New Feature: Multisignature Identities and Services

Syscoin Core 2.1 October 2016 Technical Update

Out of many features we’ve recently added to Syscoin Core 2.1 we’d like to focus on 2 of them: Multisignature Syscoin services and our Self-Governing Exchange Rate System (sysrates.peg). We’ll also touch on the new Pruning feature and give an update on the status of the 2.1 release plus info on our Azure BaaS certification progress.


2faMultisignature, Pruning and Use Cases

Syscoin offers, messages, certificates and aliases all now support multi-signature ownership which presents the potential of 2FA security (2-Factor Authentication) on all these services. This opens up an incredible number of opportunities for improved user experience and potential use-cases and gives us the essentials of doing multi-party business on the blockchain. For example- a merchant could have their staff update their Blockmarket listings under a sub-account; documents could have a requirement of 2 or more signing individuals in order to make edits (or transfer ownership). Use-cases include making legal wills, legal or real estate documents and titles, Trust accounts, multi-signature escrow arbitrators and so much more. We haven’t even begun to scratch the surface of the potential of Multi-Signature Identities and Services!


Bitcoin’s Current Multi-Signature Implementation

Multi-signature transactions were supposed to be the killer feature of Bitcoin. It is the process of requiring more than one key (aka user) to authorize the spending of coins, so multiple parties can transact payments without trust. There are many applications and markets that can be disrupted with this seemingly simple and often overlooked feature of Bitcoin Core. The problem is that multi-signature transactions are simply unusable for Bitcoin Core users; the reference implementation of Bitcoin (the wallet provided by the Bitcoin core team) does not display multi-signature transactions so there is no way of knowing that you are involved in a multi-signature transaction. Purposely omitted by the Bitcoin Core developers, multi-signature transactions are an opt-in only service feature requiring users to use complicated console-commands; extremely hampering the consumer usability of this feature unless you use a third-party, centralized service.

Because Bitcoin Core will not let you select your multi-signature transaction outputs through the wallet selection algorithm – even by using coin control – it didn’t really make sense for Bitcoin Core developers to display multi-signature transactions in the user’s wallet transaction ledger. If Bitcoin stored the information required to detect who is involved in these transactions at the core level, without having users find a secure communication medium to share this information, perhaps this feature would have been fully developed into a killer feature.

The Bitcoin Core could have been developed into an on-chain identity system like Syscoin Aliases, but that information requires more data storage, and since their philosophy is generally, “Any data that does not fulfill the needs of ALL users of the system does not belong on the chain”, it is unlikely that something like this will be implemented in the future. It makes sense for a system dedicated solely on being a payment mechanism between 2 or more parties, but much more can be done without compromising the network. Any information added on-chain places exponential load on a system as nodes increase, so every byte counts. A careful pro/con analysis needs to be done for anything that is added. Doing so lead us to develop an identity system with the required information for arbitrary multi-signature transactions among multiple parties without users needing to store and submit information to each other through third parties or other centralized services in order to complete the transaction.

Syscoin has a perfect set of features that complement each other, improving user experience and use cases by adding tiny amounts of data that create tons of value. Because Syscoin services can expire, we can determine when these services are not actively needed and prune them, reducing bloat by not requiring new nodes to download expired service data. (The pruning feature greatly reduces network bandwidth requirements for syncing new nodes and will be fully explained in our Syscoin Whitepaper coming soon). By completing the multi-signature work that Bitcoin began, we can present it as a fully functional and usable feature. Other services like Escrow, Offers and Certificates were all be improved as a result of pruning which relaxes the constraint of using minuscule amounts of data like Bitcoin does (OP_RETURN only supports 80 bytes of data per transaction).
In Syscoin’s identity system (Aliases) we store the public key, the number of signatures required and redeemscript which are an integral part of the multisignature signing process. Without these pieces of information which links the parties involved, a multi-signature transaction cannot be signed and sent to the network. In Bitcoin these pieces are all handled offline and if forgotten or misplaced, leads to permanent forfeiture of the coins stored in a multi-signature address.

bitSyscoin extends multi-signature functionality by paying to a multi-signature transaction rather than using a Script Hash (P2SH). Because P2SH does not have enough information in it to know who needs to sign and how many signatures are required, it forces users to send this information to each other using a cumbersome raw transaction API. Although we can send the information using encrypted Syscoin Messages it is still a hinderance for mass adoption of any technology built using multisignature features of a blockchain based project. For techies, everywhere a payment is done, a redeemscript is looked up from the payment address as an alias identity and used as a destination instead of the address destination. Taking this approach simplifies the process of using multi-signature transactions and leads to a more flexible approach on how to best use it- surfacing new use-cases which increase real-world productivity.
A new user interface has been developed to let you sign a multi-signature transaction, allowing inspection of the transaction including any Syscoin service related information, before signing. It is now easy to implement a “Know-Before-You-Sign” policy which allows users to simply check the decoded transaction before signing it. Indeed any multi-signature transaction that is signed should not be trusted regardless of who is involved, it should be decoded and checked prior to signing and sending to the network to avoid unscrupulous behavior from bad actors who spend the coins held in escrow in undesirable ways.

