|
| 1 | +--- |
| 2 | +cover: false |
| 3 | +header: |
| 4 | + overlay_color: "#000" |
| 5 | + overlay_filter: "0.25" |
| 6 | + overlay_image: /assets/images/dev-seed-background.jpg |
| 7 | + og_image: /assets/images/bc-card.jpg |
| 8 | +title: "Provenance Marks" |
| 9 | +hide_description: true |
| 10 | +classes: |
| 11 | + - wide |
| 12 | +permalink: /provemark/ |
| 13 | +sidebar: |
| 14 | + nav: |
| 15 | + - stack-crypto |
| 16 | +--- |
| 17 | + |
| 18 | +## Overview |
| 19 | + |
| 20 | +<a href="/crypto-stack/"><img src="https://developer.blockchaincommons.com/assets/images/bc-stack-crypto-sskr.png" style="margin-left: 20px; float: right" width="25%"></a> |
| 21 | + |
| 22 | +Provenance Marks provide a cryptographically-secured system for establishing and verifying the authenticity of works. By combining cryptography, pseudorandom number generation, and linguistic representation, this system generates unique, sequential marks that commit to the content of preceding and subsequent works. |
| 23 | + |
| 24 | +## Why are Provenance Marks Important? |
| 25 | + |
| 26 | +In an age of rampant AI-powered manipulation and plagiarism, determining provenance is more important than ever. These marks ensure public and easy verification of provenance, offering robust security and intuitive usability. Provenance Marks are particularly valuable for securing artistic, intellectual, and commercial works against fraud and deep fakes, protecting creators’ reputations and the integrity of their creations. |
| 27 | + |
| 28 | +## How Do Provenance Marks Work? |
| 29 | + |
| 30 | +The basic level of SSKR allows you to create a single group of shares, |
| 31 | +with a threshold for how many of those must be collected to |
| 32 | +reconstruct the seed. The following shows an example from [Gordian |
| 33 | +SeedTool](https://github.com/BlockchainCommons/GordianSeedTool-iOS) of |
| 34 | +creating three shares, of which two must be recovered. |
| 35 | + |
| 36 | +<figure class="third"> |
| 37 | + <a href="/assets/images/sskr/export-1a.jpeg"><img src="/assets/images/sskr/export-1a.jpeg"></a> |
| 38 | + <a href="/assets/images/sskr/export-2a.jpeg"><img src="/assets/images/sskr/export-2a.jpeg"></a> |
| 39 | + <a href="/assets/images/sskr/export-3a.jpeg"><img src="/assets/images/sskr/export-3a.jpeg"></a> |
| 40 | +</figure> |
| 41 | + |
| 42 | +The user would take these shares and give one each to three different |
| 43 | +trusted people (or places, such as a safe or bank vault). (Or, this |
| 44 | +could be automated using [CSR](/csr/).) |
| 45 | + |
| 46 | +_See the [SSKR FAQ](/sskr/faq/) for a more complete explanation of these words._ |
| 47 | + |
| 48 | +### How Does Advanced SSKR Work? |
| 49 | + |
| 50 | +SSKR supports a more advanced methodology where you can define |
| 51 | +multiple groups, and then require a certain number of shares to come |
| 52 | +back from each group for a certain number of groups. |
| 53 | + |
| 54 | +The following shows an example from [Gordian |
| 55 | +SeedTool](https://github.com/BlockchainCommons/GordianSeedTool-iOS) |
| 56 | +where 2 of 3 shares must come back from 2 of 3 groups. |
| 57 | + |
| 58 | +<figure class="third"> |
| 59 | + <a href="/assets/images/sskr/export-4a.jpeg"><img src="/assets/images/sskr/export-4a.jpeg"></a> |
| 60 | + <a href="/assets/images/sskr/export-5a.jpeg"><img src="/assets/images/sskr/export-5a.jpeg"></a> |
| 61 | + <a href="/assets/images/sskr/export-6a.jpeg"><img src="/assets/images/sskr/export-6a.jpeg"></a> |
| 62 | +</figure> |
| 63 | + |
| 64 | +This can allow for more complex scenarios, such as a business that |
| 65 | +hands off one set of three shares to Chief Officers, and then backs that up |
| 66 | +with a set of three shares held by their accountants and another set of three shares held by some other |
| 67 | +fiduciary. Any two of the COs, accountants and fidicuaries could then recover using two of three shares from their sets—but not just any four shares, they have to come from two discrete groups. |
