Abstract: A method of obtaining digitally signed data is disclosed. The method comprises sending first data (e2) from at least one of a plurality of first participants to at least one second participant, wherein the first data is based on second data (e) accessible to at least one said first participant, and the second data is inaccessible to the or each said second participant. A digital signature (s1) of the first data is received from at least one said second participant, and the digital signature of the first data is processed, by a plurality of the first participants, to provide shares of a digital signature(s) of the second data, wherein the digital signature of said second data is accessible by means of a threshold number of said shares and is inaccessible to less than said threshold number of shares.

Abstract: A computer-implemented security may be implemented on a blockchain comprising applying a one-way function to a first secret value to create a first veiled secret value; communicating the first veiled secret value to a user; receiving a second veiled secret value from the user, wherein the second veiled secret value is created by applying a one-way function to the second secret value; and constructing a first blockchain transaction comprising the first veiled secret value and the second veiled secret value, the first blockchain transaction arranged to be unlockable to transfer control of a first resource upon provision of both the first secret value and the second secret value to a respective blockchain transaction.

Abstract: A computer-implemented method of providing proof that a blockchain transaction exists on a blockchain, wherein the method is performed by a Merkle proof entity configured to store a set of transaction identifiers of respective blockchain transactions but not to publish new blockchain blocks to the blockchain network, and wherein the method comprises: obtaining a target transaction identifier of a target blockchain transaction, wherein the target transaction identifier forms part of the stored set of transaction identifiers; obtaining a target Merkle proof for the target blockchain transaction, wherein a corresponding target Merkle root is contained within a blockheader of the blockchain; and outputting the target Merkle proof for use by the requesting party as proof that the target blockchain transaction exists on the blockchain.

Abstract: A computer-implemented method comprising one or more instances of a challenge-response mapping operation. The challenge-response mapping operation comprises: from a submitting party, receiving challenge data comprising a secondary challenge, from among a set of multiple possible secondary challenges; inputting a primary challenge into a physically unclonable function, PUF, to generate a corresponding primary response; inputting the received secondary challenge and the generated primary response into a deterministic transform function in order to generate a secondary response, being a response to the secondary challenge, the transform function being a function of the secondary challenge and the primary response; and outputting response data comprising the secondary response or data derived therefrom.

Abstract: A method for enabling a verifying party to verify an identity of a target party or device. The method comprises, in a set-up phase: inputting of each of a set of one or more challenges into a PUF module comprising a physically unclonable function, PUF, to generate a respective one of a set of responses from each challenge; and causing to be stored, on a blockchain, a respective piece of response data for each of the set of one or more responses generated by the PUF module. The piece of response data for each response comprises the respective response or data derived therefrom. The pieces of response data are stored in one or more storage transactions recorded on the blockchain, thereby making at least one of the pieces of response data available to the verifying party for verifying the identity of the target in a subsequent verification phase.

Abstract: A computer-implemented includes sending a public key associated with a particular node in a cyclically-ordered set of nodes participating in a blockchain network to an initiator node; receiving, by the particular node from a node immediately previous to the particular node in the cyclically-ordered set, a first value based on public keys associated with each node from the particular node through to the initiator node; determining a locking value based on the first value and the public key associated with the particular node; and preparing using the locking value, a transaction arranged to transmit control of a resource from a source address associated with the particular node to a receiving address of a node immediately subsequent to the particular node. The control of the resource is to be transmitted responsive to satisfaction of an execution condition including supply of an unlocking value corresponding to the locking value.

Abstract: A computer-implemented method of authorising a payment by a target party to a verifying party. The method comprises, by the verifying party: performing a payment verification to verify a source of funds of the target party; and performing an identity verification to verify an identity of the target party. The identity verification comprises accessing response data stored in a data store in association with the identity of the target party, the data store being implemented in third party computer equipment of a trusted third party or on a peer-to-peer publication medium, wherein the response data comprises either a) a stored instance of a response to a challenge, or b) an attestation comprising a transformation of the response. The payment is authenticated on condition that the outputs of both the payment verification and identity verifications is true.

