Note: Descriptions are shown in the official language in which they were submitted.
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
SYSTEMS AND METHODS FOR DIGITAL ASSET SECURITY
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001]
This application claims priority from U.S. provisional patent application
number
62/960,654, entitled "SYSTEMS AND METHODS FOR DIGITAL ASSET SECURITY", filed
on
January 13, 2020, the entire contents of which are hereby incorporated by
reference herein.
FIELD
[0002]
Embodiments of the present disclosure generally relate to the digital asset
security, and
in particular to systems and methods of verifying digital asset transactions
by a plurality of nodes
in a blockchain network.
BACKGROUND
[0003] Blockchain may be an electronic ledger implemented by a computer-based
system
having one or more blocks. Respective blocks may include a plurality of
transactions, and
transactions may be data structures encoding transfer of control of a digital
asset among
addresses in the blockchain network. In some examples, ownership or
attribution of a digital asset
to a user or an entity may be controlled based on encryption keys specified by
blockchain
transactions.
SUMMARY
[0004]
Systems and methods of verifying digital asset transactions by a plurality
of nodes in a
blockchain network are provided in the present disclosure.
[0005] Blockchain transactions may encode transfer of control or
encumbrances of digital
assets. In some embodiments, private-public key sharing and verifying
operations may be
employed for tracking blockchain transactions associated with digital assets.
In some scenarios,
encryption keys may include alphanumeric text strings that may not be
comprehensible by users.
In some scenarios, transfer or encumbrance of digital assets may be based on
operations
.. associated a private key of a private-public key pair. Storage of the
private key may be associated
with custody or control of the digital asset. In the present example, if the
private key is duplicated
by an unintended user or by an unscrupulous user, custody of the digital asset
may be
compromised.
- 1 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0006] It may be desirable to provide systems and methods of providing
digital asset
transaction verification by a plurality of nodes in a blockchain network that
promotes adaptation
with parallel authentication platforms. It may also be desirable to provide
systems and methods
of verifying digital asset transactions by a plurality of nodes in a
blockchain network based on a
workflow having a multi-key arrangement.
[0007] In one aspect, the present disclosure may provide a computer-
implemented method of
verifying a digital asset transaction by a plurality of nodes in a blockchain
network. The plurality
of nodes may have respective private key fragments. The method include:
receiving a request to
update an encumbrance associated with a digital asset; generating a proposed
blockchain
transaction based on the request to update the encumbrance, wherein broadcast
of the proposed
blockchain transaction is based on a reconstituted private key based on a
plurality of private key
fragments received from at least one other node; receiving a plurality of
private key fragments
from at least one other node for combination as a collective private key;
determining that the
collective private key corresponds to the reconstituted private key of a
quorum for approving
broadcast of the proposed blockchain transaction; and generating a signal to
initiate broadcast of
the proposed blockchain transaction to an electronic ledger of the blockchain
network.
[0008] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining that a quantity of private key
fragments is greater than
a private key fragment threshold.
[0009] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining that a weighted quantity of private
key fragments is
greater than a weighted private key fragment threshold.
[0010] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on identifying that the collective private key is a
recovery private key
associated with an asset recovery operation is received for the digital asset.
[0011] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining, in parallel by two or more nodes,
that the collective
private key corresponds to the reconstituted private key of the quorum, and
the method may
include selecting one of the two or more proposed blockchain transactions
validated in parallel is
initiated for propagation to the electronic ledger of the blockchain network.
- 2 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0012] In some embodiments, selecting one of the two or more proposed
blockchain
transactions validated in parallel may be a random selection.
[0013] In some embodiments, the received private key fragments may be based on
input
provided on a user interface by a user associated with the at least one other
node, and the input
may be based on single sign-on authentication credentials associated with a
hosted
authentication platform for private key management.
[0014] In some embodiments, the reconstituted private key may be generated
based on a
private key generation ceremony associated with the digital asset.
[0015] In some embodiments, the proposed blockchain transaction may be at
least one of a
Smart Contract or Bitcoin P2SH script.
[0016] In some embodiments, the at least one other node may be configured
to audit or
approve the proposed blockchain transaction without being able to generate the
proposed
blockchain transaction for the digital asset.
[0017] In another aspect, the present disclosure may provide a computing
device for verifying
.. a digital asset transaction. The computing device may be a node of a
plurality of nodes in a
blockchain network. The plurality of nodes may have respective private key
fragments. The
computing device may include: a processor; and a memory coupled to the
processor and storing
processor-executable instructions. The processor-executable instructions, when
executed, may
configure the processor to: receive a request to update an encumbrance
associated with a digital
asset; generate a proposed blockchain transaction based on the request to
update the
encumbrance, wherein broadcast of the proposed blockchain transaction is based
on a
reconstituted private key based on a plurality of private key fragments
received from at least one
other node; receive a plurality of private key fragments from at least one
other node for
combination as a collective private key; determine that the collective private
key corresponds to
the reconstituted private key of a quorum for approving broadcast of the
proposed blockchain
transaction; and generate a signal to initiate propagation of the proposed
blockchain transaction
to an electronic ledger of the blockchain network.
[0018] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining that a quantity of private key
fragments is greater than
a private key fragment threshold.
- 3 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0019] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining that a weighted quantity of private
key fragments is
greater than a weighted private key fragment threshold.
[0020] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on identifying that the collective private key is a
recovery private key
associated with an asset recovery operation is received for the digital asset.
[0021] In some embodiments, the quorum for approving broadcast of the proposed
blockchain
transaction may be based on determining, in parallel by two or more nodes,
that the collective
private key corresponds to the reconstituted private key of the quorum, and
the computing device
may be configured to select one of the two or more proposed blockchain
transactions validated
in parallel is initiated for propagation to the electronic ledger of the
blockchain network.
[0022] In some embodiments, selecting one of the two or more proposed
blockchain
transactions validated in parallel may be a random selection.
[0023] In some embodiments, the received private key fragments may be based on
input
provided on a user interface by a user associated with the at least one other
node, and the input
may be based on single sign-on authentication credentials associated with a
hosted
authentication platform for private key management.
[0024] In some embodiments, the reconstituted private key may be generated
based on a
private key generation ceremony associated with the digital asset.
[0025] In some embodiments, the proposed blockchain transaction is at least
one of a Smart
Contract or Bitcoin P2SH script.
[0026] In some embodiments, the at least one other node may be configured to
audit or
approve the proposed blockchain transaction without being able to generate the
proposed
blockchain transaction for the digital asset.
[0027] In another aspect, a non-transitory computer-readable medium or
media having stored
thereon machine interpretable instructions which, when executed by a processor
may cause the
processor to perform one or more methods described herein.
- 4 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0028] In various further aspects, the disclosure provides corresponding
systems and devices,
and logic structures such as machine-executable coded instruction sets for
implementing such
systems, devices, and methods.