| 68 | + |
| 69 | +(Though this example is symmetrical, that's not required. You could |
| 70 | +require 2 of 3 shares from the CO group, 3 of 5 from the accountants, and 1 of 1 from the fidicuary, representing different levels of trust and different hierarchies within each group.) |
| 71 | + |
| 72 | +Once you generate advanced SSKR shares, the user would distribute them |
| 73 | +just like basic SSKR shares, but here they'd need to be very careful to understand |
| 74 | +the roles of everyone they'ree giving shares to, since they're |
| 75 | +creating a more complex procedure. |
| 76 | + |
| 77 | +## What are SSKR URs? |
| 78 | + |
| 79 | +The above examples show SSKR being encoded with [Uniform Resources](/ur/). As described in [BCR 2020-011](https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-011-sskr.md), each share is converted to CBOR and prefixed with a `ur:sskr` tag. This supports the storage of shares in a self-identifying manner. |
| 80 | + |
| 81 | + This is the simplest way to use SSKR, though not the preferred one: it's generally been deprecated to instead prefer SSKR Envelopes. |
| 82 | + |
| 83 | +## What are SSKR Envelopes? |
| 84 | + |
| 85 | +[Envelope](/envelope/) is Blockchain Commons' privacy-focused format for the storage and transmission of data. Though the UR format supported the self-identifying storage of singular bits of data, Envelope goes further, allowing for the storage of multiple types of data, including metadata, allowing the preservation of multiple secrets and of descriptions of those secrets. (There are also many other advantages, as discussed on the [Envelope](/envelope/) page.) |
| 86 | + |
| 87 | +To allow this, SSKR Envelopes takes a somewhat different tack from SSKR URs. You _don't_ shard your seed, key, or other secret. Instead you: |
| 88 | + |
| 89 | +1. Place your seed or key in an Envelope. Maybe multiple seeds or keys. Maybe multiple seeds or keys with metadata. |
| 90 | +2. Generate a new symmetric key. |
| 91 | +3. Use the new symmetric key to encrypt the Envelope containing your data. |
| 92 | +4. Shard the symmetric key with SSKR. |
| 93 | +5. Distribute copies of the Envelope that each contain the encrypted sub-Envelope and one of the shares of the symmetric key. |
| 94 | + |
| 95 | +By this methodology, you can store many seeds and many keys in a single Envelope, but still only have one share to manage. You can also include metadata explaining what the seed or key is for, either inside _or_ outside the encrypted content. (Encrypted metadata might remind you what a key is for; unecrypted metadata might help you or your heirs to recover sufficient key shares.) This method is much more in tune with the way that secrets work in the real world, where you may have many seeds for many different devices, and even old master keys generated _without_ seeds. |
| 96 | + |
| 97 | +Though SSKR Envelopes are our preferred way to encode and share secrets, you might use SSKR URs if you had a very constrained device or a very simple use case. The [test vectors](/sskr/vector/) page includes examples of both. |
| 98 | + |
| 99 | +## How to Get Started with SSKR Envelopes |
| 100 | + |
| 101 | +You can easily incorporate SSKR URs into your project by using [an appropriate SSKR library](https://developer.blockchaincommons.com/sskr/#libraries) to shard your seed or other secret. |
| 102 | + |
| 103 | +However, we now suggest the use of SSKR Envelope instead, to allow the storage of metadata and multiple secrets. The following steps will allows you test out the integration of SSKR Envelopes into your system. First, create a solid foundation for storing Seeds in Envelopes: |
| 104 | + |
| 105 | +1. Add support for [LifeHash](https://developer.blockchaincommons.com/lifehash/) for seeds in your UX, so that you can visually recognize seeds, making it easy to see when they have been reconstructed (or just transferred) correctly. |
| 106 | +2. Get started with Envelopes, as discussed on the [Envelope](/envelope/) dev page. |
