Abstract: Techniques are disclosed relating to determining identity information of a user associated with a blockchain address. An application of a first user can receive information indicative of a blockchain address of a second user. This information either includes or is usable to retrieve a certificate of the second user, which is signed by a private key of a certificate authority (CA), and which includes identity information of the second user. The application of the first user can verify the certificate using a public key of the CA. The application of the first user can then cause identity information of the second user to be included in a user interface presented to the first user. This information allows the first user to have more information about the second user before commencing an irreversible blockchain transaction with that user.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Methods and systems are presented for providing a framework for facilitating token sharing with contract issuers based on processing of smart contract transactions. The framework provides a mechanism for allowing one or more computer nodes within a blockchain network to opt-in to a token sharing agreement with a contract issuer and a mechanism for an opted-in computer node to share tokens with the contract issuer in a decentralized manner. When a computer node has opted-in to the token sharing agreement, the computer node, by executing a smart contract, performs a set of computer procedures that is non-productive to the processing of the smart contract transaction. The execution of the set of non-productive computer procedures provides an additional amount of processing fee based on the processing of the smart contract transaction. The computer node then transfers a portion of the additional amount of processing fee to an account of the contract issuer as part of the processing of the smart contract.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: The present technology can allow a user to use the OpenID Connect protocol to login to an account that has an anonymous user account ID. More specifically, the present technology can programmatically combine information received from an OpenID provider during the OpenID Connect protocol with a random value to yield a unique anonymous user account ID. The present technology also makes use of the ability within the OpenID Connect protocol to embed a chosen nonce into the token signed by the OpenID provider. This allows for embedding hashes of cryptographic keys, like signature verification keys, into ID tokens received from the OpenID provider that authenticates the user. Subsequently, the user can sign messages that can be verified using the verification key bound to the ID token from the OpenID provider.

Abstract: Methods and systems are presented for providing a framework for facilitating token sharing with contract issuers based on processing of smart contract transactions. The framework provides a mechanism for allowing one or more computer nodes within a blockchain network to opt-in to a token sharing agreement with a contract issuer and a mechanism for an opted-in computer node to share tokens with the contract issuer in a decentralized manner. When a computer node has opted-in to the token sharing agreement, the computer node, by executing a smart contract, performs a set of computer procedures that is non-productive to the processing of the smart contract transaction. The execution of the set of non-productive computer procedures provides an additional amount of processing fee based on the processing of the smart contract transaction. The computer node then transfers a portion of the additional amount of processing fee to an account of the contract issuer as part of the processing of the smart contract.

Abstract: The present technology can allow a user to use the OpenID Connect protocol to login to an account that has an anonymous user account ID. More specifically, the present technology can programmatically combine information received from an OpenID provider during the OpenID Connect protocol with a random value to yield a unique anonymous user account ID. The present technology also makes use of the ability within the OpenID Connect protocol to embed a chosen nonce into the token signed by the OpenID provider. This allows for embedding hashes of cryptographic keys, like signature verification keys, into ID tokens received from the OpenID provider that authenticates the user. Subsequently, the user can sign messages that can be verified using the verification key bound to the ID token from the OpenID provider.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Methods and systems are presented for providing a framework for facilitating token sharing with contract issuers based on processing of smart contract transactions. The framework provides a mechanism for allowing one or more computer nodes within a blockchain network to opt-in to a token sharing agreement with a contract issuer and a mechanism for an opted-in computer node to share tokens with the contract issuer in a decentralized manner. When a computer node has opted-in to the token sharing agreement, the computer node, by executing a smart contract, performs a set of computer procedures that is non-productive to the processing of the smart contract transaction. The execution of the set of non-productive computer procedures provides an additional amount of processing fee based on the processing of the smart contract transaction. The computer node then transfers a portion of the additional amount of processing fee to an account of the contract issuer as part of the processing of the smart contract.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: Techniques are disclosed relating to determining identity information of a user associated with a blockchain address. An application of a first user can receive information indicative of a blockchain address of a second user. This information either includes or is usable to retrieve a certificate of the second user, which is signed by a private key of a certificate authority (CA), and which includes identity information of the second user. The application of the first user can verify the certificate using a public key of the CA. The application of the first user can then cause identity information of the second user to be included in a user interface presented to the first user. This information allows the first user to have more information about the second user before commencing an irreversible blockchain transaction with that user.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.