In Q1 2021, Blockchain Commons largely focused on working with companies to integrate our Gordian architecture, best practices, specifications, reference libraries, and reference applications into their wallets and services. This included:
- Released three Gordian reference apps for public beta testing on Apple’s TestFlight;
- Planned the creation of an independent Gordian Recovery app for use with third-party wallets;
- Updated our
keytool-clicommand-line interface app for new UR (Universal Resource) usages and future specifications;
- Refined our Lifehash specification to optimaize for black & white usage;
- Tested new improvements to Lethekit;
- Supported the adoption of Gordian best practices by a variety of manufacturers; and
- Worked directly with our sustaining sponsor Bitmark to architect their new Autonomy bitcoin app.
We also did work to support the wider community, including:
- Produced a major design document on multisigs;
- Supported DID’s advancement on its standards track;
- Worked to develop the did:onion DID method;
- Developed packages to support activists; and
- Testified to legislatures in Nevada, North Dakota, and Wyoming.
Our advances on Gordian were linked to a large-scale transition in the meaning of the Gordian system. Prior to 2021, we were offering a variety of applications, but we were simultaneously working with companies to create specifications. This created a real tension. Now that we’ve seen the beginnings of adoption of our best practices, we’ve been able to change the focus of our applications from being consumer-focused to being exemplars for other companies to study. In Q2, we expect this to mature into a Gordian Seal™ program that denotes companies who are producing products that follow the Gordian principles and our best practices. Like similar projects such as the FIDO Alliance, we expect the Gordian Seal to make it easier for everyone in the blockchain ecosystem to work together, creating bizdev and interoperability opportunities.
Gordian Testing. Blockchain Commons now has three iOS reference apps available for public beta testing via Apple’s Testflight: Gordian Cosigner, Gordian Guardian, and Guardian Wallet. Wallet was our original app, recently updated to support the newest Lifehash and
crypto-request features; Cosigner is the companion signing app that we introduced last quarter; and Guardian is our newest release, a key-storage tool for iOS. As reference apps, these projects are mainly meant as exemplars, demonstrating the best practices and principles suggested by the Gordian architecture as well as exemplifying how multiple apps can interact through Airgaps and Universal Resources (URs). See our video for a real-life example of Gordian Cosigner, Guardian, and Wallet working together to securely create a multisig account and sign a PSBT, and this video that demonstrates AirGap signing between LetheKit and Gordian Cosigner.
Independent Recovery. We are already working to split a new app, “Gordian Recovery”, off of Gordian Guardian. One of our best practices for the Gordian system demands that a user can recover funds from a Gordian-approved wallet even if the company producing it disappears. Gordian Recovery will provide one way to do so, allowing a user to independently use the app to recover and sweep funds held in a multisig wallet, no matter the status of the wallet manufacturer. At its debut, we expect Gordian Recovery to support at least three different companies with their own multisig hardware or software wallet systems. Generally, Guardian Recovery, like Gordian Cosigner, demonstrates how Blockchain Commons will interact with the wallet ecosystem by providing not just specifications, best practices, and references, but also complementary apps that can support third-party wallets.
Keytool Updates. Our keytool CLI (command-line interface) app also received major upgrades in Q1. We expanded it to support the new UR (Universal Resource)
crypto-response features that add support for arbitrary requests. This is a first step in moving away from the
m/48' derivation used by current hardware wallets for multisig, which often results in master or cosigner xpub reuse and thus a risk to privacy. This means that we now have the infrastructure to demonstrate different solutions to the problems of
m/48'xpub reuse, but there’s still a lot of legacy use cases that need to be resolved. (We also reviewed one solution for the
m/48' derivation problem and found it unnecessarily complex, so: onward.)
Lifehash Improvements. Most of the Gordian specifications that we’ve created while working with our Airgapped Wallet Community focus on interoperability, particularly moving data across airgaps. Lifehash is something else: it’s a user-interface specification meant to give users trust in the continuity of cryptocurrency accounts without having to depend on reading text addresses, which aren’t user-intuitive. Instead, Lifehash creates unique, colored icons for each account that remain consistent over time. This quarter, we adjusted the colors used by Lifehash so that they look better in black & white printing, and simultaneously experimented with dithering on the 200x200 LetheKit display, to ensure that we could display meaningful information on a worst-case small black & white display.
Lethekit Updates. The DIY LetheKit has been our prime reference for testing hardware implementations of our Gordian best practices. Not only did we test it out with dithered Lifehashes last quarter, but we also were able to use its display to test out animated QRs for transferring PSBTs. It worked! (Albeit, slowly.) See also this video of LetheKit exporting derived keys to Gordian Signer.