The multi-signature feature works nicely with our DirectBTC integration which allows signing and sending raw transactions to the Bitcoin network and spending those Bitcoins, all via the Syscoin network. In Syscoin Escrow, if a user wishes to pay via Bitcoin they would pay to a generated P2SH representing an escrow address. The raw transactions to spend those coins to the merchant/re-seller for commission and buyer for refunding any escrow arbiter fees would all be done in Syscoin. The involved parties would simply click a button to complete their role in the escrow. Fully signed payments are sent to the Bitcoin network automatically upon release/refund with no manual merchant interaction required. Sound confusing? Don’t worry! That’s where the “Syscoin Elite” app by Blockchain Foundry comes into play, hiding all the complexity of working with multisignature transactions from the end user and presenting it in a visually pleasing and easy to understand user interface. Users will always have the option of using the reference QT wallet if they want to see the inner workings of these features, but for consumers we’re focused on ease of use in addition to the massive new set of use cases that are enabled by these multisignature features.

By creating an Identity system which supports required multisignature details we can fix the deficiencies in the Bitcoin Core which blocks multi-signature transactions from the transaction ledger and spending selection screens such as Coin Control. This allows for a more intuitive user experience of multi-signature transactions at a core level. Everyone from novice to experienced users will appreciate the intuitiveness and convenience of not having to send details to responsible parties to be able to sign and send multi-signature payments on-chain.
As a result Syscoin Aliases now support multisignature ownership. By combining an identity system and multi-signature transactions we have the best of both worlds. An easy to understand system that allows users control over their identity while providing maximum flexibility in terms of real-world usage. Although the blockchain in many ways simplifies business processes and finds newer and better ways to solve problems, we still cannot get around things that involve multiple parties holding sensitive information. Until now.
Because Syscoin Certificates were made to store these sensitive pieces of information, it becomes almost natural to think that hooking them up with multi-signature Aliases would allow for Certificates to now be fully functional. Indeed that is what we did. We have extended the functionality of offers, messages, certificates and aliases to allow for full multi-signature ownership.

Things like on-chain 2FA security are now possible across all services. Make a payment on your computer and requiring a verification signature from your phone before sending it  for extra provided security is a simple example of one such 2FA use case.


medThe Essentials of Doing Business on the Blockchain

Syscoin’s multisig-capable identity system is poised to revolutionize government, notary, medical and real estate applications, where trust is involved between multiple parties. Notarized documents become possible, where an agency creates a certified document (Certificate) and transfers it to a shared alias between you, the Notary and say another party delegated to provide updates to that data. You can apply updates to that Alias but those updates may not necessarily be accepted if the other parties are not in agreement/don’t sign. Things like your medical history which a medical authority issues to an Alias shared between you, your doctor and the authority make it easy to issue medical records per individual while retaining control to avoid people from transferring, selling or having the data confiscated for nefarious purposes. Now you can control your medical data (encrypted) and show it to your doctor on-demand in real-time via a Certificate Transfer. You can then have them update it and send it back to you. If you change doctors, the 2 of 3 multi-signature Certificate will allow either your old doctor or the EMR authority to remove the old doctor and perhaps replace it with an identity of a new doctor. The doctor can request an update to the data but need others to grant that permission before it comes into effect. In this way we solve the problem of allowing ownership of your own medical records but being flexible to allow for EMR to control issuance and/or version control on the records for safety purposes. It also allows you to choose who can view or update the sensitive data which is encrypted.

Of course we wouldn’t want to store all of that data in the Certificate (we offer a maximum of 1kb per Certificate or Alias for encrypted data), but you may include just a link to a cloud based service or government secured server which hosts the data. It should be noted that this data stored on these services MUST be encrypted for the Syscoin Alias public address to enjoy any benefits of the system. In fact doing so eliminates all of the high cost security that government agencies spend billions of dollars on to keep hackers at bay and protect sensitive information. They can openly store information on their servers as their regulation requires that data to be on their servers, however with the breakthrough of multi-signature Syscoin services they now would only have to prevent a DDOS attack, something that the cloud can help alleviate and as a result reduce regulatory constraints on where the data can be stored (bringing relevance to projects like Factom, Maidsafe, Storj and other blockchain based file/information sharing systems). Without multi-signature services those projects will not survive the regulatory burdens that governments place on systems that share sensitive information. Allowing authority to control versioning of the data while still allocating individual ownership of information makes on-chain data/cloud storage of sensitive encrypted information a viable and cost effective alternative to the legacy systems that are being targeted by hackers who continue to find loopholes in complex security measures taken because there wasn’t any better technology at the time. Multi-signature services allow for restructuring business processes within the regulatory constructs of today’s global marketplace.

