2023 Q2 in Brief
Our major work in Q2 this year included:
- Pushing the Envelope
- Rust Libraries
- Educational Use Cases
- Wellness Use Cases
- Working on CSR
- Gordian SeedTool 1.6
- Looking Back at Our Work
- Animated QRs
- URs for PSBTs
- Self-Sovereign Identity
- Working Together on What’s Next
- Silicon Salon 4
- Gordian Meetings
- Welcome to SeedHammer
- dCBOR Advancement
- DID Working Group Work
- IETF 117
- Looking Forward
Pushing the Envelope
Some of our most important developments this quarter related to Gordian Envelope, our privacy-protecting structure for the storage and transmission of sensitive data.
Rust Libraries. Our biggest advance was our conversion of our entire Gordian stack to Rust, including libraries for cryptographic primitives, other cryptographic components, dCBOR, Shamir’s Secret Sharing, SSKR, URs, and ultimately Gordian Envelope. Obviously, the memory safety of Rust should provide strong support for cryptographic usage, and we also hope this will enable the development of Android apps.
Educational Use Cases. So why would you use Envelope? We touched on that topic in Q2, starting with a presentation about educational use cases prepared for the Verifiable Credentials for Education Task Force at W3C. Our basic argument? Digital credentials are great, but they open students to identity theft and discrimination and institutions to liability. Our article on “The Dangers of Digital Credentials in Education” explains more.
Wellness Use Cases. As part of our work with Proxy, we also put together a new set of “Wellness” use cases for Gordian Envelope, detailing how you can keep tracker-related information safe, but also share it with health professionals and even use it to support public health, such as clinical trials. Thanks to Proxy for their support and advice in describing how privacy protection can support data collection for such sensitive information!
We’re next considering some use cases related to AI models and their provenance. If you’d like to provide some support on that, let us know.
Working on CSR
Obviously, Envelope is ultimately just a tool for creating the applications that we want. Our biggest application-level work continues to be on Collaborative Seed Recovery (CSR).
Gordian SeedTool 1.6. Our newest iteration of Gordian SeedTool is intended to show a minimum viable architecture for CSR. We’re still polishing it up, but we’ve already fully integrated Gordian Envelopes into GST, allowing keys, seeds, and shards to be stored (and reconstructed) with their metadata. This is the first, major step for CSR deployment. We’re looking forward to getting this interoperating with a variety of share servers!
Looking Back at Our Work
Though Gordian Envelope is our newest specification and our current highest priority, we’ve had a number of successes over the years in creating new technologies that people have wanted to use. We spent some time documenting some of that work in Q2.
Animated QRs. Animated QRs were our first big success, because there was a big demand for them: they were necessary for the airgapped transmission of PSBTs, which can grow beyond the bounds of static PSBTs (or at least beyond the bounds of many computer cameras). Our new page and video on Animated QRs talk more about their importance.
URs for PSBTs Tech Article. For developers who haven’t yet worked with PSBTs in URs (which is the foundation that enables Animated QRs), we also put together a tech article on how the PSBT encoding works. (It’s super simple!) This is part of a series covering Uniform Resources, which can be used for so much more than just PSBTs (like transmitting shares and requesting specific keys).
SSI: 5 Years On. Finally, we’ve been talking a lot about self-sovereign identity lately, which was one of our big advances even before Blockchain Commons existed, and which has been widely adopted by the community in projects such as DIDs. It’s really what got Blockchain Commons rolling, even though identity has been a relatively small focus for us since then. Two years ago Christopher wrote “SSI: Five Years” for magazine publication. Recently, we realized that many Blockchain Commons patrons and fans may not have read it, so we’ve reprinted it on our blog. (We’re also working on a few new articles to talk about self-sovereign identity seven years on, which you’ll hopefully see in early Q3).
Working Together on What’s Next
Of course, Blockchain Commons’ specifications are never just our work. They’re the work of a whole consortium of developers and designers who are working together to create interoperable specification that will work for everyone. Some of our most extensive work in Q2 was with various communities, including three meetings we hosted, and work not just with W3C (via the Verifiable Credentials for Education Task Force) but also the IETF.
Silicon Salon 4. Our fourth Silicon Salon continued to bridge the gap between semiconductor design and hardware wallet development. Great presentations included Andrew Poelstra’s look at anti-exfiltration, Luke Leighton’s talk about biginteger problems, and Cramium Labs’ discussion of the issues with open hardware. The latter was supported in part by our own musings about open silicon. It’s a difficult problem that’s very different from the world of open software! Next Silicon Salon is scheduled for October.
Gordian Meetings. We also hosted Gordian Developer meetings in April and June, both of which are archived on our meetings page. Topics included a lot of information detailed in this report, demos of the new rust libraries, discussion of Shamir advances including the new options from Ledger, a presentation from a new Developer member, SeedHammer, and lots more.
Welcome to SeedHammer. SeedHammer is a new member of the Gordian Developer community. They caught our eye with their electric hammer, which allows the engraving of QR codes. It actually uses our Animated QR work, but in a static (engraved!) format, which is a pretty cool medium shift. Take a look at their video, from the most recent Gordian Developer meeting.
dCBOR Advancement. We are continuing our work on a deterministic CBOR, collaborating directly with the IETF CBOR group. We released our second iteration of the Internet-Draft in May, incorporating comments and suggestions. We’re expecting the CBOR community to produce a third iteration, which will split the work into one I-D defining profiles for dCBOR and another discussing dCBOR numeric reduction, which has been one of the biggest topics of discussion. We’re very enthusiastic to see this new iteration, as multiple perspectives and contributions from a number of collaborators is how internet standards come to be.
DID Working Group Work. Meanwhile, we’ve also been supporting the DID Working group at W3C, which finished its initial work in May. There have been proposals made to extend the 1.0 effort, to offer great clarification, or even to expand it into DID 2.0. Our biggest concern has to do with the desire to formalize DID Methods in advance of these efforts, as we think that’s premature and that it could lock inferior methods into the standards. Thus, we’ll continue to offer our support for continuing 1.0 or advancing to 2.0 without those requirements.
IETF 117. Finally, Christopher and Wolf will be attending IETF 117 in San Francisco this July 22-28. If you’d like to talk to us at or around the event, please let us know. We’ve also got a side meeting for Gordian Envelope scheduled for Monday July 24th, 15:30-17:00, in the Golden Gate 4 Room; and have 15 minutes scheduled for dCBOR discussion at the CBOR meeting, which is at 17:30-18:30 that same day, in the Continental 5 room.
As always, we’re looking forward as well. Obviously, a lot of our work is continuing, including dCBOR, CSR, and Gordian Envelope. In particular, we’re hoping to see new versions of dCBOR I-D in this coming quarter, and perhaps another iteration of CSR, but that all depends on communities we’re working with.
Some specific projects that we expect to tackle in the next three months include: releasing the full MVA of Gordian Seed Tool with CSR; finalizing our Rust libraries and initiating a community review; consolidating our documentation into a developer web site; working on legal efforts in Europe and Wyoming; attending IETF in San Francisco in July; and attending Rebooting Web of Trust 12 in Germany in September. (Maybe we’ll see you at one or the other?)