[0029] In this respect, before explaining at least one embodiment in
detail, it is to be understood
that the embodiments are not limited in application to the details of
construction and to the
arrangements of the components set forth in the following description or
illustrated in the
drawings. Also, it is to be understood that the phraseology and terminology
employed herein are
for the purpose of description and should not be regarded as limiting.
[0030] Many further features and combinations thereof concerning embodiments
described
herein will appear to those skilled in the art following a reading of the
present disclosure.
DESCRIPTION OF THE FIGURES
[0031] In the figures, embodiments are illustrated by way of example. It
is to be expressly
understood that the description and figures are only for the purpose of
illustration and as an aid
to understanding.
[0032] Embodiments will now be described, by way of example only, with
reference to the
attached figures, wherein in the figures:
[0033] FIG. 1 illustrates a system, in accordance with an embodiment of
the present disclosure;
[0034] FIG. 2 illustrates a block diagram of an example node in a
blockchain network, in
accordance with an embodiment of the present disclosure;
[0035] FIG. 3 illustrates a block diagram of nodes collaboratively
conducting operations of
parallel integrity verification, in accordance with an embodiment of the
present disclosure;
[0036] FIG. 4 illustrates a user interface of a digital asset wallet, in
accordance with an
embodiment of the present disclosure;
[0037] FIG. 5 illustrates a flowchart of a method of verifying a digital
asset transaction, in
accordance with an embodiment of the present disclosure; and
[0038] FIG. 6 illustrates a block diagram of a computing device, in
accordance with an
embodiment of the present disclosure.
- 5 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
DETAILED DESCRIPTION
[0039] The present disclosure provides a digital asset transaction system and
methods for
verifying digital asset transactions by a plurality of nodes in a blockchain
network. The following
disclosure provides examples relating to particular blockchain protocols;
however,
implementation with other blockchain protocols may be contemplated.
[0040] In the present disclosure, the term 'blockchain' may refer to
forms of electronic
distributed ledgers. In some embodiments, a blockchain may include consensus-
based
transaction-chain technology, permissioned or un-permissioned ledgers, shared
ledgers, or
variations of the foregoing. Examples of blockchain technology may include a
Bitcoin ledger or an
Ethereum ledger. Other blockchain technology examples may be contemplated.
[0041] A blockchain may be an electronic ledger having one or more blocks. The
blocks may
include a plurality of transactions. A transaction may be data structure
encoding transfer of control
of a digital asset among addresses in the blockchain. In some embodiments,
respective blocks
may include a hash of a previous block so that blocks may become chained
together to create a
substantially unalterable record of all transactions which have been broadcast
to the blockchain.
[0042] In some embodiments, decentralized systems may include features
for providing
reduced susceptibility to single points of failure. Decentralized systems may
include features
providing increased security for recording transactions.
[0043] Ownership or attribution to a digital asset of a blockchain system
may be controlled
based on public-private key pairs. In some embodiments, the digital asset may
be a token, which
may be associated with currency, hard assets (e.g., precious metals, real
estate, among other
examples), soft assets (such as credits, time, among other examples),
computing resources, or
the like. Digital assets may be associated with encumbrances associated with
an owning user or
a custodian entity. In some embodiments, blockchain transactions broadcast to
the blockchain
system may encode transfer of control or updates to encumbrances associated
with the digital
assets. Encoding transfer of control of digital assets may be implemented with
blockchain
transactions, such as Smart Contracts (e.g., Ethereum networks) or P2SH
scripts (e.g., Bitcoin
networks) based on encryption keys, such as private-public keys associated
with users or entities.
It may be desirable to provide systems and methods of storing, utilizing, or
verifying / validating
private keys for updating encumbrances associated with digital assets.
- 6 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0044] In some embodiments, there may be more than one encryption key
fragments. A
plurality of users or entities may retain an encryption key fragment, thereby
requiring a
combination of encryption key fragments for transferring or updating
encumbrances to a digital
asset. In some scenarios, encryption keys, blockchain transactions, or other
features of
blockchain networks may involve non-intuitive computer programming, lengthy
alphanumeric text
strings that may not be comprehensible to a user, or may include ordered
operations for
conducting transactions. It may be desirable to provide systems and methods of
verifying digital
asset transactions based on verification operations that may be intuitive to
blockchain node users.
[0045] Reference is made to FIG. 1, which illustrates a block diagram of
a system 100, in
accordance with an example of the present disclosure. The system 100 may
include a blockchain
network, such as a peer-to-peer network. FIG. 1 illustrates three nodes being
associated with the
blockchain network; however, any number of nodes may be contemplated.
[0046] The blockchain network may include an electronic ledger 110, which may
include a
plurality of blocks. The respective blocks may include a plurality of
transactions. The respective
transactions may be data structures for encoding transfer of control of a
digital asset or digital
asset value.
[0047] The system 100 may include one or more nodes that may conduct one or
more
operations disclosed herein. The one or more example nodes (identified by
reference numerals
122a, 122b, ... 122n) may be organized into a cluster or group of nodes 120
and may be
configured to collaboratively conduct operations associated with digital asset
security. For
example, the one or more nodes may conduct one or more operations of a secret
sharing protocol
for distributing or assigning private key shares to respective nodes.
Respective private key shares
may be collaboratively combined for generating transactions for broadcasting
to the electronic
ledger 110.
[0048] The respective nodes of the group of nodes 120 may be electronic
devices and may
include operations associated with a blockchain protocol of the electronic
ledger 110. The
respective nodes may include electronic devices such as computing devices
(e.g., desktop
computers, laptop computers, tablet computers, server computers, etc.), mobile
devices (e.g.,
smartphone devices, wearable computing devices, or the like), or other type of
electronic
.. computing devices configured to transmit or receive data messages.
- 7 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0049] The respective nodes may be coupled to another node based on one or
more wired or
wireless communication technologies. For example, the system 100 may include a
network (not
explicitly illustrated in FIG. 1) for interconnecting the group of nodes 120.
The network may include
wired or wireless wide area network (WAN), local area network (LAN), a
combination thereof, or
the like. In some embodiments, the network may include the Internet, Ethernet,
coaxial cable,
fiber optics, satellite, mobile, wireless, local area network, wide area
network, and others,
including combination of the foregoing. For example, the system 100 may be
configured at least
partly over the Internet, and a subset of the nodes may be located in
geographically dispersed
locations.
[0050] In some embodiments, the respective nodes may maintain the
electronic ledger 110.
For instance, respective nodes may store a copy or a partial copy of a global
ledger. One or more
transactions based on the electronic ledger 110 may be verified by one or more
operations of one
or more nodes, such that validity of the electronic ledger 110 may be
maintained. Other operations
for implementing, maintaining, or verifying a blockchain, such as a Bitcoin or
Ethereum network,
may be contemplated.