Abstract: The invention provides a blockchain-implemented control method and corresponding system(s). The invention may control access to an internet-enabled resource such as an IoT device that is provided with computing capabilities enabling it to communicate with other computer-based resources and interact with a distributed ledger such as a blockchain. In one embodiment, the invention provides a method for controlling the use of an internet-enabled resource comprising providing a first blockchain transaction comprising at least one output which is redeemable only by provision of at least: i) a secret value selected by a user; and ii) a signature associated with a resource provider; sending use-related information to the resource; generating a second blockchain transaction requesting at least the secret value; and modifying the second blockchain transaction to include the secret value.

Abstract: A method for enabling a verifying party to verify an identity of a target comprising a target party or device. The method comprises, in a set-up phase, by a party other than the verifying party: inputting a set of one or more challenges into a PUF module comprising a physically unclonable function, PUF, in order to generate a respective set of one or more responses based on the PUF; and storing a respective response data record for each of the set of responses in a data store external to any equipment of the target party or verifying party, the data store either being part of third party computer equipment or being a public peer-to-peer publication medium. The response data records are thus made available to the verifying party to verify the identity of the target in a subsequent verification phase.

Abstract: A computer-implemented method of validating token transactions, wherein the validating entity has access to a token mint transaction and/or a token setup transaction, wherein the token mint transaction comprises cryptographic minting data, and mints an initial amount of the tokens, wherein the token setup transaction comprises the minting data certified by the token issuer, and wherein the method is performed by a validating entity and comprises: obtaining a target token transaction comprising one or more token inputs and one or more token outputs; and validating the target token transaction, wherein said validating of the target token transaction comprises: verifying that each token input of the target token transaction comprises the minting data, and/or verifying that each token input of the target token transaction references a respective token output of either the token mint transaction or a previously validated token transaction that can be traced back to the token mint transaction.

Abstract: Methods and devices to enable the splitting of storage and validation functions from mining function in a blockchain network. The storage and validation nodes create candidate blocks and collect block rewards from successfully mined blocks. The mining nodes provide hash power for mining the candidate blocks and received resources from the storage and validation node for successful mining of a candidate block. Atomic exchange mechanisms are described for preventing loss and fraud and minimizing the use of bandwidth by mining nodes.

Abstract: The invention provides methods and systems which enable additional functionality to be inserted into blockchain scripts with ease and in an effective and manner. According to one embodiment, the invention provides a blockchain-implemented method comprising the steps of arranging a plurality or selection of scripting language primitives to provide, upon execution, the functionality of a high-level scripting language primitive, wherein the scripting language is associated with a blockchain protocol; inserting the plurality of scripting language primitives at least once into a script; and inserting the script into blockchain transaction (Tx). The high-level scripting language primitive may perform, for example, an arithmetic operation such as multiplication or division. The scripting language primitives may be called op-codes, words or commands, and are native to the scripting language. The scripting language may be Script, and the blockchain protocol may be a version of the Bitcoin protocol.

Abstract: A comprising, by target computer equipment of a target party: obtaining a cryptographic key derived from a response generated by PUF module comprising a physically unclonable function, PUF, the response having been generated by the PUF module based on the PUF in response to a corresponding challenge input to the PUF module, wherein key information comprising the cryptographic key or a corresponding public key is also made available to a verifying party; from an issuing party, receiving a computation request specifying the computation to be performed; in response to the computation request, performing the computation in order to generate a computation result; signing a message comprising the computation result with the cryptographic key; and making the signed message available to the verifying party by sending the signed message to be recorded on a blockchain.

Abstract: A method of transferring control of a digital asset (2) is disclosed. The method comprises distributing shares dAi of a first private key dA of an elliptic curve cryptography (ECC) system among a plurality of first participants (4). The first private key is accessible by means of a first threshold number (6) of shares dAi of the first private key, and is inaccessible in the absence of the first threshold number of shares, and access to the digital asset (2) is provided by digital signature of a first encrypted message with the first private key. Shares of a deterministic key Dk of the cryptography system are distributed among the either the first participants or a plurality of second participants, wherein the deterministic key is accessible by means of a second threshold number of shares of the deterministic key, and is inaccessible in the absence of the second threshold number of shares.

