You are viewing a single comment's thread from:

RE: Testing Markdown code blocks

in #test8 years ago

I agree that posting within the Steem system proves you are the authentic originator of a comment or post, assuming that your private key is safe (that's why it's private!).

It's really great, actually! I wonder how difficult it would be to implement a way to encrypt messages to other users? That would be a killer feature.

8 years ago in #test by
$0.00
    2 votes
    Reply 1
    Sort:  
  • Trending
    • [-]
     8 years ago 

    I wonder how difficult it would be to implement a way to encrypt messages to other users? That would be a killer feature.

    Don't know if you saw what I posted in the slack when I was discussing that with @xeroc. I'll repost it here:

    So I generate a random UNIQUE_ONETIME_KEY. The ECC point of UNIQUE_ONETIME_KEY is UNIQUE_ONETIME_PUBLIC_KEY. I would xor UNIQUE_ONETIME_KEY with my private MEMO_KEY to get AUTHOR_ENCRYPTED_KEY. Then SHARED_MESSAGE_KEY = Hash(UNIQUE_ONETIME_KEY). Then I take your public memo key (XEROC_MEMO_PUBLIC_KEY) and do EC multiplication with UNIQUE_ONETIME_KEY to get XEROC_KEY_ENCRYPTION_KEY = XEROC_MEMO_PUBLIC_KEY * UNIQUE_ONETIME_KEY. Then I xor XEROC_KEY_ENCRYPTION_KEY with SHARED_MESSAGE_KEY to get XEROC_ENCRYPTED_KEY. I can do this same process with any other recipients. Then I include a field called 'encrypted_post' in the JSON that has the following JSON object as a value:

    {
   one_time: "<UNIQUE_ONETIME_PUBLIC_KEY>",
   author_key: "<AUTHOR_ENCRYPTED_KEY>",
   recipients: ["<XEROC_ENCRYPTED_KEY>"]
}

    If you do not care about revealing who the message is for then you would instead use the following JSON object:

    {
   one_time: "<UNIQUE_ONETIME_PUBLIC_KEY>",
   author_key: "<AUTHOR_ENCRYPTED_KEY>",
   recipients: [["xeroc", "<XEROC_ENCRYPTED_KEY>"]]
}

    The entire post body would then be encrypted using AES with SHARED_MESSAGE_KEY used as the key.

    So that is one way it could be done. It allows the author's client to transparently decrypt their own message as long as it has access to their memo_key at the time the post was created. Also, each recipient's client could also transparently decrypt the message as long as it has access to their account's memo_key that was published at the time the post was authored.

    From the slack discussion, @xeroc seemed to be interested in implementing something like this in his Python Steem GUI client.

    Coin Marketplace

    STEEM 0.20
    TRX 0.15
    JST 0.029
    BTC 64344.88
    ETH 2629.39
    USDT 1.00
    SBD 2.83