Comments:"Errata Security: BitCoin is a public ledger"
URL:http://erratasec.blogspot.com/2013/05/bitcoin-is-public-ledger.html
For example, let’s say that you have a screen-play for a movie. Before shopping it around in Hollywood, you want to prove that it’s yours, so that a greedy producer can't steal it. Using BitCoin, you can add the signature (and date) of your screen-play to the "block chain", the "public ledger" where all Bitcoin transactions are stored. Now, if producers get greedy, you can (in theory) pull out this proof in a court and sue them.
As another example, let’s say that you have a great idea for a patent, but it’s not quite ready. Well, write it up into a file, then add the file’s signature to the block chain. Years from now, if somebody beats you to the patent filing, you can prove that you had the idea ahead of time.
This is just one example of many emergent phenomenon popping up around BitCoin. It’s not just about electronic currency, it’s about a lot of weird crypto concepts.
Example
The above discussion is basic. Below I show a real-world example of how to add something to the public ledger.Therefore, using BitCoin, I want to prove that the story was ready today, and that if they didn’t get it, the problem is on their end.
The first step is to create a digital fingerprint of my file known as a “one-way hash”. This runs all the bytes of the file through a cryptographic algorithm producing a short string as a result. Any change to the file produces a different hash.
My story is 23-kilobytes long. I ran it through “openssl sha256” and got the following result as a hash:
cf612f9adce2fe262e91cfbfe5f81fd9e172cf9d480864d1e8f0dcdee36b3504
Any change to that file, no matter how insignificant, will completely change the hash. I added a single blank line to the file, and got the following new hash as a result. You can see how this new hash has no relationship to the original hash, even though the change was tiny.
3b8f7fe6bd2c9098f0985bf47964a829c1d66efd2c364871a0d4ee9eddc24da1
The “hash” is a form of “military grade crypto” (sic). That means I can’t cheat. I can’t put a hash into the ledger now, then later create a document that matches the hash. The only way to match that specific hash is to have the original file without even the tiniest of changes.
The second step, once I have the hash, is to convert it into a BitCoin “address” to receive coin. Actually, since the hash is so long, I create two addresses. I first split the hash into two parts:
cf612f9adce2fe262e91cfbfe5f81fd9e172cf9d
480864d1e8f0dcdee36b35040000000000000000
I then convert these into the equivalent BitCoin addresses:
1KuXJJqcWy8931RWCTrWgyr22txyELHPRD
17Zsi2TiKrZoAoaQ7bzt3wPB5NZV1T4KeE
Finally, I create a transaction where I send these two addresses the value of 0.0000001 – the smallest amount possible. In today’s value, that’s about a millicent (one thousandth of a penny).
The reason I’m sending such a small amount is that whatever I send will be destroyed. A bitcoin address is supposed to be the “public key” matching a “private key”. The private key is your bitcoin “wallet” that you use to create payments, while your public key is used to receive payments. However, in the above transaction, there are no private keys matching those two public keys, and hence, BitCoins sent to those addresses can never be spent again.
Now let’s say the contest organizers don’t get my story in the deadline, and doubt whether I’m being honest that I sent it. I can resend the story along with the block number, and say “See! It was ready on time.”. This still doesn’t prove I actually sent the story, of course, but it does prove the story existed at that time.
Update: After completing this blogpost, I got confirmation from DefCon that they indeed have my story submission. :)