Gordian Adoption. Finally, as noted, we’re very happy to see continued adoption of Gordian. Last quarter, we talked about all of the software and library development being done by wallet companies. This quarter, we’re seeing more companies committing to including SSKRs (Sharded Secret Key Reconstruction), URs (Universal Resources), and other Gordian features in their wallets. Sparrow Wallet has been expanding its capabilities, while Foundation Devices was the newest to announce their integration of some UR features, including animated PSBTs. Foundation and Sparrow have both been working with us for a while: we’re thrilled to see both hardware and software wallet companies incorporating Blockchain Commons specifications! We’re also aware of two more software-wallet companies who haven’t made announcements yet, and we’ve been extensively working with a third company to produce a Gordian-approved wallet that entirely matches our principles and best practices and adds on some great UI besides. We can now announce that third company is Bitmark …
Autonomy Architecting. Blockchain Commons has been working with Bitmark to design Autonomy, a bitcoin wallet and digital assets manager. Their goal is to make it easy for families to gain independence and preserve generational wealth. Autonomy combines a mobile app with your own dedicated full node running privately in the cloud. We used a partitioned architecture (keys across app+node) and a personal recovery network (using SSKR) to remove all single points of failure. When you transact, everything is multisig between your app and full node. Any single key can fail and you won’t lose your funds. Nothing else like this currently exists in the market.
Here’s some details on our other major projects:
Multisig Documents. This quarter, we released our first major expansion to our #SmartCustody tutorials since 2019: a 10,000-word document on Designing Multisig for Independence & Resilience. The state of multisig wasn’t sufficiently advanced to provide specific advice when we originally wrote #SmartCustody, so we’re now happy to include it by breaking down the design of multisig addresses into theoretical, transactional, operational, and functional elements and providing design patterns and examples to help you put those elements together. Want to know why Blockchain Commons is today focused on multisig technology and how to create them to meet your own needs? It’s all here.
DID Recommendation. We’ve been working with the DID specification since it was incubated at early Rebooting-the-Web-of-Trust workshops, and co-authored by Blockchain Commons founder Christopher Allen. We’re thrilled that it’s now a Candidate Recommendation. There might still be revisions and new candidates, but this is the beginning of the last stage in creating an official internet standard for decentralized identity on the internet.
DID Method Expansion. Meanwhile, Blockchain Commons is doing its own work on DIDs, with a new did:onion method implementation. We’re happy to say that Spruce Systems is already considering it for their DID resolver. We’re also considering returning to work on our own BTCR DID method, which was one of the first DID methods, but has gotten somewhat out of date with recent updates to Bitcoin.
Apt Packages. We have produced apt packages for installing seedtool and keytool for use with Debian and Tails OSes. This is a first step in providing support tools for human-rights activists, which we expect to get more emphasis in our work in Q3.
Legislative Work. Finally, Christopher Allen’s work with legislatures multiplied last quarter. In Wyoming, he led efforts that resulted in the Wyoming Digital Identity Act, which includes a specific definition of digital identity that works toward the principles of self-sovereign identity. Work on a private-key-protection bill was less successful, as it had to be withdrawn after being spoiled by an amendment. Christopher has also recently testified before legislatures in North Dakota and Nevada. This is all crucial work because actual engineering will ultimately be limited and directed by what states legislate, so we want to make sure the laws fit the technology and the needs of the individual.
Intern Search. We’re thrilled that our Summer 2021 internship program has been sponsored by the Humans Rights Foundation. We’ve thus put out a call for interns, and we’re expanding our usual development work to also include direct support for activists, who need help to maintain their privacy in potentially hostile regimes. However, to really support activists requires knowing what they need. So, we’re also considering working with interns to do research and conduct interviews to create user engagement models for activists. This would be similar to the Amira model from RWOT. If you are interested in having developers work with or mentor blockchain interns, want to suggest intern projects, or even have engineers who might be interested in working on Blockchain Commons projects briefly during the summer, please mail us.
Taproot & Schnorr First Steps. We may see a major upgrade for Bitcoin as soon as this fall, if Speedy Trial is approved for Taproot and Schnorr. The first will increase privacy for #SmartCustody features such as timelocks and multisig, while the second will allow aggregated multisig, which offer several advantages over traditional ECDSA signatures. Our brand-new musign CLI app provides the first experimental support for Schnorr signatures leveraging the Taproot/Schnorr BIPS, but independent from
bitcoind. More to come as we ramp up to this expansion.
Supporting the Future
We’ve laid out our initial roadmap for the next two cycles of Blockchain Commons efforts, covering spring and summer. Important topics includes finalizing our Gordian Seal program, solving problems with xpub reuse in Bitcon multisig, supporting and advancing SSKR (Sharded Secret Key Reconstruction) for not just cryptographic seeds but other data, continuing to support and advance URs (Universal Resources) with encrypted and/or signed CBOR, and architecting a new QuickConnect 2.0 for initiating TorGap-based services between peers. If you’d like to know more about our roadmap, especially if you considering becoming a sustaining sponsor or to sponsor a specific project on our roadmap, please contact us directly.
If you’d like to support our work at Blockchain Commons, so that we can continue to work new specifications, architectures, reference applications, and reference libraries to be used by the whole community, please become a sponsor. You can alternatively make a one-time bitcoin donation at our BTCPay.
Thanks to our sustaining sponsors, Bitmark and Blockchainbird, our new project sponsor Human Rights Foundation(@HRF), as well as our GitHub monthly sponsors, who include Flip Abignale (@flip-btcmag), Dario (@mytwocentimes), Foundation Devices (@Foundation-Devices), Adrian Gropper (@agropper), Eric Kuhn (@erickuhn19), Trent McConaghy (@trentmc), Mark S. Miller (@erights), @modl21, Jesse Posner (@jesseposner), Protocol Labs (@protocol), Dan Trevino (@dantrevino), and Glenn Willen (@gwillen).
Christopher Allen, Executive Director, Blockchain Common