[0051] In some embodiments, the system 100 may include a digital asset
store 130. The digital
asset store 130 may be a repository of digital assets or records storing
encumbering data of the
digital assets.
[0052] In some examples, digital assets or records storing encumbrance
data associated with
digital assets may be associated with a single private address, which may be
associated with a
single private key. However, once the single private key is copied or
uncovered by an
unauthorized user, the unauthorized user of a computing device may generate a
transaction to
transfer or encumber the digital asset. Accordingly, use of a single private
key to generate transfer
transactions for digital assets may be susceptible to unauthorized transfer of
assets. It may be
desirable to decentralize generation of transactions for transferring digital
assets.
[0053] In some embodiments, the respective nodes may be associated with a user
and may
conduct one or more workflow operations for digital asset management, such
that responsibility /
authority for generating transactions for transferring digital assets is based
on multiple self-
sovereign users having private key portions, thereby decentralizing points of
failure.
[0054] In some embodiments, features based on redundancy may include
generating
fragments of private keys, such that no sole node or group of nodes of a
blockchain network may
- 8 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
independently generate a transaction for transferring or altering an
encumbrance on a digital
asset. For instance, operations described herein may include private key
generation operations
for generating a plurality of private key fragments. The private key fragments
may be distributed
to a plurality of users having segregated duties for digital asset management.
In some examples,
to generate a transaction having a private key for altering an encumbrance on
a digital asset, a
defined minimum subset or a threshold number of private key fragments may be
required.
[0055] In some embodiments, private keys or private key fragments
associated with the group
of nodes 120 may be generated by private key generation operations based on
physical entropy
as root of trust. For example, a source of entropy may be randomly selected
during private key
generation operations from a large group of entropy sources that may appear to
users associated
with nodes, thereby reducing likelihood that a user associated with a node may
be able to identify
an entropy source even having access to such sources. In some embodiments, the
entropy
source may be destroyed prior to conclusion of private key generation
operations, thereby
reducing likelihood that results of the private key generation operations may
be reverse
engineered by analyzing entropy sources.
[0056] In some scenarios, users associated with nodes may conduct operations
to analyze
electromagnetic emanations for inferring operations of entropy sources. To
reduce likelihood of
successful operations for inferring operations during private key generation
operations, in some
embodiments, private key generation operations among nodes of an electronic
ledger may be
conducted based on TEMPEST rated or certified shielded environments (e.g.,
NATO SDI P-27 Iv!
A). Hardware employed may be installed based on determined procedures, such as
those defined
by NATO SDIP-29 and AMSG 799B). In some embodiments, hardware associated with
various
sets of operations of the private key generation operations may be separated
from other
operations based on TEMPEST shielding and procedures.
[0057] In some scenarios, seeds for generating Hierarchical Deterministic
wallets during
private key generation operations may prone to human error. In some
embodiments, private key
generation operations may include verification operations for validating that
generated seeds
associated with key pairs may be properly recorded and identified as valid.
Randomly generated
seeds may be recorded and loaded onto hardware secure module (HSM) devices. A
series of
hierarchically determined public addresses may be generated on the respective
HSM devices,
and lists may be compared. Matching lists may mean that the HD seed was
properly generated
and recorded.
- 9 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0058] In some embodiments, one or more nodes associated with an electronic
ledger may
conduct operations for recovering digital assets associated with a user of the
one or more nodes.
For example, in scenarios where an owner user of digital assets suspects that
private keys or
private key fragments associated with a transaction for altering ownership or
encumbrance of
digital assets may have been compromised, the owner user or a designated user
may broadcast
an "escape hatch" transaction to the electronic ledger 110. The recovery
operations may be
associated with a recovery address generated during prior private key
generation operations, and
the recovery address may be hard coded in a recovery transaction (e.g., a
smart contract, P2SH
script, among other examples). Because recovery addresses may be hard coded,
it may be
desirable to reduce likelihood of errors associated with the recovery
transactions. For example, it
may be desirable to reduce likelihood of address swapping by an unscrupulous
or unintended
user.
[0059] In some embodiments, addresses associated with recovery transactions
may be
generated based on "in-ceremony contract fingerprinting", and may be based on
operations
during latter operations of private key generation operations. For example,
the "in-ceremony
contract fingerprinting" may include operations such as: generating an escape
hatch wallet and
hard coding an escape hatch public key into a transaction (e.g., smart
contract or P2SH script).
In some embodiments, SHA-3 hash function may be applied to escape hatch code,
and the hash
function code may be recorded. The transaction may be generated as a "ready to
submit"
.. transaction, and the SHA-3 Hash function may be applied to the entire
transaction, and the record
may be recorded.
[0060] In some embodiments, a resulting hash or digital signature of the
generated transaction
or fingerprint may be used to verify correctness of the transaction (e.g.,
smart contract) before the
transaction may be deployed to production. The verification operations may be
conducted without
exposing results of operations of any private key generation operations
described in the present
disclosure.
[0061] To verify generated transactions for broadcast to the electronic
ledger 110, in some
embodiments, one or more nodes may verify fingerprints against configuration
of correctness.
Mismatched fingerprints may indicate that a generated transaction (e.g., smart
contract) may not
be deployment ready. The one or more nodes may prevent broadcast of that
generated
transaction. The foregoing example operations for reducing likelihood of
errors may be conducted
-10-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
in other scenarios where recipient addresses or other transaction data fields
may need to be hard
coded.
[0062] In some embodiments, respective nodes of the group of nodes 120 may be
configured
based on operations for segregating duties for digital asset management. For
example, when
generating transactions for transferring ownership of a digital asset from one
digital address to
another digital address, one or more nodes may be configured to conduct
operations associated
with an assigned set of operations. In some examples, the collaborative
operations of the group
of nodes 120 may include operations that may be conducted based on a sequence
or based on
a defined threshold of operations.
[0063] The respective nodes may be associated with a user and may conduct one
or more
workflow operations for digital asset management. One or more nodes may be
associated with a
transaction initiation user, which may be configured to generate one or more
transactions
associated with digital assets. The one or more transactions may identify the
digital asset being
transferred, a quantity of digital asset being transferred, or the recipient
address of a user to whom
the digital asset may be transferred.
[0064] One or more nodes may be associated with an auditor user. Auditor users
may review
(but may not initiate) one or more transactions. Auditor users may provide
input at one or more
nodes for verifying that a given transaction is valid, that proper
verification operations are
completed, or other similar operations.
[0065] One or more nodes may be associated with a plurality of approver users
responsible for
approval. In some examples, one or more transactions associated with digital
assets may be
approved for broadcasting to the electronic ledger 110 based on approval by a
defined quorum
of users, such as at least a predetermined M of N number of users (e.g., a
majority threshold or
a predefined subset of users).
[0066] In some embodiments, one or more transactions associated with digital
assets may be
approved for broadcasting to the electronic ledger 110 in response to
conducting a determined
number of workflow operations defined in a smart contract, thereby reducing
broadcasting
transactions to alter digital asset ownership / encumbrances not based on the
determined
workflow operations.
- 11 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0067] In some embodiments, the group of nodes 120 may not be able to
broadcast a
transaction to alter digital asset ownership / encumbrance if at least one
node associated with an
auditor or approver user submits a "decline" vote or transaction among the
collaborative
operations of the group of nodes 120. Further, the group of nodes 120 may be
configured to
conduct operations such that any one of the nodes may be able to broadcast a
transaction to alter
digital asset ownership / encumbrance in response to a majority of "approve"
votes or a defined
quorum of M of N "approve" votes.
[0068] In some embodiments, the respective nodes of the group of nodes 120 may
transmit /
receive data messages among each other for collaboratively conducting
operations for initiating,
auditing, approving, generating, or broadcasting transactions to the
electronic ledger 110 for
managing digital assets.
[0069] In some embodiments, it may be desirable to generate transactions
to alter digital asset
ownership or encumbrance of digital assets in response to receiving private
key fragments from
at least a subset of defined users. Operations of obtaining an M of N quorum
of private key
fragments for allowing broadcast of a transaction to alter digital asset
ownership may be based
on weighted control of the received private key fragments.
[0070] Weights or thresholds for private key fragments associated with
particular users may be
associated with defining proportions of combined private key fragments for
generating
transactions to alter digital asset ownership or encumbrances of digital
assets. For example,
transactions for successfully altering digital asset ownership may require a
defined number of
responsible users submit private key fragments or a defined class of users
submit private key
fragments.
[0071] To illustrate, where private key fragments are distributed among a
plurality of separate
users, it may be desirable to assign weights such that for a transaction to be
successfully
generated for altering digital asset ownership: (i) a private key fragment be
received from a "class
A" user (e.g. weighted greatly relative to other private key fragments); (ii)
one or more private key
fragments be associated with backup scenarios where private key fragments from
a "class A"
user may not be available; and (iii) one or more private key fragments be
associated with a legal
escrow or conditional backstop. For example, a transaction for altering
digital asset ownership
may be generated based on private key fragments associated with a "class A"
user in
collaboration with either one of private key fragments from "class B" users or
"class C" users.
- 12 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0072] In another scenario, a transaction for altering digital asset
ownership may be generated
based on private key fragments associated with the totality of "class B"
users, in the event that
private key fragments associated with a "class A" user may not be available.
[0073] In a further example scenario, a transaction for altering digital
asset ownership may not
be generated based solely on private key fragments associated with "class C"
users without at
least a private key fragment associated with a "class A" user or private key
fragments from a
totality of "class B" users.
[0074] In some embodiments, private key fragments associated with the
plurality of classes
described above may further be assigned sub-weights, such that further
weighting operations
may be provided within respective class of users.
[0075] Other operations for managing digital asset ownership / encumbrances
based on
operations of the group of nodes 120 will be described in the present
disclosure.
[0076] Reference is made to FIG. 2, which illustrates a block diagram of
an example node 240,
in accordance with an embodiment of the present disclosure. The node 240 may
be a node from
the group of nodes 120 illustrated in FIG. 1. The node 240 may include one or
more applications
including operations for managing one or more digital assets of the digital
asset store 130, and to
generate or broadcast transactions to the electronic ledger 110. For ease of
exposition, a sole
node 240 is illustrated in FIG. 2; however, the node 240 may be any one of the
nodes in the group
of nodes 120 illustrated in FIG. 1.
[0077] In some embodiments, the node 240 may include a digital asset wallet
application 242.
The digital asset wallet application 242 may provide a graphical user
interface to a user associated
with the node 240 for authenticating or signing transactions associated with
altering digital asset
ownership or encumbrances of digital assets. In some embodiments, the digital
asset wallet
application 242 may not store or have access to private key fragments
associated with transaction
generation, but may be an interface between a custodian vault application and
private key
applications / authentication applications.
[0078] In some scenarios, electronic ledger technology, such as Bitcoin
or Ethereum networks,
may be based on generating and propagating transactions using private keys
associated with
users. Private keys or key fragments may include alphanumeric strings of text
that may be
-13-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
incomprehensible to a user. It may be desirable to provide features for a
simplified yet secure
method for interacting with electronic ledgers.
[0079] In some embodiments, the digital asset wallet application 242 may
include features for
providing a simplified yet secure interface with electronic ledger technology
for digital asset
security. For example, the digital asset wallet application 242 may include
operations for
interfacing with one or more hosted authentication platforms for private key
management.
[0080] For example, the digital asset wallet 242 may include operations
for interacting with a
hosted private key application 248b via an API proxy 246. Hosted private key
applications 248b
may be hardware secure module-based services for generating email signature
keys or two-factor
authentication keys. In some embodiments, hosted private key application
applications 248b may
be based on hardware secure module services such as features from Gemalto or
Thales hosted
hardware secure module services.
[0081] In some embodiments, the digital asset wallet 242 may include
operations for interacting
with a portable private key application 248a. Portable private key
applications 248a may include
offline hardware key storage devices for managing private keys associated with
digital asset
security. Solely as examples, portable private key applications 248a may
include features based
on hardware such as TrezorTm, Ledgers TM, or CoolWalletTm for managing private
keys for digital
asset security.
[0082] In some embodiments, the digital asset wallet 242 may include
operations for interfacing
.. with one or more parallel user authentication systems. Solely as examples,
parallel authentication
systems may be based on MicrosoftTM active directory credentials, image based
(QR code)
signed transaction input, or text-based signed transaction input, among other
examples.
[0083] In some scenarios, when one or more nodes conduct operations of a
digital asset
security approval workflow requiring user authentication (e.g., approval or
denial of a proposed
transaction), the digital asset wallet 242 may provide features for presenting
the proposed
transaction to the user and receiving private key or private key fragments
from one or more private
key applications.
[0084] The node 240 may include a custodian vault application 244. The
custodian vault
application 244 may include operations for altering ownership associations or
encumbrances
among digital assets associated with the digital asset store 130.
- 14 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0085] In some scenarios, it may be desirable to decentralize operations
for altering ownership
associations or encumbrances among digital assets. To reduce occurrences of
corrupted or
compromised operations, in some embodiments, the custodian vault application
244 may include
parallel integrity verification operations.
[0086] To illustrate, reference is made to FIG. 3, which illustrates a
block diagram of nodes
collaboratively conducting operations of parallel integrity verification
operations. A generated
transaction may be provided as an input (i) for proposed broadcast to the
electronic ledger 110.
