happen to be available for use, but rather instead should be designed to correspond with the structure of trust in the user’s social network, while balancing the technical tradeoffs involved under the hood.
The most popular social key recovery algorithm, Shamir Secret Sharing is considered information-theoretically secure. That is, any combination of shares less than the necessary threshold convey absolutely no information about the secret. However, all secrets have equal weight and once a sufficient threshold is achieved the secret can be reconstructed. In social contexts this can cause a number of problems in common real-world scenarios. In addition, Shamir Secret Sharing has a history of being naively implemented including a number of serious vulnerabilities.
To quote Bitcoin Core Developer Greg Maxwell:
I think Shamir Secret Sharing (and a number of other things, RNGs for example), suffer from a property where they are just complex enough that people are excited to implement them often for little good reason, and then they are complex enough (or have few enough reasons to invest significant time) they implement them poorly.”
Ideally an implementation of social key recovery should balancing numerous competing goals: