Authenticating Charles Hoskinson

Hi, this is Charles Hoskinson broadcasting live from warm, sunny Colorado. Today is February 19th, 2024. I wanted to make a video to talk a little bit about authentication. I continue to get emails from various well-intended, well-meaning people asking, "Hey, is this the real Charles Hoskinson?" or "Somebody contacted me over LinkedIn or Facebook or Twitter, and I don’t know if this is really you or not.

" So, I intended to make a video that you can share as a reference on how to authenticate me and where we're going in the world of authentication. Hopefully, this provides some value in trying to establish the real Charles from a fake Charles. As a rule of thumb, unless I have a specific reason to contact you, 99% of the time, if someone is claiming to be me and cold calling you, it's probably a scam. So, have a high degree of skepticism if suddenly there's a video of me or if someone is contacting you from a social channel; almost certainly, it's a scam. Let's talk a little bit about public key cryptography because I do have a means of sharing information and authenticating that it is actually me.

In the world of cryptography, we use something called public keys. Public key cryptography is all about having two artifacts: the public key and the private key. They rely on the idea that there’s a very hard mathematical problem. If you want to go from a private key to a public key, that’s fast and easy. However, going from the public key to the private key is mathematically hard—so hard that it would take all the time in the universe to do.

The granddaddy of them all is RSA, which is the basis of PGP (Pretty Good Privacy), created in 1991 by Phil Zimmerman and maintained by many different people, including Hfny, who was one of the early pioneers in Bitcoin. Basically, what you do is bind an identity to a public key and then use the private key to authenticate. This is typically done through a challenge-response protocol. In a two-way protocol, you have Alice and Bob. Alice submits a challenge by encrypting something with Bob's public key, and then Bob can decrypt it.

The only person who can do that is Bob because he holds the private key. Bob can share that public key with everyone in the world, but only he can unlock it. In a one-way protocol, Bob produces the proof himself, which Alice can verify. So, let’s actually do that. I’m going to take a message.

Here is Cleopatra, a certificate management tool, and it contains two of my public key pairs: my personal email key, which I’ve used since 2013, and you’ll see a fingerprint associated with that key. Then, it uses my work key, which I’ve used since 2016. If you take a look at the details of this key, you can see that it is an RSA 4K key, when it was created, the email associated with it, and what’s called a fingerprint, which is basically just a hash of this giant key. So, I’m going to sign a message. This is the one-way proof, and we’re going to say something like "Hello, World.

" Under the hood, it’s going to take this piece of text, manipulate it a little bit, and generate a cryptographic proof based on my private key. If you have the public key, you can verify that it’s correct. Now, I just succeeded in signing, and this is the cryptographic proof associated with this message. You take this message, hash it, and sign the hash with the PGP signature. You can have an arbitrarily large amount of text, and I’ll show you.

For example, "Hello, World! I enjoy long walks on the beach." When we go back to our little image, I write the text, hash it, and then sign it. This hash and signature with the text get transmitted to Alice, and she can verify it if she has a copy of my public key. If she has a copy of that, she’ll be able to check it through an algorithm.

Cleopatra can do this; it can be as simple as pasting it in Notepad and clicking verify. Now, if you wanted to verify Satoshi Nakamoto, there is an actual PGP key associated with Satoshi Nakamoto. If you go to Google and type in "Satoshi's key," the Satoshi Nakamoto Institute has this. You can copy it into Cleopatra and import it. This is Satoshi Nakamoto’s key.

Notice we only have the public key; we don’t have the corresponding private key. This is a publicly accessible key that anyone in the world can see. It’s not a particularly strong key, and you’ll notice the date it was created: October 30th, the day before Halloween, 2008, at 12:19 p.m., associated with an anonymous email at GMX.

If anyone wants to claim to be Satoshi Nakamoto, they would need to produce quite a bit of evidence, including the corresponding private key. They could type in something like "I am Satoshi," click sign, and it would generate a proof. However, I don’t have the corresponding private key, so I can’t generate that proof. Once they do that, anyone who has the corresponding public key can click that button to decrypt and verify. I don’t care if you have AGI or a quantum computer; this is a pretty secure scheme.

If you do have a quantum computer, there are things we can do to enhance this using different public key cryptography, like lattice-based crypto, which can still generate signatures that we can verify. This is the basic construction of the scheme. If I ever cold call someone out of the blue, I’m going to send them a signed email or a signed message. If I ping you and you say, "I don’t believe it’s really Charles Hoskinson," I’ll sign a message to you with my Gmail key, and then you can verify that message is correct if you have an application like Cleopatra. Now, where can you find my key?

You can find my fingerprint on my Twitter feed. If you go to keys.openpgp.org, you can search my email address, and there is a copy of my public key you can download. I’d highly recommend getting an application called Mailvelope.

It’s a free browser extension that works in most modern browsers. You can create a key ring, encrypt files, and it can automatically encrypt and decrypt emails that you send through Gmail or other services. Most people aren’t going to do that, but just asking for that type of authentication is probably enough to dissuade a scammer. The scammer is not going to know how to sign a PGP message, and even if they can, they’re not going to be able to authenticate a message with me. This is the whole Craig Wright issue.

If Craig was really Satoshi Nakamoto, the simplest thing would be to sign a message with the original Satoshi key, which he certainly would have access to if he were Satoshi Nakamoto. You saw that I signed a message with my key, and if he were willing to sign with that key, we could all verify that message together. The fact that that doesn’t exist is quite interesting. Now, one of the things we’re going to do with the evolution of Lace is to integrate an identity center into Lace that takes advantage of Prism, our identity framework. We have something called a DID (Decentralized Identifier).

You create an identifier and associate it with an arbitrarily long document, typically formatted in JSON, which can also contain your public keys and other references. We built a whole framework on Hyperledger, and that framework is going to get integrated into Lace through an identity center. The first use case I’d like to see is a paper wallet generator. A paper wallet generator solves a lot of problems for people. When you create a wallet, you also have a backup of that wallet to restore, typically with 24 keywords, which is the old BIP 39 standard.

What if instead you could generate a PDF with a public QR code and a private QR code? You could save that PDF or print it, and the private QR code would be encrypted with your PGP key. If we have DIDs, they can have an associated cryptographic credential, so you can associate a PGP key and manage that with a piece of hardware a YubiKey. All Lace would need is a copy of your public key, meaning you could generate a wallet for someone else. It would encrypt that, generate the PDF, and that PDF could only be decrypted by the person who owns the corresponding private key.

To restore your wallet, you would scan the private key and decrypt it. In practice, you’d hold it up to your webcam or phone, authenticate with your PGP key, and it would decrypt to regenerate the wallet. The paper wallet generator is something that’s near and dear to my heart, and it’s something that if you have a PGP key in an identity center, you can upload that. Every time you back up your wallet, you can do so with a password or public key encryption. This is so secure that I could publicly publish the paper wallet and tweet it, saying, "If you can hack it, you can keep it.

" Whenever we create this feature, I’m going to have a contest where I’ll put $1 million worth of ADA on a paper wallet generated this way, and I’ll tweet a link for you to download it. Anyone in the world can try to crack it, and if they can, they can keep it. That’s how secure public key cryptography is. Why is this a sane idea? That’s an encrypted payload, and the only way to decrypt it is by solving that hard problem.

The only information you have is the corresponding public information, but you don’t have the private information. This is a pretty secure scheme under the hood. Once we have your identity inside the system, we can make the entire workflow of authenticating messages, signing messages, and authenticating channels very simple. For example, let’s talk about deep fakes. If someone video calls you and says, "Hey, I’m Charles," and it looks and sounds like me, you might say, "I don’t really trust that you’re Charles Hoskinson.

Can we authenticate this channel?" By default, it may appear that it’s Charles in the video channel, but there’s a red window around it because it’s unauthenticated. The question is, what does it take to get to the green window? Remember that challenge-response protocol? You can send a challenge, just like Alice did, and say, "I’ve encrypted this; go ahead and decrypt it and send it back to me.

" The only way they can do that is if they have the corresponding DID private key associated with my DID that you saved. In practice, it could just be a click of a button as a browser extension. You click it, and now we have an authenticated channel. It works in the other direction as well; Alice can authenticate to me. One-click authentication guarantees that it’s not a generated AI video.

This is the same for file generation. Any file can be hashed and signed in the payload. You start with building blocks, get an identity center into the wallet, have your DID inside there, and associate a PGP key or any arbitrary cryptographic credential. Once you have that, you can generate paper wallets and start authenticating video calls, files, and all kinds of things. Authenticated pairings are a killer feature in the age of generative AI.

It’s super important and is based on the foundational principles of public key cryptography, which has been around since 1991. It’s fast and easy to go from a private key to a public key, but hard to go from a public key to a private key. If that weren’t true, we should easily be able to go from Satoshi’s key to the private key. It’s not possible right now, although it’s getting eerily close with 1K RSA keys. I hope that helps a little bit and gives you a deeper understanding of how rich cryptography is.

Cryptography allows you to authenticate people, create non-repudiation, ensure message integrity, and secure your funds. The paper wallet generator is long overdue, and it blows my mind that nobody in the industry has created this. When we print a paper wallet, there’s a very insidious attack called a replay attack, where someone with access to the printer can go through the buffer and reprint it, gaining access. When you encrypt your ability to recover, that paper wallet becomes unhackable. You can also safely store your paper wallets in email with a scheme like this because it’s equivalent to a PGP encrypted email.

In practice, no hacker is going to be able to crack that. I will never contact you asking for ADA. I’m never going to tell you there’s a giveaway, no matter how many times the internet tries to convince you of that. If I do have a reason to reach out to you, I am very comfortable using the magic of cryptography to do so. I have many means to authenticate myself, and there’s a deep rabbit hole for authentication.

That’s why I have the PGP fingerprint in my Twitter header. It’s why I’ve submitted my keys to openpgp.org. Blockchains are perfect key servers; they’re purpose-built for this type of stuff, great for certificates and key servers. In the early days of Bitcoin, there was something called Namecoin for that purpose.

There are numerous community projects taking advantage of blockchains for key storage. Hopefully, this gives you a greater sense of the magic and power of this industry. Again, I will never contact you over social media; it’s just not going to happen. If anyone ever does, ask them for a signature. If they don’t provide it, send them a copy of this video and ask, "Why did you tell me differently in a public channel?

" Of course, they’ll give you some sob story about not having their key available. I’m always going to have my key available, and I can’t access my accounts without these types of things. The same things that give me the ability to access my accounts give me the ability to sign keys. So, I hope that helps everyone, and thanks for listening. Cheers!