The proposed transaction, input (i), may be provided by a relay / repeater 310
to a plurality of
distributed computing devices. Each of the distributed computing devices 330
may be a client /
node for conducting integrity verification operations 320. In some
embodiments, integrity
verification operations 320 may include validation of hash values, addresses
associated with
digital assets, among other examples.
[0087] In the present example, the system may validate that a proposed
transaction for altering
digital asset ownership associations or encumbrances may be coherent by
comparing the outputs
of the respective clients shown in FIG. 3. In scenarios where the respective
outputs are the same,
the custodian vault application 244 may include operations for rotating which
of the plurality of
nodes may broadcast the verified transaction to the electronic ledger 110. In
some embodiments,
determining which of the plurality of nodes broadcasts the verified
transaction may be based on
a substantially random determination. Accordingly, the same verified
transaction may not be
submitted to the electronic ledger 110 multiple times. Further, above-
described operations of the
custodian vault application 244 may reduce disadvantages inherent in single
points of failure by
leveraging multiple distributed computing resources for verifying integrity of
proposed
transactions. In some examples, operations of the custodian vault application
244 may comply
with cloud security certification of ISO 27017, or other certification
standards.
[0088] As described with reference to some embodiments of the present
disclosure, proposed
transactions for altering digital asset ownership or encumbrances may be based
on collective
private keys or private key fragments received from one or more users
associated with a node of
the blockchain system. In the event that multiple users or nodes may be
compromised or
inaccessible or in the event that multiple private key fragments may be
accessed by unintended
users (or unscrupulous users), it may be desirable to provide operations of an
"escape hatch" to
override operations disclosed herein for transferring digital asset
custodianship such that
unintended users may not encumber the target digital assets.
-15-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0089] In a scenario where an unintended user may have access to one or more
nodes or may
have discovered private key fragments associated with users who may initiate,
audit, or approve
proposed transactions, the custodian vault application 244 may provide
operations of an "escape
hatch" to encumber target digital assets in a predefined and secured asset
store. In some
embodiments, the custodian vault application 244 may conduct hard-coded
functions inherent in
a smart contract (e.g., smart contract of a Ethereum blockchain node or P2SH
script of a Bitcoin
blockchain node), such that once triggered may alter the encumbrance of the
target digital asset
in a known / safe digital asset store. The known / safe digital asset store
may be determined
during private key generation operations for defining the "escape hatch"
location of target digital
assets.
[0090] In the above-described example of the "escape hatch", a transaction may
be broadcast
to encumber the target digital assets in a predefined and secured asset store
independently of
other user roles associated with digital asset security, as disclosed herein.
[0091] In some embodiments, the "escape hatch" feature may be triggered by an
owning user
of target digital assets based on scanning a "quick response" (QR) code, or
other predetermined
physical code for broadcasting to the electronic ledger 110. For example, the
QR code may have
been generated during operations determining segregated duties for digital
asset management.
[0092] In some embodiments, the custodian vault application 244 may
include operations for
identifying defined conditions or defined addresses specified in smart
contracts, P2SH scripts,
among other examples, that may signal that an "escape hatch" condition has
been met. In
response to identifying conditions or addresses that signal the "escape hatch"
condition has been
met, the custodian vault application 244 may broadcast a transaction to the
electronic ledger 110
for altering encumbrance of associated digital assets, thereby preventing
digital assets from being
encumbered by unscrupulous or unintended users or nodes.
[0093] In some embodiments, the custodian vault application 244 may include
operations for
validating or verifying digital asset chain of custody of target digital
assets associated with
blockchain technology logic. For ease of exposition, an electronic ledger may
be implemented
with Ethereum technology, where blockchain technology logic may be included
with Ethereum
smart contracts. As another example, an electronic ledger may be implemented
with Bitcoin
technology, where blockchain technology logic may be included with P2SH
scripts.
- 16 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[0094] For ease of exposition, P2SH scripts associated with Bitcoin
technology may define
chain of custody or escape hatch public addresses, or may define operations
for enforcing M of
N authentication of transactions. Ethereum smart contracts may similarly
define chain of custody
or escape hatch public addresses, or may define operations for enforcing M of
N authentication
transactions.
[0095] In one or more embodiments disclosed herein, the custodian vault
application 244 may
include operations for enforcing the logic associated with the chain of
custody of target digital
assets. For example, the custodian vault application 244 may include
operations for enforcing
necessary collection of private key fragments for verification prior to
generating and broadcasting
a transaction to the electronic ledger 110 for altering ownership of digital
assets or encumbrances
of digital assets. For instance, the custodian vault application 244 may
validate the "M of N" private
key fragment requirements, or may validate assigned weights or thresholds for
private key
fragments defined for generating transactions to alter digital asset ownership
or encumbrances.
[0096] The custodian vault application 244 may include operations for
identifying an "escape
hatch" trigger for enabling altering encumbrance of digital assets in a secure
digital asset store,
such as in scenarios where a predefined user of a node signals that a node of
the electronic
ledger 110 or one or more private key fragments may have been inadvertently
discovered by an
unintended or unscrupulous user.
[0097] In some embodiments, the custodian vault application 244 may
include operations for
altering smart contracts (e.g., Ethereum technology), P2SH scripts (e.g.,
Bitcoin technology),
among other examples, for altering responsibilities of users associated with
nodes of the
electronic ledger 110. For example, over time, users of nodes may alter
responsibilities, and the
custodian vault application 244 may include operations to alter roles of
initiation users, auditor
users, or approver users. In some embodiments, the custodian vault application
244 may include
operations for adding or removing users from responsibilities of an initiation
user, auditor user, or
approver user, among other examples.
[0098] In some scenarios, distributed ledger transactions may be
susceptible to errors, such
as erroneous characters among private key fragments, addresses to which
digital assets may be
associated, user credentials, among other examples. For example, an addition
of an extraneous
"0" or an erroneous character in a recipient address may be relatively
challenging to detect and
may result in broadcasting an unintended transaction to the electronic ledger
110. It may be
-17-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
desirable to provide operations for verifying or validating proposed
transactions for broadcast to
the electronic ledger 110.
[0099] In some embodiments, the custodian vault application 244 may
include operations for
validating data fields of smart contracts or P2SH scripts (examples disclosed
herein) for errors in
addresses associated with digital assets, errors with expected private key
fragments associated
with users, among other examples.
[00100] In some embodiments, the custodian vault application 244 may include
operations for
identifying addresses associated with users of the system. For example, the
custodian vault
application 244 may include operations for identifying whether recipient
addresses associated
with proposed transactions for altering digital asset ownership or
encumbrances may be listed on
an "allow" list or a "deny" list. Such "allow" or "deny" lists may be
digitally signed by digital asset
owners and hashed, to reduce occurrences of unintended alterations to the
"allow" or "deny" lists.
