Abstract: Among other things, we describe a method of enabling one or more entities of a blockchain system to carry out a series of operations. The blockchain system includes a main chain, a co-chain, wherein the co-chain has a corresponding account on the main chain, an asset owned by the corresponding account on the main chain and owned by an account on the co-chain, and a co-chain account possessing the asset. The operations include posting an authenticated transaction on the co-chain, the authenticated transaction authorizing a transfer of the asset from the co-chain account to an account of the main chain, determining that the authenticated transaction is posted on the co-chain, and posting, on the main chain, a transaction assigning the asset to the account of the main chain.

Abstract: Among other things, a method performed by a certification authority includes receiving a request from a first entity for the first entity to conduct cryptocurrency transactions. The request includes information identifying the first entity and a public key of the first entity. A digital signature of the public key of the first entity is generated using an encryption key of the certification authority. A certification associated with the first entity is stored. The certification includes the digital signature and the public key of the first entity.

Abstract: Methods for a virtual blockchain protocol include generating a public key and a private key for transmitting a message from a sender to a recipient. The sender encrypts the message using the public key and a cryptographic key of the recipient to generate a first data package. The sender signs a hash function of the first data package using a cryptographic key of the sender to generate a third data package. The sender transmits the first data package and the third data package to the recipient. The sender receives a signed version of the third data package signed using the cryptographic key of the recipient. The sender determines that the signed version of the third data package has been posted to a blockchain. The sender posts the private key to the blockchain.

Abstract: A circuit provides a physically unclonable function. The circuit includes a first portion that provides a random value that varies according to an input to the circuit and a second portion that hashes the random value to provide an output value from the circuit. The first portion covers the second portion to prevent access to the random value. A breach of the first portions may alter operation of the first portion in a detectable manner. The first portion may cover a surface of a cube or parallelepiped. The first portion may be wrapped around a parallelepiped a plurality of times to cover each facet thereof from different directions. The output from the second portion may not intersect the first portion. The circuit may also include an external layer disposed on the first portion. The external layer may be glued to the first portion.

Abstract: Techniques for enabling one or more entities of a blockchain system to carry out operations using a blockchain of the blockchain system. For example, an erasable portion of a transaction can be erased while preserving a non-erasable portion of the transaction. The block containing the transaction, including the non-erasable portion, remains a valid block of the blockchain.

Abstract: A security device includes a covering device that, in response to an input signal, consistently provides a same random output signal that varies according to the microstructure of the covering device, where altering the microstructure of the covering device alters the random output signal, a key generation component that generates a secret key based on the random output signal, and a digital signature component that produces a digital signature of a message received by the security device using the secret key. The covering device surrounds at least a portion of the key generation component and the digital signature component to prevent access thereto and where accessing any of the components alters the microstructure of the covering device to alter the random output signal. The security device may be attached to an object and detaching the security device from the object may alter the microstructure of the covering device.

Abstract: In a transaction system in which transactions are organized in blocks, a new block Br of valid transactions is constructed, relative to a sequence of prior blocks B0, . . . , Br?1, by having an entity determine a quantity Q from the prior blocks, having the entity use a secret key in order to compute a string S uniquely associated to Q and the entity, having the entity compute from S a quantity T that is one of: S itself, a function of S, and/or a hash value of S, having the entity determine whether T possesses a given property, and, if T possesses the given property, having the entity digitally sign a hash value H of Br and make available S, Br and a digitally signed version of H, wherein, Br may be proposed in different steps of the round r and may be re-proposed multiple times during round r, and an entity may verify a hash value H of a block B independent of whether the entity has received B or not.

Abstract: A circuit provides a physically unclonable function. The circuit includes a first portion that provides a random value that varies according to an input to the circuit and a second portion that hashes the random value to provide an output value from the circuit. The first portion covers the second portion to prevent access to the random value. A breach of the first portions may alter operation of the first portion in a detectable manner. The first portion may cover a surface of a cube or parallelepiped. The first portion may be wrapped around a parallelepiped a plurality of times to cover each facet thereof from different directions. The output from the second portion may not intersect the first portion. The circuit may also include an external layer disposed on the first portion. The external layer may be glued to the first portion.

Abstract: Causing a block in a blockchain to be added to the blockchain includes causing an entity to receive information corresponding to a previous block, causing the entity to receive a declarative invocation of a smart contract execution on a given input, where the declarative invocation declares relevant results of the execution and other relevant data, causing the entity to verify syntactic validity of the invocation, and causing the entity to incorporate the declarative invocation in the block in response to verifying the syntactic validity of the invocation. The relevant results may specify net effects of the smart contract execution, a resulting state of the smart contract after execution, and a number of steps for execution. The other relevant data may specify a caller of the declarative invocation, time information, block information, and/or a payable fee.

Abstract: In a transaction system in which transactions are organized in blocks, a new block Br of valid transactions is constructed, relative to a sequence of prior blocks B0, B1, . . . , Br˜1, by having an entity determine a quantity Q from the prior blocks, having the entity use a secret key in order to compute a string S uniquely associated to Q and the entity, having the entity compute from S a quantity T that is S itself, a function of S, and/or hash value of S, having the entity determine whether T possesses a given property, and, if T possesses the given property, having the entity digitally sign Br and make available S and a digitally signed version of Br, wherein the entity is selected based on a random value that varies according to a digital signature of Br.