Abstract: An implementation of the present application provides a computer-implemented method to increase the security of a blockchain-implemented transaction, the transaction including participation from a plurality of participating nodes, each participating node participating as a message originator, selector, and propagator. The method, implemented at a participating node, includes: receiving ciphertext from a prior node and determining whether the participating node is a selector node for said ciphertext received from the prior node. When the participating node is the selector node for said ciphertext, the method includes selecting a subset of said ciphertext, decrypting the selected subset of said ciphertext to provide opted ciphertext and transmitting said opted ciphertext to the next node. When the participating node is other than the selector node for said ciphertext, the method includes decrypting said ciphertext received from the prior node and transmitting the decrypted ciphertext to the next node.

Abstract: A system for performing transaction mixing between a plurality of users on a blockchain is provided. The blockchain may be, for example, the Bitcoin blockchain. The system is configured to carry out the steps of: (i) preparing a first commitment transaction arranged to transmit control of a resource from a source address of a first user to a receiving address of a second user; (ii) preparing a second commitment transaction arranged to transmit control of a resource from a source address of the second user to a receiving address of a further user; (iii) preparing a further commitment transaction arranged to transmit control of a resource from a source address of the further user to either: (a) a receiving address of the first user; or (b) a receiving address of a yet further user and repeating step (iii) until option (a) is performed to complete a transaction chain; and (iv) executing the transaction chain. At least one of the users is randomly chosen from the plurality.

Abstract: A computer-implemented method of generating a second transaction for a blockchain. The blockchain comprises a first transaction comprising a first token and a first output transferring an amount of a digital asset between a second party and a first party. The first token represents a first amount of a token asset other than the digital asset, the second transaction is for transferring a second token representing a second amount of the token asset from a first party to a third party. The method is performed by the first party and comprises generating the second transaction. The second transaction comprises a first input configured to unlock the first output of the first transaction, and a first output comprising the second token. The second token comprises data representing the second amount of the token asset, the second amount being less than the first amount.

Abstract: In one aspect, the present disclosure proposes methods, devices and systems for partitioning a request associated with a digital asset into an arbitrary number of transactions. The partitioning is based on knowing or obtaining a maximum number of outputs allowed for a request and an arbitrarily selection of a possible integer partition of an arbitrarily selected integer. The randomly selected integer partition then forms the basis for determining the number of transactions and UTXOs, so that a digital asset value can be arbitrarily split across the determined UTXOs before being stored on a public blockchain. In another aspect, the present disclosure proposes methods, devices and systems for arbitrarily distributing a digital asset value associated with a request across an arbitrarily determined number of transactions. This is based on an arbitrarily selected number of transactions, and a maximum number of outputs allowed for each request.

Abstract: A computer-implemented method of generating a digital signature, wherein the method is performed by a signing party and comprises: obtaining a first message; generating an ephemeral private key based on at least a hash of an external data item; and generating a first signature comprising first and second signature components, wherein the first signature component is generated based on an ephemeral public key corresponding to the ephemeral private key, and wherein the second signature component is generated based on the first message, the ephemeral private key, the first signature component and a first private key.

Abstract: A computer-implemented method of generating a share of a digital signature, wherein each participant has a respective share of a first shared private key, wherein the method is performed by a first participant and comprises: obtaining a first message; generating a first data item based on at least a hash of a first external data item; generating a first ephemeral private key share of an ephemeral private key based on the first data item and a respective data item generated by each other participant; generating an ephemeral public key corresponding to the ephemeral private key; generating a first signature share based on the first message, the first ephemeral private key share, a first share of the first shared private key, and the ephemeral public key; and making the first signature share available to a coordinator for generating a first signature based on at least a threshold number of signature shares.