Offers in the decentralized marketplace would be used for proof of payment and Certificates would be used for proof of receipt or proof of ownership(using a multi-signature Alias where multiple parties are involved as needed). Escrow can be used to facilitate the sale of an offer between 2 unrelated parties. All of the services work together to create an efficient system with the right incentives to disrupt many major markets. Syscoin is not just a simply decentralized marketplace, it is much more with the inclusion of multi-signature services.
For more information on potential examples of using Syscoin’s blockchain technology we will be providing a high level use case paper which will outline the market usage examples from different user’s perspectives. This will help new users realize the power of Syscoin services by clarifying just how easy it is to use Syscoin to solve their problems in ways that are cheaper, reliable, and easy to use.
Syscoin is merge-mined with Bitcoin which provides valuable network security. Many companies try to solve some of these problems with private chains but these will suffer security issues from the same hackers that found ways to attack centralized databases. Syscoin is in a unique position of offering a secure (over 20% of the Bitcoin network mining power is currently mining Syscoin) platform which completes Bitcoin’s multi-signature transaction functionality and integrated it into the building blocks essential to doing business. Blockchain Foundry Inc. has uniquely positioned Syscoin as the leading provider of solutions for business-on-the-blockchain applications. If you would like more details on why private chains will not work for such applications please contact our team so we can discuss further.


Self-governing Exchange Rate System

Because we wanted people to be able to list things in currencies other than Syscoin, we needed a way to access this information not only in the user interface but in the consensus code to be able to validate that offers were paid in correct amounts and to the correct person.
To do this we created the sysrates.peg alias which stores currency information in relation to Syscoin price. It is updated dynamically based on the volatility on exchanges. Other things such as transaction fees and arbiter fees are also stored and dynamically adjustable during network runtime to avoid having to do any soft or hard forks and having them take affect in real-time versus voluntary updates of miners and client wallets. Transaction fees are used for determining the amount of fees used when sending payments to escrow with Syscoin and/or Bitcoin. Because miners may change the amount of fee it takes to mine and relay a transaction these variables are best to be dynamically adjustable based on market conditions.  Of course sysrates.peg is just a reference implementation of such an exhcange rate service to bootstrap the marketplace with a ready-made and updated alias with exchange rate information. It may fulfill the needs of 90% of users who don’t want to manage their own exchange rates and fees. However for the select few who do care they may change the alias that their offers use for exchange rate information and even expand the exchange-able currencies they accept. Their peg may also be used by others who feel perhaps that sysrates.peg fees are not desirable and want to use a different option, anyone can create their own exchange rate peg. By allowing users to select the exchange rate alias that their offers relies on, it creates a self-governing system of exchange rates and fees which adapt to the needs of the users on the network.
Both of these features will be available through Blockchain Foundry’s Syscoin Elite app which you can read about here. (Building a Better Experience – Project Syscoin Elite)


Update on 2.1 Core release

We have created a release candidate version of our software which we are putting through our advisory board for testing. The testing will be ongoing until a satisfactory level of quality has been reached. Once the release candidate has satisfied the testers, we will set a block at which we will fork to 2.1, update exchanges, miners and follow with an update to the community. We will give adequate time for everyone to prepare for Syscoin 2.1 as this will be a mandatory update and work to release in a timely manner without sacrificing quality.


Microsoft BaaS Azure service

waadWe have qualified for Microsoft’s Bizspark grant of $120,000 USD for use within Microsoft Azure as an official Microsoft Development Partner. We have been researching ways to be able to apply this grant to help new Syscoin merchants get on to our decentralized marketplace through subsidized hosting of the Syscoin Elite Server running Blockmarket M1 on Azure. We’ve found that we can issue and manage merchant accounts through Azure Active Directory (AD) and apply the grant towards merchant’s hosting costs. This will help us gain traction with the Core 2.1 release. Blockchain Foundry is also in the process of certification with Microsoft through the Microsoft Azure Certified program. We will be qualified as an independent software vendor (ISV) where we can publish software and services on the Azure Marketplace. Blockchain Foundry’s business development team is actively working with Microsoft through the certification process and we hope to get certified very soon. Currently the only blockchain offering on Azure that is certified is Ethereum.

Related Posts

Comments are closed.

Translate »