Reissuing obligations to preserve privacy
Abstract
A system is provided for reissuing obligations whose ownership is recorded in a distributed ledger to preserve the identity of prior owners of the obligations. The system accesses a target transaction in which an issuer has a target obligation to a target owner specified in the target transaction. The target transaction has one or more ancestor transactions that each specify an owner. The system retires the target transaction so that the issuer no longer has the target obligation. The system then receives an indication that the issuer created a reissue transaction in which the issuer has a reissued obligation to the target owner that is specified in the reissue transaction. The reissue transaction does not have any ancestor transactions.
Claims
exact text as granted — not AI-modifiedWe claim:
1 . A method performed by one or more computing system for verifying a confidential identity of a first entity, the method comprising:
accessing a signed first confidential identity certificate of the first entity that includes a first confidential public key of the first entity and a first well-known name of the first entity and that is signed using a first well-known private key of the first entity, the first confidential public key and a first confidential private key composing a first confidential public/private key; a first well-known public key and the first well-known private key composing a first well-known public/private key pair; and verifying using the first well-known public key that the signed first confidential identity certificate was signed using the first well-known private key.
2 . The method of claim 1 further comprising:
accessing signed data that is signed using the first confidential private key; and
verifying, using the first confidential public key, that the data was signed using the first confidential public key.
3 . The method of claim 1 further comprising:
receiving from the first entity a first nonce; and
sending to the first entity a second nonce;
wherein the signed first confidential identity certificate is part of a signed hash derived based on the signed first confidential identity certificate, the first nonce, and the second nonce.
4 . The method of claim 3 wherein the verifying further verifies that signed hash is derived based on the first nonce and the second nonce.
5 . The method of claim 1 further comprising:
receiving a second confidential public key and signed data that is signed using a second confidential private key and; and
verifying, using the second confidential public key, that the data was signed using the second confidential private key.
6 . The method of claim 5 wherein the signed data is a transaction to which a second entity is a party, the transaction including the second confidential public key.
7 . The method of claim 5 wherein multiple first confidential identity certificates are generated for signing different data.
8 . The method of claim 1 wherein the signed first confidential public key is signed in combination with an identifier of the first entity wherein the signed combination forms a first confidential identity certificate.
9 . The method of claim 2 wherein the data is a transaction that identifies the first entity by the first confidential public key.
10 . The method of claim 9 wherein output of the transaction is input to another transaction to which the first entity is a party.
11 . At least one non-transitory, computer-readable medium carrying instructions, which when executed by at least one data processor, performs operations for verifying a confidential identity of a first entity, the operations comprising:
accessing a signed first confidential identity certificate of the first entity that includes a first confidential public key of the first entity and a first well-known name of the first entity and that is signed using a first well-known private key of the first entity, the first confidential public key and a first confidential private key composing a first confidential public/private key; a first well-known public key and the first well-known private key composing a first well-known public/private key pair; and verifying using the first well-known public key that the signed first confidential identity certificate was signed using the first well-known private key.
12 . The computer-readable medium of claim 11 further comprising:
receiving signed data that is signed using the first confidential private key; and
verifying, using the first confidential public key, that the data was signed using the first confidential public key.
13 . The computer-readable medium of claim 11 , wherein the operations further comprise:
receiving from the first entity a first nonce; and sending to the first entity a second nonce; wherein the signed first confidential identity certificate is part of a signed hash derived based on the signed first confidential identity certificate, the first nonce, and the second nonce.
14 . The computer-readable medium of claim 13 wherein the verifying further verifies that signed hash is derived based on the first nonce and the second nonce.
15 . One or more computing systems for verifying an identity of a first entity, the one or more computing system comprising:
one or more computer-readable storage mediums for storing computer-executable instructions for controlling the one or more computing systems to:
access a signed first confidential public key of the first entity and that is signed using a first well-known private key of the first entity, the first confidential public key and a first confidential private key composing a first confidential public/private key, a first well-known public key and the first well-known private key composing a first well-known public/private key pair;
verify using the first well-known public key that the signed first confidential public key was signed using the first well-known private key;
access signed data that is data that is signed using the first confidential private key; and
verify that the first entity signed the data using the signed first confidential public key; and
one or more processors for executing the computer-executable instructions stored in the one or more computer-readable storage mediums.
16 . The one or more computing systems of claim 15 wherein the signed first confidential public key is signed in combination with an identifier of the first entity wherein the signed combination forms a first confidential identity certificate.
17 . The one or more computing systems of claim 16 wherein the instructions further:
receive from the first entity a first nonce; and
send to the first entity a second nonce,
wherein the signed first confidential public key is part of a signed hash derived based on the first nonce and the second nonce, the first confidential identity certificate being received as part of receiving the signed hash.
18 . The one or more computing systems of claim 17 wherein the verifying further verifies that signed hash is derived based on the first nonce and the second nonce.
19 . The one or more computing systems of claim 15 wherein the data is a transaction that identifies the first entity by the first confidential public key.
20 . The one or more computing systems of claim 19 wherein output of the transaction is input to another transaction to which the first entity is a party.Join the waitlist — get patent alerts
Track US2022309505A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.