Abstract: A circuit provides a physically unclonable function. The circuit includes a first portion that provides a random value that varies according to an input to the circuit and a second portion that hashes the random value to provide an output value from the circuit. The first portion covers the second portion to prevent access to the random value. A breach of the first portions may alter operation of the first portion in a detectable manner. The first portion may cover a surface of a cube or parallelepiped. The first portion may be wrapped around a parallelepiped a plurality of times to cover each facet thereof from different directions. The output from the second portion may not intersect the first portion. The circuit may also include an external layer disposed on the first portion. The external layer may be glued to the first portion.

Abstract: Methods for a virtual blockchain protocol include generating a public key and a private key for transmitting a message from a sender to a recipient. The sender encrypts the message using the public key and a cryptographic key of the recipient to generate a first data package. The sender signs a hash function of the first data package using a cryptographic key of the sender to generate a third data package. The sender transmits the first data package and the third data package to the recipient. The sender receives a signed version of the third data package signed using the cryptographic key of the recipient. The sender determines that the signed version of the third data package has been posted to a blockchain. The sender posts the private key to the blockchain.

Abstract: Generating a uniquely authentic copy of information uses a physical device that consistently produces unpredictable outputs based on inputs and the microstructure of the device. The device is verified to satisfy a given property. It is substantially difficult to manufacture another device that satisfies the given property and that produces a particular output in response to a particular input. Generating the uniquely authentic copy of information includes causing the device to be provided with a specific input to produce a specific output, causing the generation of a digital signature of the response and the information, and causing at least the device and the digital signature to be made available. Generating the uniquely authentic copy of information may also include making available the information, the specific input, and/or the specific output. The information may be a value of a banknote. The digital signature may be produced on behalf of an issuer.

Abstract: A circuit provides a physically unclonable function. The circuit includes a first portion that provides a random value that varies according to an input to the circuit and a second portion that hashes the random value to provide an output value from the circuit. The first portion covers the second portion to prevent access to the random value. A breach of the first portions may alter operation of the first portion in a detectable manner. The first portion may cover a surface of a cube or parallelepiped. The first portion may be wrapped around a parallelepiped a plurality of times to cover each facet thereof from different directions. The output from the second portion may not intersect the first portion. The circuit may also include an external layer disposed on the first portion. The external layer may be glued to the first portion.

Abstract: In a transaction system in which transactions are organized in blocks, an entity to constructs a new block of valid transactions, relative to a sequence of prior blocks, by having the entity determine a quantity Q from the prior blocks, having the entity use a secret key in order to compute a string S uniquely associated to Q and the entity, having the entity compute from Q a quantity T that is S itself, a function of S, and/or hash value of S, having the entity determine whether T possesses a given property, and, if T possesses the given property, having the entity digitally sign the new block and make available S and a digitally signed version of the new block. The secret key may be a secret signing key corresponding to a public key of the entity. S may be a digital signature of Q by the entity.

Abstract: A uniquely authentic copy of information is generated using a physical device that consistently produces unpredictable outputs based on inputs and the microstructure of the device, the device being verified to satisfy a given property, and it being substantially difficult to manufacture another device that satisfies the given property and that produces a particular output in response to a particular input. Generating the uniquely authentic copy of information includes causing the device to be provided with specific input to produce specific output, causing generation of a digital signature of the response and the information, and causing the device and the digital signature to be made available. Generating the uniquely authentic copy of information may also include making available the information, the specific input, and/or the specific output. The information may be a value of a banknote, and the digital signature may be produced on behalf of a banknote issuer.

Abstract: Electronic payments are verified in an electronic payment system in which at each of multiple rounds there is a set of players V, such that a payment is valid if the payment is authenticated to be valid by a given majority of the players in V. Verifying the electronic payments includes having a player Vi in V receive authentication of multiple payments during one of the multiple rounds of the electronic payment system, having Vi determine which of the multiple payments are valid, having Vi authenticate a subset of the multiple payments that Vi determines valid to provide an authenticated payment record, and having Vi cause the authenticated payment record to become widely available to enable at least another entity to determine whether a given payment authenticated valid by Vi is authenticated to be valid by the given majority of the players in V.

Abstract: Generating a uniquely authentic copy of information uses a physical device that consistently produces unpredictable outputs based on inputs and the microstructure of the device. The device is verified to satisfy a given property. It is substantially difficult to manufacture another device that satisfies the given property and that produces a particular output in response to a particular input. Generating the uniquely authentic copy of information includes causing the device to be provided with a specific input to produce a specific output, causing the generation of a digital signature of the response and the information, and causing at least the device and the digital signature to be made available. Generating the uniquely authentic copy of information may also include making available the information, the specific input, and/or the specific output. The information may be a value of a banknote. The digital signature may be produced on behalf of an issuer.

Abstract: Providing information about digital certificate validity includes ascertaining digital certificate validity status for each of a plurality of digital certificates in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificate of the plurality of digital certificates, where at least one of the messages indicates validity status of more than one digital certificate and digitally signing the artificially pre-computed messages to provide OCSP format responses that respond to OCSP queries about specific digital certificates in the set of digital certificates, where at least one digital signature is used in connection with an OCSP format response for more than one digital certificate. Generating and digitally signing may occur prior to any OCSP queries that are answered by any of the OCSP format responses.

Abstract: Providing information about digital certificate validity includes ascertaining digital certificate validity status for each of a plurality of digital certificates in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificate of the plurality of digital certificates, where at least one of the messages indicates validity status of more than one digital certificate and digitally signing the artificially pre-computed messages to provide OCSP format responses that respond to OCSP queries about specific digital certificates in the set of digital certificates, where at least one digital signature is used in connection with an OCSP format response for more than one digital certificate. Generating and digitally signing may occur prior to any OCSP queries that are answered by any of the OCSP format responses.