Abstract: A method and apparatus for location sharing, consisting of sending a location report by a location determining device to a plurality of network enabled devices over a peer-to-peer network, the location determining device being associated with a first digital key pair. A first of the plurality of network enabled devices, associated with a second digital key pair, performs a validation computation on the location report and submits a validation computation result and the location report to a remainder of the plurality of network enabled devices for inclusion in a shared ledger. Including the location report creates commercially-valued credits associated with the public key of the second digital key pair recorded in the shared ledger. A transfer of commercially-valued credits from association with the first public key of the first digital key pair to the public key of the second digital key pair is also recorded in the shared ledger.

Abstract: A data management blockchain and protocol for controlling access to data, in which no central trusted authority is required, is presented. The data management blockchain and protocol comprises an initial announcement of public keys by a plurality of blockchain participants, through which each blockchain participant establishes an identity. Subsequently a first of the plurality of blockchain participants publishes data encrypted with a cryptographic key on the blockchain. A second of the plurality of blockchain participants is assigned as an owner of the data by an authority. Access to the data is granted or revoked to further participants by the second of the plurality of blockchain participants through signed permission messages published on the blockchain, and a corresponding hand-over of the cryptographic key by the first of the plurality of blockchain participants, allowing access to the data. Access to further data may be revoked by changing the cryptographic key used.

Abstract: A method and apparatus for location sharing, consisting of sending a location report by a location determining device to a plurality of network enabled devices over a peer-to-peer network, the location determining device being associated with a first digital key pair. A first of the plurality of network enabled devices, associated with a second digital key pair, performs a validation computation on the location report and submits a validation computation result and the location report to a remainder of the plurality of network enabled devices for inclusion in a shared ledger. Including the location report creates commercially-valued credits associated with the public key of the second digital key pair recorded in the shared ledger. A transfer of commercially-valued credits from association with the first public key of the first digital key pair to the public key of the second digital key pair is also recorded in the shared ledger.

Abstract: A radio frequency identification device, or RFID tag, has an antenna attached to or formed on a microchip. The microchip usually comprises low power fixed or programmable logic and a small quantity of persistent memory. As many RFID tags are powered by radio waves transmitted from an RFID tag reader, the low power fixed or programmable logic is often not capable of performing complex cryptographic calculations required for digital signing to provide one-way authentication of the tag. In the present disclosure a system and method are presented for enabling a low overhead challenge and response using a one-time password pad comprising passwords on the RFID tag and a blockchain to record a use of the passwords. Methods are also disclosed for securely replacing the one-time password pad, and using the RFID tag in combination with a blockchain to provide provenance information for the RFID tag.

Abstract: A data management blockchain and protocol for controlling access to data, in which no central trusted authority is required, is presented. The data management blockchain and protocol comprises an initial announcement of public keys by a plurality of blockchain participants, through which each blockchain participant establishes an identity. Subsequently a first of the plurality of blockchain participants publishes data encrypted with a cryptographic key on the blockchain. A second of the plurality of blockchain participants is assigned as an owner of the data by an authority. Access to the data is granted or revoked to further participants by the second of the plurality of blockchain participants through signed permission messages published on the blockchain, and a corresponding hand-over of the cryptographic key by the first of the plurality of blockchain participants, allowing access to the data. Access to further data may be revoked by changing the cryptographic key used.

Abstract: A system and method for transitioning a blockchain between an open state and a permissioned state, or a public state and a private state, is disclosed. The blockchain is initiated in one state and is transitioned to another state after a transition proposal is sufficiently endorsed. If the blockchain is in the permissioned state or the private state, transition may be triggered by consensus between a number of blockchain administrators. If the blockchain is in the open state, transition may be triggered by vote or endorsement. If the blockchain is in the public state, the transition proposal may comprise virtual private networking credentials. In some embodiments a right to endorse the transition proposal may correspond with an ownership or expenditure of an amount of cryptocurrency.

