Part of the ‘Starve the Beast‘ patriot III% movement is providing the infrastructure for commerce. That requires transmittable money. Some crypto-currency may be OK for your needs.
But I thought of an interesting version of scrips. Suppose someone wants to make a purchase with gold : the usual problems or large, bulky, stealable, etc. As well as so many things that look like gold, how do you check?
All gold coins have a published size and weight. Those can be checked in a video with a CPA doing the measurements. The coin can be marked with a stamped serial number. And then, the key innovation here, that coin can be linked to that certifying video by gluing the coin to a card, and painting sparkle finger-nail polish around the coin, up over a couple of edges. Write the date, time, CPA, … and the tape is continuing proof of certification. The noise in the sparkle is the serial number, the stamped number just an human-readable value for an easy index to the video and picture in a database. A date-stamped and signed hash guarantees the video and photos can’t be modified later.
Sparkle finger-nail polish and the kid’s sparkle glues harden to a unique noise pattern, one that can be photographed at sufficient resolution to know, at some later time, that the sparkle pattern is the same or not. You can’t undo and redo a sparkle fingernail polish, the pattern won’t be the same. Think of it as a high-tech wax seal. So seeing the card in the future, you can know that the coin is the same, or not. A cell phone app using ‘blink comparator‘ or image subtraction will make this easy.
That basic data item makes audits of net denizens easier, I believe. A central authority can physically hold the gold, there are protocols for digital signatures to sign documents. Ownership of the image transfers ownership of the physical gold. An audit of randomly-selected coins would compare the coin-on-card to the video’s image of the sparkle pattern. Validation of someone’s scrip image would be to compare the image against the coin or the video, against the video could probably be made automatic. Transfers of ownership could be recorded, or not. If recorded, it is another check on double-spending, also prevented with the transfer-of-owner protocols.
I know zip about the protocols to do that, have noticed that it takes the crypto people several iterations to get protocols right, they need to be involved.
There are new databases and other data storage mechanisms with very sophisticated access models, so every level of such security could be opened to inspection separately from others. These can be the beginning of trustable institutions of all kinds. They can be trusted to the exact extent we can see into them and their operations.
I am sure that people will notice many other advantages of doing business inside our patriot nets and develop many clever ideas for melding the two arenas for greater benefit in both.
Added later. Re-reading this later, the part I find unconvincing is the ‘measure the coin under video’. It would not take a magician to fool any number of cameras following the coin from weighing to gluing on the card and sparkle applied. There are few ways to avoid trusting people.
You can show yourself working hard to make it hard to fake, e.g. start with the coin on the scale, add sparkles in a couple of places ‘randomly’, note the new weight. Now the card with the label weighed on another scale, add sparkle to the card and photograph that, now add glue to the card and weigh. Now move the coin to the card, and both show the weight and the sparkle patterns. Do this on a table that you construct from clear plastic in front of the cameras, on electronic scales that you take out of boxes in front of the cameras. Or, of course, have trusted auditors check everything. Or as many of those as you can afford in setting up your bank.
To secure the images from the cameras, you have to have some continuous but not predictable tag on frames and in the image, e.g. a process that is computing a hash of each frame and displaying it to a screen in the view of the camera. Add a time stamp from an independent server that includes a hash of a number in a random sequence generated for you, but kept secret by the service, with the time and the previous frame’s hash. The secrecy keeps the organization creating the electronic gold coin from substituting coins and images because the time stamp service will generate the same pseudorandom number for the same inputs when later checked. Any fake video will necessarily have a different hash for the last frame, and when the time-stamp service is asked for a check of [ their hash, video frame hash, the time they returned ], that fails the audit.
But yes, a new video could be changed to match the old hash without visible effect. Computationally challenging, I think, and can be made as hard as you wish with bigger and better and more hash algorithms, so I assume that will be solid.
It is overkill to display this last-frame hash AND the services’s timestamp value on small displays in the view of the cameras, either one is a real-life forward security : they intertwine an electronic stream with the images that produce that stream, and therefore if any image is modified in even a single pixel, all of the images following that need to be modified in the area of the image that contains the hash-value display. But complexity is good I think, an additional hurdle for anyone faking it.
That could easily be automated, with as many cams on the proceedings as you can fit into the room, transparent components run by air, audited and validated by as many organizations as you wish for components, weights and scales, etc. But once done, the original check of the gold coin and creation of the digital files is foolproof.
If you can prove that it is the same coin from beginning to the attaching to the card and speckling, then the system is capable of being audited remotely, and script or digtal files are as convenient as bitcoins in practice and are as good as gold. Well, as good as non-gold ever gets, but convenient.
23 December, 2015 : I think that is close to solid in concept, but several magicians and crypto people need to implement it.
Playing against myself. Here goes the scam. One of 3 goals : 0) substitute a phony coin for a real gold coin as the card and files are created, 2) replace card and files with a different one, or 3) replace the image of the vault’s card that has of a fake gold coin with a different sparkle pattern in the output video stream.
To deal with 3) after long ignoring this point. I think that real time manipulation of images is good enough that a crook controlling the bank cannot be detected even if your video feed shows the person holding the card and moving it around. But I think it probably can’t beat requiring a video display of in the feed something you control as you do the audit, because your input to the scene system will produce changes in the lighting and so reflections from the sparkles. Choosing the sparkles wisely for their different infrared and ultraviolet reflectivity would enhance that difficulty. So the random audit is possible from this POV.
The rest can be stopped also, tho they require honest external sources of time stamps that are irrefutable. You get those by providing a large random number , usually a hash of something, and getting back a signed encrypted message with the hash and the time the message was produced.
But, you have to think it through to know if you have caught everything.
I would create a credible team, there will soon be no shortage of crypto people looking for work, the futures of banks and NSA being what they are. Magicians are always out of work, so finding the criminal team will be no problem, selecting the people credible enough to do this may take time. But be persistent and patient, the Israelis 9/11 operation is a an inspiration to us all. 10 years it took Kroll to get the security contract for the WTC complex. This could pay off big-time.
If you do the implementation, the magicians focus on hardware, etc. to switch data streams. You can easily have generated frames matching the automated action, and the timestamp mechanism can be applied to those files, and those substituted. Having participated in demos of computer software. Sure, this is happening inside a computer, and that is where the dirty has to happen.
The independent cameras would eventually notice a discrpency, a drop of paint in the reality they are seeing vs the film produced, so that is another level of security check to be added.
You would have to control the N different timestamp services. Those are key. Once you have that, you control the automatic check for “is this real?”, and the system unravels. Main problem is that service would have to be reputable, so it would need to be able to differentiate your crooked requests from legitimate requests. Easy, serial numbers or some such, problem would be making it non-obvious. So embarrassing when some mild autistic notices that no odd serial number beginning with 3 has ever failed in their tests.
That is normal security problems, no different than now.
So, if you can ensure secure generation of the files and secure timestamps and checks of timestamps, it still is OK.