Smarter Signatures: Options to Ensure Fiduciary Protection on the Web

by Christopher Allen, Peter Todd, and Ryan Shea

Position Statement

Signatures are important to web technologies because they're what map human identities to public keys and their cryptographic identities. They're a critical link for creating security and preserving privacy on the web. However, smart signatures can do even more. Multisignatures allow several people to sign together. Signature delegation supports one person signing for someone else — for a short period of time, for limited situations, or for more extensive usage. Generally, smart signatures can be used to map not just human identities on the web, but also human relationships. This is especially important in a web-based world where fiduciary transactions requiring a high level of trust are regularly conducted through browsers.

Despite their importance, signatures aren't a well-understood or well-integrated part of current web technologies. Something needs to change.

To create smarter "fiduciary" signatures require new signature technologies that meet five core criteria for fiduciary responsibility. They must be deterministic, always returning the same results; they must be efficient, cheaply offering their results; they must be bounded, preventing DOS attacks; they must be composable, supporting complexity with constrained opcodes; and they must be inspectable, allowing for easy understanding.

Functional programming languages provide a sound basis for these technical requirements. However, there are a number of different options within that category, offering the opportunity for considerable discussion on the topic.

  1. Bitcoin Script. Obviously, the constrained Bitcoin Script language is already used as the basis of signatures in Bitcoin. Extending the existing Bitcoin Script system provides the opportunity for complex signatures of the sort needed for fiduciary smart signatures while still maintaining the important constraints of the existing Script language. Johnson Lau's BIP 114 demonstrates one possible way to do so.
  2. Other Forth-like Languages. If Bitcoin Script proves too constrained (or too static), a fiduciary smart signature language could instead be created by going back to the core foundation of Bitcoin Script: Forth. Alternatively, Joy might be an interesting variant. Like Bitcoin Script, Forth and Joy offer the advantages of languages built on the composition of functions.
  3. Lambda Languages. Finally, a fiduciary smart script language cold instead be built on a lambda calculus. Peter Todd has already been exploring this option with "Dex", a Deterministic Predicate Expression language.

Though the choice of a functional back end for fiduciary smart contracts is important, integration with a web front end may be just as critical. Most users will be accessing web browsers and ID wallets to view fiduciary smart signatures and to inspect their validity. The integration of HTTPS services into the web has already shown that minor changes to how a browser displays a secure (or insecure!) connection, and how it explains those results, can make large differences in whether users accept those connections — and thus the ultimate security of the internet. A strong smart signature system requires excellent web UI design to offer meaningful security, which offers another topic for discussion.

This is all just the first step toward better security for fiduciary activities on the web. Further questions, such as how to link asynchronous oracles and blockchain backends into the web and how to allow revocation, are also crucial.

Though the problems may be difficult, the end result of improved security on the web remains an important and worthwhile goal.

About the Discussion Leader

Christopher Allen is the co-author of the IETF TLS 1.0 standard for the web. He has also been deeply involved with blockchain technologies in recent years, including teaching at Blockchain University and working at Blockstream as Principal Architect. He has hosted two design workshops on Rebooting the Web of Trust; he worked with Ryan Shea on a white paper about Smart Signatures for the first workshop and offered suggestion to Peter Todd for an advanced reading on Smarter Signatures at the second workshop.

Supporting Resources

Allen, Christopher, et. al. 2015. "Smart Signatures". Rebooting the Web of Trust Design Workshop.

Lau, Johnson. 2016. "Merkelized Abstract Syntax Tree". Github.

Todd, Peter. 2016. "Dex: Deterministic Predicate Expressions for Smarter Signatures". Rebooting the Web of Trust II / ID2020 Design Workshop.

Torpey, Kyle. 2016. "New BIP Would Enable Better Privacy, CrossBlockchain Exchange, TrustFree Betting, and More for Bitcoin". CoinJournal.