[00101] The custodian vault application 244 may include operations for
disallowing transactions
for broadcasting to the electronic ledger 110 when recipient addresses of the
proposed
transaction may be included in a "deny" list.
[00102] In some scenarios, smart contracts or P2SH scripts, among other
examples, may be
configured with timing parameters or timing thresholds. In some embodiments,
the custodian vault
application 244 may include operations for disallowing transactions for
broadcasting to the
electronic ledger 110 when the proposed transaction may not meet timing
thresholds or may not
meet defined timing parameters. For example, if a proposed transaction for
altering ownership or
encumbrance of a digital asset may be greater than a defined value, the
custodian vault
application 244 may include operations for preventing the proposed transaction
from being
broadcast to the blockchain within defined periods of time, thereby increasing
a likelihood of
supporting proper workflow verifications among users having private key
fragments.
[00103] In some embodiments, the custodian vault application 244 may include
operations for
determining "time" elapsed between proposed transactions and the value of
respective
transactions, and if broadcast of such transactions is greater than defined
threshold limits, the
custodian vault application 244 may include operations to decline
transactions.
[00104] In some scenarios, proposed transactions for altering ownership or
encumbrance of
digital assets that may not have been broadcast to the electronic ledger 110
beyond
-18-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
predetermined periods of time may be undesirable, at least, because such
pending alterations in
ownership or encumbrance may prevent subsequent transactions from being
successfully
broadcast on the electronic ledger 110. In some embodiments, the custodian
vault application
244 may include operations for identifying proposed transactions that have not
yet been
successfully broadcast to the electronic ledger 110 after a predetermined
amount of time (e.g.,
12 hours, 24 hours, among other examples), the custodian vault application 244
may include
operations for declining the transaction for broadcast to the electronic
ledger 110.
[00105] In some embodiments, determining whether a proposed transaction may
have
exceeded a predetermined period of time may be based on a quantity of elapsed
time from a
timestamp of a "last vote" by a user of a node associated with the segregated
duties for the digital
asset management operations. For example, the identified quantity of elapsed
time may be based
on a time stamp that the last approver user submitted a private key fragment
associated with a
transaction approval.
[00106] In some scenarios, nodes that broadcast transactions to an electronic
ledger 110 may
incur transaction processing fees. In some examples, the transaction
processing fees may be
deducted from the digital asset associated with the broadcasted transaction.
With Ethereum
technology, the transaction processing fee may be calculated in "gas" and paid
out in Ethereum.
The "gas" fees may be deducted from digital assets associated with recipient
address. The "gas"
may be calculated at the same time as broadcast of the transaction. To
ameliorate challenges
associated with dynamic transaction processing fees, it may be desirable to
provide operations
for allocating transaction processing fees distinct from broadcasted
transactions.
[00107] In some embodiments, the custodian vault application 244 may include
operations for
generating transactions such that transaction processing fees may be allocated
based on defined
reservoir user addresses. In some embodiments, the defined reservoir user
addresses may be a
hard-coded or pre-authorized digital asset fund for allocating transaction
processing fees.
[00108] In some scenarios, transaction processing fees may be variable and may
be based on
electronic ledger 110 demand and availability (e.g., mining or validation
capacity among nodes).
It may be desirable to provide operations to reduce transaction times that may
otherwise be
extended by operations to determine transaction processing fees. In some
embodiments, the
custodian vault application 244 may include operations for monitoring
transaction processing fees
via a node on the electronic ledger. Accordingly, the custodian vault
application 244 may include
-19-
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
operations to provide anticipated transaction processing fees (e.g.,
substantially similar to a latest
transaction price, or greater than the last transaction cost by 25%), such
that when a node
broadcasts a transaction for altering ownership or encumbrance of a digital
asset to the electronic
ledger 110, the broadcasted transaction may have a high likelihood of being
processed in the
next block of transactions.
[00109] Reference is made to FIG. 4, which illustrates a user interface 400
for a digital asset
wallet 242, in accordance with an embodiment of the present disclosure. The
user interface 400
may be generated for display at one or more nodes associated with the
electronic ledger 110
(FIG. 1). The user interface 400 may be provided for one or more users, such
as a transaction
initiation user, an auditor user, an approver user, among other examples.
[00110] In some embodiments, the user interface 400 may be configured to
display
representations of blockchain transactions for one or a plurality of different
digital asset accounts.
For example, the user interface 400 may be displayed for a user named Jane,
and Jane may
have multiple digital asset accounts, such as a Bitcoin account for personal
Bitcoins, a documents
account for signed documents, a Bitcoin account for investment-related
Bitcoins, among other
examples. The user interface 400 may provide a unified interface for
displaying proposed /
pending blockchain transactions, prior approved blockchain transactions,
historical declined
blockchain transactions, among other examples, for each of the multiple
digital asset accounts.
[00111] The user interface 400 may be a front-end interface of the digital
asset wallet for
summarizing generated transactions that may be broadcast to the electronic
ledger 110 upon
being approved by one or more users associated with the transaction. In some
scenarios, the
generated transaction may be for altering ownership or encumbrance of digital
assets.
[00112] In FIG. 4, a summary region 410 may provide a dynamically generated
list of proposed
transactions for broadcasting to the electronic ledger 110, subject to
obtaining approvals
represented by or associated with private key fragments from one or more users
of the group of
nodes 120 (FIG. 1). By providing summary view of proposed transactions
intended to be
broadcast, the user interface 400 may provide a user experience that may
reduce complexities
associated with managing private keys, recipient addresses, or transaction
data field values,
among other examples, for users of the electronic ledger 110.
[00113] In some embodiments, when a proposed transaction in the summary region
410 is
engaged by a user (e.g., by touch input, or other types of input), a review
request user interface
- 20 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
420 may be provided for receiving a user's approval (in the user's capacity as
a transaction
reviewer ¨ e.g., as approver user, auditor user, or other type of user). In
some embodiments, the
review request user interface 420 may include a message that may correspond to
a fingerprint
for validating authenticity of the proposed transaction, and that there are no
apparent errors in
fingerprints. From a user's perspective, the "message" may be a long
alphanumeric text string
that may be incomprehensible or nonsensical. Accordingly, the user interface
400 may provide
features that may reduce the complexity of approving proposed transactions for
altering
ownership or encumbrances of digital assets.
[00114] In some embodiments, private key fragments associated with the user of
the user
interface 400 may be associated with private key hosted solutions, such as
hardware key devices,
private key wallet devices, two-factor authentication methods involving mobile
devices, existing
single sign-on authentication services already adopted by organizations of
which the user is a
member of, among other examples.