Abstract: A method and apparatus are presented for revoking cryptographic keys within a distributed ledger system in which no central trusted authority is available. A key revocation message is sent by a network connected device to other network connected devices over a peer-to-peer network for inclusion in a ledger. In one embodiment the revocation message is signed using a private key of a public/private key pair to be revoked. In another embodiment an authorization for future revocation of the public/private key pair by a plurality of other public/private keys is sent for inclusion in the ledger, and subsequently the key revocation message is signed with one of the private keys of the plurality of public/private key pairs before sending the key revocation message. Once a valid key revocation message is included in the ledger, any future request to include a message signed by a revoked cryptographic key revoked by the valid key revocation message is rejected.

Abstract: A system and method for ensuring digital integrity of a blockchain is presented. The blockchain is initiated with one or more digital certificates presented in one of an initial set of blocks of the blockchain. One or more of the digital certificates may subsequently be used to sign a hash of a sequence of blocks in the blockchain at regular or semi-regular intervals. If a sequence of consecutive blocks is longer than a predetermined number and does not contain a signature from one or more of the digital certificates of a hash or one or more of the blocks in the sequence, the sequence may be considered not to comprise a part of the blockchain. In other embodiments side blocks may be signed and added to the blockchain.

Abstract: A method and system is presented for reaching consensus on adding data to and extending the structure or schema of databases synchronized across a distributed ledger or blockchain system, in which no central trusted authority is available, comprising sending an announcement message by a network connected device to a plurality of network connected devices over a network, said message proposing a database schema change or extension. If the announcement message and preceding data in the distributed ledger satisfy predetermined conditions, the plurality of network connected devices may include the data in the distributed ledger, and modify the schema of their databases in a corresponding manner. If data is submitted that requires a structural change to the database before the announcement message has been incorporated in the distributed ledger, the data is rejected by the network and is not included in the distributed ledger.

Abstract: A system and method is presented for storing a location on a blockchain of a hash, such as a cryptographic hash, digital fingerprint, or digest, of a digital item, such as a document, file, sound clip, or computer code, within the digital item itself. The blockchain may be used for providing a provenance of the digital item by generating the hash of the digital item and submitting it within a transaction to the blockchain. The system and method presented allow the location of the hash within the blockchain to be embedded within the digital item before said hash is generated and submitted, providing a clear link between a record of the hash and the digital item in question, and reducing the computational and network resources required to verify the provenance of the digital item.

Abstract: A system and method for provisioning an IoT device with a digital certificate without a need for a central Certificate Authority is presented. A blockchain is initiated, with a root certificate presented in an initial block of the blockchain. Said root certificate is subsequently used to sign an authorized certificate. The IoT device is preloaded with a nonce, and a hash of the nonce signed by an authorized certificate is published on the blockchain. The nonce may then be submitted to the blockchain with a self-signed certificate, the presence of the nonce validating the self-signed certificate. The blockchain provides a final single view of a true state of the digital certificates in the system and their respective authority and validity.

Abstract: Identity and access management in computer systems without the need for a central authority is provided. A user may create an identity on a blockchain, and generate a one-time pad of access passwords derived from repeated hashing of a master password and cryptographic salt. The user may publish a last access password from the one-time pad on the blockchain. The user may then provide proof of identify in response to an access challenge by revealing a prior access password from which the last access password is derived, and may receive a session token in response. The publishing of access passwords and receiving of session tokens may be associated with a transfer of tokens or digital credits of commercial value on the blockchain.

Abstract: A system and method for associating payment with provisioning an IoT device with a digital certificate without a need for a central Certificate Authority is presented. The IoT device is preloaded with a nonce, and a hash of the nonce signed by an authorized certificate is published on the blockchain. The nonce may then be submitted to the blockchain with a self-signed certificate, the presence of the nonce validating the self-signed certificate. The blockchain provides a final single view of a true state of the digital certificates in the system and their respective authority and validity. The publishing and signing of certificates may be associated with a transfer of tokens, or digital credits of commercial value.

