Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Hash: SHA512
# Message on Podio from bitcoins.SG
## [20141001-1933UTC](
### Note: Typo in the original was corrected in comments, was added to original.
Hello WCN community, recent coverage and content has been uniquely valuable and am glad to say this is working out to be quite an endeavor; thanks to all of your hardwork! Today I'd like to explore @Chris Ellis ' idea about a trust-less verifiable non adulteration of media (I may be making some assumptions here about the trust-less part, correct me if I'm wrong).

Ok, let's go.
When someone creates content and embeds the hash of it in the blockchain, as per my understanding and congruent to Chris' thought process: we now have trusless verifiable proof that the content(unique entropy) existed at least at that time or before.

Fine, so far so good.

Now, this is where my confusion begins.
When the content is combined with the merkle root of the current or near future block(think +/- 10-60 mins), you've only established that the combined entropy has not existed prior to that time. I.e. how have you established the content itself (minus the merkle root combination) did not exist before that time?

Confused? So am I. Let's make a bit simpler and walk through a real life example of me trying to break the system.
Scenario(Let's call it the Jesus attack):
step a: 1 month ago I shoot an ordinary video footage of someone walking across the road.

step b: then I spend 4 weeks editing the video to make it look like he was walking on water.

step c: today, I insert/adulterate a frame(s) to make it look like I'm holding an ipad with the website loaded with the current merkle root exposed while* said person, walks on water in the close

step d: I hash the video and embed it into a block.

step e: I claim that the video was shot today and the guy I shot was infact the second coming.
Disclaimer: It's very possible that I've totally missed the point or some vital details, not to mention the fact that I think the objective is accomplishable even if my attack scenario does hold ground/water.
# Reply on Podio by Chris Ellis
## 20141001-20:45UTC
Hey man thanks so much for this. The problem you outline is already fixed by my current methology which I just need to explain more clearly. However you are not entirely off the mark and I have a solution to it, which weirdly I called the "Elvis paradox".
Why not point a camera at a screen displaying an old video of Elvis and then timestamp the merkle root with hash of the video to prove Elvis is still alive cryptographically.
The answer is Challenge Response.

When you start filming you have to perform a challenge from either someone else on the network or codified by the merkle root itself. For example...
You begin filming and a challenge is presented by some entity not known to you that says: "point camera left, point camera up, point camera right".
You could do this with a human on the network but more secure would be to do it based on the numbers used in the merkle root itself. This way you would know that the recording was an original.
After that every 30 frames (1 second) would have their own hash and each hash would be linked to the neighbouring hash to produce a merkle root. Once the video is finished the merkle root and the hash of the file is uploaded to the blockchain to signal its completion.
When the video is entered in to the video editing software first, it is signed with the editors PGP key then the operator does 'git init' and does the first 'git commit' to prove the existence of the source material and that it matches the original hash and merkle root.
Then after they are done editing another 'git commit' is performed to prove the final edited state.
If they want, at this point, the operator could encrypt the whole folder and upload it to BitTorrent before releasing the editing footage. If the world believes that the editing was badly done the journalist could be challenge to reveal their password or an army of miners could setup a bounty for brute forcing it. It could be weakly encrypted as well but I am not sure how you would do this with zero knowledge proof.
We should have this exact same conversation again using Reddit by the way as this is private : )
Version: Keybase OpenPGP v1.0.5

This comment has been minimized.

Copy link
Owner Author

commented Oct 1, 2014

I added a hyperlink to the Podio even though it is a private link, you never know, one day it might not be private.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.