[00115] In some embodiments, the user interface 400 may receive user input to
"sign" the
proposed transaction. Upon receiving user input to "sign" the proposed
transaction, the node may
append one or more private key fragments associated with approval operations
of the proposed
transactions. Accordingly, a user associated with the node may not need to
explicitly manage
private key fragments at least because the digital asset wallet 242 provides
features to reduce
complexity of interacting with the distributed ledger 110. Upon receiving user
input to "sign" the
proposed transaction, the computing device (e.g., node) may transmit the one
or more private
key fragments to one or more other nodes, such that the transmitted private
key fragments may
be combined by another node for preparing a collective private key
corresponding to a proposed
blockchain transaction.
[00116] The user interface 400 of FIG. 4 illustrates Bitcoin as an example
digital asset, but other
digital assets, such as other types of cryptocurrency, tokens, precious
metals, real estate, among
other examples, may be contemplated.
[00117] Reference is made to FIG. 5, which illustrates a flowchart of a method
500 of verifying
a digital asset transaction, in accordance with an embodiment of the present
disclosure. The
method 500 may be conducted by a processor of a node (FIG. 1). Processor-
executable
instructions may be stored in memory of the node and may be associated with
digital asset
security applications or other processor-executable applications. The method
500 may include
- 21 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
operations, such as data retrievals, data manipulations, data storage, or
other operations, among
other computer-executable operations.
[00118] In some embodiments, a user may be a transaction requester and the
user may provide
on an interface to request to update an encumbrance associated with a digital
asset. For example,
a user may be the holder of a quantity of Bitcoin, and may wish to send a
portion of the owned
quantity of Bitcoin to another user (e.g., recipient address). Thus, the user
may wish to update an
encumbrance associated with the owned quantity of Bitcoin. As an illustrating
example, the user
may be associated with a node of a blockchain network, and the user may
interface with a user
interface 400 of FIG. 4 for requesting the transfer of Bitcoin to recipient
address.
[00119] Examples herein include analogies of transferring a digital asset as
updating an
encumbrance; however, other forms of updating encumbrances associated with
digital assets
may be contemplated. For example, updating encumbrances associated with
digital assets may
include assigning custodianship of the digital assets to a custodian user or
custodian address for
digital asset safekeeping, among other examples.
[00120] At operation 502, the processor may receive a request to update an
encumbrance
associated with a digital asset. In some embodiments, the request may be
received at a user
interface displayed at a computing device (e.g., node) associated with a user.
[00121] At operation 504, the processor may generate a proposed blockchain
transaction based
on the request to update the encumbrance of the digital asset. In some
embodiments, an eventual
broadcast of the proposed blockchain transaction may be based on verifying
that private key
fragments collectively provide a private key associated with a quorum for
approving broadcast of
the proposed blockchain transaction. As the proposed blockchain transaction
may update an
encumbrance associated with a digital asset, broadcasting the proposed
blockchain transaction
to the electronic ledger 110 (e.g., the blockchain) may effect the encumbrance
update associated
with the digital asset (e.g., transfer Bitcoin or other digital asset quantity
to a recipient address,
among other examples).
[00122] In some embodiments, a reconstituted private key may be a private key
that may
indicate that appropriate approval for a blockchain transaction has been
received, and that a
quorum for approving the broadcast of the blockchain transaction has been
received. In some
scenarios, when a collective private key assembled based on private key
fragments received from
- 22 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
one or more nodes corresponds to a reconstituted private key, the node may
determine that a
quorum for approving the blockchain transaction is received.
[00123] In some embodiments, a collective private key (e.g., based on received
private key
fragments) may correspond to a reconstituted private key when a quantity of
private key
fragments may be greater than a private key fragment threshold. For example, a
quantity of
private key fragments may be greater than a private key fragment threshold
when M of N private
key fragments suitable for approving a blockchain transaction have been
received.
[00124] In some embodiments, a collective private key may correspond to a
reconstituted
private key when a weighted quantity of private key fragments may be greater
than a weighted
private key fragment threshold. In some embodiments, weighted private key
fragment thresholds
may define proportions of private key fragments associated with a particular
class or subset group
of users. For example, the weighted private key fragment threshold may be
defined such that a
private key fragment associated with at least one "class A" user be received
in addition to one or
more of a "class B" or a "class C" user prior to approving broadcast of the
blockchain transaction.
In another example, the weighted private key fragment threshold may be defined
such that when
no private key fragments of "class A" users are received, private key
fragments of all "class B"
users must be received. These described weighted private key fragment
thresholds are for
illustration only, and other embodiments of weighted private key fragment
thresholds may be
contemplated.
[00125] In some embodiments, a collective private key may correspond to a
reconstituted
private key when the collective private key is determined to be a recovery
private key associated
with a digital asset recovery operation. A digital asset recovery operation
may be provided in
scenarios where a digital asset owner may believe that the digital asset may
become encumbered
by an unintended user (e.g., by mistake or by malicious intent), or where one
or more private key
fragments may be lost (e.g., misplaced by a current digital asset owner or
stolen by an unintended
user). In the present example, when the collective private key is determined
to correspond to a
recovery private key, the proposed blockchain transaction may be configured to
encumber the
subject digital asset at a specific known or "safe" recipient address, akin to
a custodial
encumbrance.
[00126] In some embodiments, the proposed blockchain transaction may be
associated with a
transfer of digital asset that is subject to approval, audit, or other similar
type oversight by other
- 23 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
users associated with the blockchain network. For example, the proposed
blockchain transaction
may be subject to an auditor user's approval to attest that the transaction is
supported per defined
criteria, or may be subject to one or more approver users' approval providing
cryptographic
assurance that the blockchain transaction is legitimate or as intended by an
organization. Other
examples of approval types may be contemplated.
[00127] At operation 506, the processor may receive, from at least one other
node, a plurality of
private key fragments. Respective private key fragments may be received from
one or more other
nodes associated with users assigned to a workflow associated with defined
quorum for approving
broadcast of the proposed blockchain transaction. In some embodiments, the
processor may
combine the received plurality of private key fragments for providing a
collective private key.
[00128] At operation 508, the processor may determine that the collective
private key
corresponds to a reconstituted private key of a quorum for approving broadcast
of the proposed
blockchain transaction. For example, the reconstituted private key may be
associated with a
private key fragment threshold, a weighted private key fragment threshold, or
a recovery private
key, among other examples described in the present disclosure.
[00129] At operation 510, the processor may generate a signal to initiate
broadcast of the
proposed blockchain transaction to an electronic ledger of the blockchain
network. That is, when
the processor determines that the assembled collective private key corresponds
to a reconstituted
private key of a quorum for approving broadcast of the proposed blockchain
transaction, the
processor may publish or broadcast that proposed blockchain transaction for
updating the
encumbrance associated with the digital asset.