Abstract: A system and method for provisioning an IoT device with a digital certificate without a need for a central Certificate Authority is presented. A blockchain is initiated, with a root certificate presented in an initial block of the blockchain. Said root certificate is subsequently used to sign an authorized certificate. The IoT device is preloaded with a nonce, and a hash of the nonce signed by an authorized certificate is published on the blockchain. The nonce may then be submitted to the blockchain with a self-signed certificate, the presence of the nonce validating the self-signed certificate. The blockchain provides a final single view of a true state of the digital certificates in the system and their respective authority and validity.

Abstract: A tank for containing e-liquid in an electronic cigarette assembly is disclosed. The tank comprises a cap and a body. The cap is connectable to the body through a screw thread with a specified handedness, and the body is connected to a battery assembly through a second screw thread with an opposite handedness to the screw thread of the cap. A construction of the tank ensures than when opening the cap, the body is not inadvertently unscrewed from the battery, and likewise when removing the body from the battery the cap is not inadvertently unscrewed from the body, thus preventing unintended e-liquid spillage and improving ease of removal of the cap and the body.

Abstract: A system and method for creating, sharing and revoking digital certificates in a decentralized and distributed manner, without a need for a central Certificate Authority is presented. A blockchain is initiated, with a root certificate published in one of an initial blocks of the blockchain. The root certificate may subsequently issue further certificates to other participants on the blockchain, or participants may submit certificates to the blockchain for signing by the root certificate. Notification of a revocation of certificates may be performed through the blockchain. The blockchain provides a final single view of a true state of the digital certificates in the system and their respective authority and validity. The issuing of further certificates, signing of certificates and revocation of certificates may be associated with a transfer of digital credits of commercial value.

Abstract: A method and apparatus is presented for announcing the existence of cryptographic key pairs within a distributed ledger system in which no central trusted authority is available, consisting of sending a key announcement message by a network connected device to other network connected devices over a peer-to-peer network for inclusion in the distributed ledger. Once a valid key announcement message for a public key is included in the ledger, any future transactions that reference an address associated with the public key or other messages concerning said public key are accepted by other network connected devices on the peer-to-peer network and are included in the distributed ledger. If transactions or other messages reference an address not associated with an announced public key, they may be rejected by the peer-to-peer network and may not be included in the distributed ledger.

Abstract: A system for creating, transferring and storing digital assets, such as a cryptocurrency, in which no central trusted authority is required, is presented. A plurality of databases are coupled to a blockchain, with each of the plurality of databases connected through a connective component. Each connective component monitors an associated database and the blockchain. A creation of a digital asset may be initiated by an entry in the associated database, and ownership of the digital asset ownership and associated properties are mirrored to the remainder of the plurality of databases through the blockchain and respective connective components. Subsequently a transfer of the digital asset may be initiated through a new entry to the associated database. The blockchain provides a final single view of a true state of the digital asset and acts as a validator and arbitrator for the creation and the transfer.

Abstract: A data management blockchain and protocol for controlling access to data, in which no central trusted authority is required, is presented. The data management blockchain and protocol comprises an initial announcement of public keys by a plurality of blockchain participants, through which each blockchain participant establishes an identity. Subsequently a first of the plurality of blockchain participants publishes data encrypted with a cryptographic key on the blockchain. A second of the plurality of blockchain participants is assigned as an owner of the data by an authority. Access to the data is granted or revoked to further participants by the second of the plurality of blockchain participants through signed permission messages published on the blockchain, and a corresponding hand-over of the cryptographic key by the first of the plurality of blockchain participants, allowing access to the data. Access to further data may be revoked by changing the cryptographic key used.

Abstract: A system and method for an editable blockchain is presented. Blocks within the blockchain are constructed in a manner that ensures that a data payload within the block is not included in a hash of the block, however, a hash of the data payload is included. Subsequently, a publisher of the data payload may make a request over the blockchain for the data payload to be deleted. The request may comprise a reason for a requirement to delete. Participants on the blockchain may then select to delete the data payload or overwrite the data payload with random data or zeros, such that a data of the data payload is effectively removed. As a result, the onus for a removal of the data is shifted from the publisher of the data payload to the participants on the blockchain, and an integrity of the hash-linked chain of blocks is maintained.