| 107 | +3. Create a basic [`ur:envelope`](https://developer.blockchaincommons.com/envelope/) containing your seed, adding notes and dates as metadata. You can use our [128-bit](https://developer.blockchaincommons.com/seed-128/) or [256-bit](https://developer.blockchaincommons.com/seed-256/) test seed for this purpose. |
| 108 | +4. Test by reading your seed back. Throw out data that you don't need when you do so. |
| 109 | +5. Test by outputting your Envelope as a QR and reading that back in. |
| 110 | +6. Test by outputting your Envelope as an [Animated QR](https://developer.blockchaincommons.com/animated-qrs/) and reading that back in. |
| 111 | + |
| 112 | +At this point you should have seeds that you know are interoperable thanks to the ability to check with LifeHash and the successful export and import in a variety of formats. You can now integrate SSKR as well: |
| 113 | + |
| 114 | +7. Integrate SSKR and export an SSKR Envelope of your seed as a 2-of-3 sharding. |
| 115 | +8. Test import with each of three combinations of two shares: AB, BC, and AC. |
| 116 | +9. Test a two-of-three group, 2-of-3 share sharding, and import with a few different combination of two shares from two different groups, such as: A1A2B1B2, A2A3C2C3, and A1A3B2B3. |
| 117 | +10. Figure out what other metadata you'd like to include, such as seed name, seed creation date, and notes. Export your seed with this metadata, shard, and reconstruct. |
| 118 | + |
| 119 | +## Videos |
| 120 | + |
| 121 | +<table width="100%"> |
| 122 | + <tr> |
| 123 | + <td width="640px"> |
| 124 | + <b>SSKR in Overview:</b> |
| 125 | + |
| 126 | +{% include video id="RYgOFSdUqWY?start=1612" provider="youtube" %} |
| 127 | + |
| 128 | + </td> |
| 129 | + <td width="640px"> |
| 130 | + <b>Early Demo Video:</b> |
| 131 | + |
| 132 | +{% include video id="PIND7J096U8" provider="youtube" %} |
| 133 | + |
| 134 | + </td> |
| 135 | + <td width="640px"> |
| 136 | + <b>SSKR & Envelope:</b> |
| 137 | + |
| 138 | +{% include video id="ERRhMDSEFm8" provider="youtube" %} |
| 139 | + |
| 140 | + </td> |
| 141 | + </tr> |
| 142 | +</table> |
| 143 | + |
| 144 | +## Libraries |
| 145 | + |
| 146 | +{% include lib-shamir.md %} |
| 147 | + |
| 148 | +{% include lib-sskr.md %} |
| 149 | + |
| 150 | +{% include lib-envelope.md %} |
| 151 | + |
| 152 | +## Links |
| 153 | + |
| 154 | +**Intro:** |
| 155 | + |
| 156 | +* [Shamir's Secret Sharing: An Overview](https://docs.google.com/document/d/1rZJlFZcftrCM_KaxFnHUIskJKlSQzF0zFn4WIRQGDLU/edit#heading=h.imy5xgr88lxa) (#RWOT9) |
| 157 | +* [BCR-011: UR Type Definition for SSKR](https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-011-sskr.md) (Blockchain Commons Research) |
| 158 | +* [SSKR Lexicon](/sskr/lexicon/) |
| 159 | + |
| 160 | +**Developer Resources:** |
| 161 | + |
| 162 | +* [Developer FAQ](/sskr/faq/) |
| 163 | +* [Test Vectors](/sskr/vectors/) |
| 164 | +* [Using URs for SSKR](/ur/sskr/) |
| 165 | +* [Using Gordian Envelope](/envelope/) |
| 166 | + |
| 167 | +**Developer Reference Apps:** |
| 168 | + |
| 169 | +* [Gordian SeedTool](https://github.com/BlockchainCommons/GordianSeedTool-iOS) (app implementation) |
| 170 | +* [SeedTool CLI](https://github.com/BlockchainCommons/bc-seedtool-cli) (CLI implementation) |
| 171 | +* [Ledger Seed Tool App](https://github.com/aido/app-seed-tool) (app implementation by [Aido](https://github.com/aido)) |
| 172 | + |
| 173 | +**Use Cases:** |
| 174 | +* [Cold Storage](/sskr/use-cases/cold/) |
| 175 | + |
| 176 | +**Other Resources:** |
| 177 | + |
| 178 | +* [Designing SSKR Share Scenarios](https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/SSKR-Sharing.md) (#SmartCustody) |
| 179 | +* [SSKR Dangers](https://github.com/BlockchainCommons/SmartCustody/blob/master/Docs/SSKR-Dangers.md) (#SmartCustody) |
| 180 | +* [Evaluating Social Schemes for Recovery](https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/final-documents/evaluating-social-recovery.md) (#RWOT8) |
0 commit comments