[00130] In some embodiments, the received private key fragments, from the
plurality of nodes,
may be based on input provided on a user interface by a user associated with
the at least one
node. In some embodiments, the private key fragments may have been associated
with a two-
factor authentication operation, a single sign-on authentication credential,
or other example
hosted authentication platform. Such embodiments of the present disclosure may
provide a
simplified method for users for interacting with electronic ledgers and
blockchain networks,
thereby reducing complexity of managing, for example, private keys or other
blockchain
transaction elements having incomprehensible strings of text.
- 24 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[00131] In some embodiments, reconstituted private keys may be defined based
on private key
generation ceremony or operations associated with digital assets at a time
when digital assets
may be catalogued, associated, or stored at a given digital asset store.
[00132] In some embodiments, the quorum for approving broadcast of the
proposed blockchain
transaction may be based on determining, in parallel by two or more nodes,
that the collective
private key corresponds to the reconstituted private key of the quorum. For
example, two or more
nodes may conduct operations for determining whether the collective private
key corresponds to
the reconstituted private key of a quorum. In some embodiments, the two or
more nodes may
conduct operations for checking whether hash values, address values,
fingerprint values, or other
integrity measure values are as expected. The operations may be conducted by
two or more
nodes illustrated in a parallel workflow, as described with reference to FIG.
3 herein.
[00133] In some embodiments, one or more nodes may be configured to promote or
broadcast
a verified blockchain transaction to the electronic ledger of the blockchain
network. That is, one
of the two or more proposed blockchain transactions validated in parallel may
be initiated for
propagation to the electronic ledger. In some embodiments, selection of which
of the nodes to
retrieve the validated blockchain transaction for broadcasting to the
electronic ledger may be a
random selection, thereby reducing likelihood of single points of failures and
reducing the
likelihood that an unscrupulous or unintended entity may be able to compromise
a node to alter
contents of the proposed blockchain transaction for updating digital asset
encumbrance.
[00134] In some embodiments, if one or more nodes conducting operations of the
parallel
validation results in a failed validation / integrity check, then none of the
proposed blockchain
transactions being validated may be viable candidates for broadcast to the
electronic ledger.
[00135] Reference is made to FIG. 6, which illustrates a block diagram of a
computing device
600, in accordance with an embodiment of the present disclosure. As examples,
the one or more
nodes in the group of nodes 120 (FIG. 1) may be implemented using the example
computing
device 600 of FIG. 6.
[00136] The computing device 600 may include at least one processor 602,
memory 604, at
least one I/O interface 606, and at least one network communication circuit
608.
- 25 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[00137] The processor 602 may be a microprocessor or microcontroller, a
digital signal
processing (DSP) processor, an integrated circuit, a field programmable gate
array (FPGA), a
reconfigurable processor, a programmable read-only memory (PROM), or
combination thereof.
[00138] The memory 604 may include a computer memory that may be located
either internally
or externally such as, for example, random-access memory (RAM), read-only
memory (ROM),
compact disc read-only memory (CD-ROM), electro-optical memory, magneto-
optical memory,
erasable programmable rad-only memory, and electrically-erasable programmable
read-only
memory (EEPROM), Ferroelectric RAM (FRAM).
[00139] The I/O interface 606 may enable the computing device 600 to
interconnect with one or
more input devices, such as a keyboard, mouse or pointing device, image
capture device, touch
screen device, a microphone device, or one or more output devices such as a
display screen or
a speaker, among other examples.
[00140] The network communication circuit 608 may be configured to receive or
transmit data
messages to or from other computing devices, to access or connect to network
resources, or to
perform other computing applications by connecting to a network (or multiple
networks) capable
of carrying data.
[00141] The term "connected" or "coupled to" may include both direct coupling
(in which two
elements that are coupled to each other contact each other) and indirect
coupling (in which at
least one additional element is located between the two elements).
[00142] Although the embodiments have been described in detail, it should be
understood that
various changes, substitutions and alterations can be made herein without
departing from the
scope. Moreover, the scope of the present application is not intended to be
limited to the particular
embodiments of the process, machine, manufacture, composition of matter,
means, methods and
steps described in the specification.
[00143] As one of ordinary skill in the art will readily appreciate from the
disclosure, processes,
machines, manufacture, compositions of matter, means, methods, or steps,
presently existing or
later to be developed, that perform substantially the same function or achieve
substantially the
same result as the corresponding embodiments described herein may be utilized.
Accordingly,
the appended claims are intended to include within their scope such processes,
machines,
manufacture, compositions of matter, means, methods, or steps.
- 26 -
CA 03167377 2022-07-11
WO 2021/142541
PCT/CA2021/050030
[00144] The description provides many example embodiments of the inventive
subject matter.
Although each embodiment represents a single combination of inventive
elements, the inventive
subject matter is considered to include all possible combinations of the
disclosed elements. Thus
if one embodiment comprises elements A, B, and C, and a second embodiment
comprises
elements B and D, then the inventive subject matter is also considered to
include other remaining
combinations of A, B, C, or D, even if not explicitly disclosed.
[00145] The embodiments of the devices, systems and methods described herein
may be
implemented in a combination of both hardware and software. These embodiments
may be
implemented on programmable computers, each computer including at least one
processor, a
data storage system (including volatile memory or non-volatile memory or other
data storage
elements or a combination thereof), and at least one communication interface.
[00146] Program code is applied to input data to perform the functions
described herein and to
generate output information. The output information is applied to one or more
output devices. In
some embodiments, the communication interface may be a network communication
interface. In
embodiments in which elements may be combined, the communication interface may
be a
software communication interface, such as those for inter-process
communication. In still other
embodiments, there may be a combination of communication interfaces
implemented as
hardware, software, and combination thereof.
[00147] Throughout the foregoing discussion, numerous references will be made
regarding
servers, services, interfaces, portals, platforms, or other systems formed
from computing devices.
It should be appreciated that the use of such terms is deemed to represent one
or more computing
devices having at least one processor configured to execute software
instructions stored on a
computer readable tangible, non-transitory medium. For example, a server can
include one or
more computers operating as a web server, database server, or other type of
computer server in
a manner to fulfill described roles, responsibilities, or functions.
[00148] The technical solution of embodiments may be in the form of a software
product. The
software product may be stored in a non-volatile or non-transitory storage
medium, which can be
a compact disk read-only memory (CD-ROM), a USB flash disk, or a removable
hard disk. The
software product includes a number of instructions that enable a computer
device (personal
computer, server, or network device) to execute the methods provided by the
embodiments.
- 27 -
CA 03167377 2022-07-11
WO 2021/142541 PCT/CA2021/050030
[00149] The embodiments described herein are implemented by physical computer
hardware,
including computing devices, servers, receivers, transmitters, processors,
memory, displays, and
networks. The embodiments described herein provide useful physical machines
and particularly
configured computer hardware arrangements.
[00150] As can be understood, the examples described above and illustrated are
intended to be
exemplary only.
- 28 -
