Essay on the possible use of blockchain technologies to assist in a positive way during & after the Covid-19 crisis.
About the author and his motivations for this blog post
My name is Alexander Pfeiffer, I work at the Department for Comparative Media Studies / Writing with a scholarship from the Max Kade Foundation and the Austrian Academies of Sciences. I am primarily dealing with the impact of blockchain technologies and digital qualified signatures (digital identities) on education in its full range. During the last months, but especially recently in the lockdown phase caused by the Covid-19 crisis, it has become more and more apparent that properly designed blockchain technology based solutions can contribute significantly to solve present-day problems. Previously published articles and pre-prints of mine can be requested on research gate. Other resources are my MIT Research Blog and my private website (CV), where you can also find my contact information.
In Austria I am affiliated with the Centre for Applied Game Studies at Donau-University Krems, which I have been heading for 8 years. At the Department for AI at the University of Malta, I am studying for my 2nd doctorate. I am also co-founder of Picapipe GmbH (winner of the Austrian Blockchain Award 2020) in Austria and of the B & P Emerging Technologies Lab in Malta.
My Max Kade Foundation scholarship has been recently extended. I would like to use the extension to, on the one hand, widen my original project, but on the other hand to explore how my research can help in the current covid-19 situation. (or similar scenarios in the future). In this blog post I will give an overview of the basic assumptions I made and then describe the use cases I plan to look at more closely.
Preconditions
The following examples are based on certain basic requirements:
- A public blockchain is being used. Or a combination of private/consortium blockchain in a setting that makes sense and does not limit the reasons why blockchain is used. (e.g. personal data is stored using a private blockchain to ensure GDPR compliance, or highly sensitive company data remains in the private area of the respective company, but the matching of the hash values ensures that the private blockchain can be trusted as much as possible).
- “Non freely tradable utility tokens” are being used. I.e. the tokens cannot be retransferred to other users freely, but neither can the issuer withdraw them from the user.
(regarding my proposal of token definitions see: proposal for a category system) - Transaction fees to the network are paid by the respective issuer(s) or operator(s) of the token(s). Therefore the users themselves do not need to hold any “tradeable network maintenance utility tokens”, or “cryptocurrencies”, nor do they need to know about blockchain. For users, it’s as if they were simply using an app, but they can always track their transactions using a public available blockchain tracker or their very own node.
- It is possible to encrypt the message associated with the token, so only the transaction itself is publicly visible, while the private information remains private and only accessible to those parties who should have access to it (for the relevant period).
- To achieve this shared-keys can be generated, and thus a sharing system for third parties who get access to the information attached to the token can be developed (but not the token itself as information bearer).
- This message (the core content) can, in certain cases where it makes sense, be deleted from the blockchain after some time (with the knowledge of the partners involved). Only the proof of the transaction itself remains.
- Users can, if they want, always operate a full node and this with existing devices such as their own modern smartphone, their own PC or with inexpensive hardware such as a Raspberry Pi.
- The Full Node can be operated without holding network maintenance tokens or cryptocurrencies.
- Holding such tokens is only necessary if the users want to be part of the active network and conduct mining / forging.
- The availability of digital qualified signatures, or other secure forms of digital and forgery-proof identity verification. For a more detailed explanation on digital IDs, I can refer to the following pre-print: Introducing the concept of “digital-agent signatures”: How Self Sovereign Identity (SSI) can be expanded for the needs of Industry 4.0
- Use of an EID wallet. This is a wallet for blockchain tokens that is bound to a person, it can hold utility tokens and manage smart contracts. (See paper above)
- Let’s assume that private individuals and companies learn to handle their private key carefully both in the blockchain segment and in the digital signature process.
- Under very specific circumstances it can be defined that the private key itself is only known to the system and the operations on the blockchain wallet of the individual user are controlled by the regular user/PW system of the used app. In this case, if you create a user account for the app, a blockchain wallet address is generated for each user per app. This prevents the user from using it for other purposes. This makes sense if blockchain is simply used to store some processes and functions of an app (e.g. vouchers) in a manipulation-proof way.
Remark: This is only a theoretical experiment based on first thoughts. If you are interested to work in more detail on a specific topic, I would be glad to get in contact with you and work on possible solutions and post extended concepts here on this blog. However, the primary goal of the article is to motivate readers to learn more about blockchain and the possibilities that this technology offers especially in combination with proper identity management. The case studies and solutions given here are my private opinion and should not be taken as the view of the lab, department or the university as an institution. By this I mean especially the point that the university of course works with various blockchain solutions, while my case studies are primarily based on those blockchain systems with which I am personally familiar.
That is enough of the introduction, let’s now continue with some examples:
Verification of authentic goods
State of affairs or a possible scenario: Governments that do not have expertise in purchasing protective equipment buy it from companies with which no trading relationship exists. Upon delivery, it turns out that the goods are faulty or even counterfeit. [Article in “Tiroler Tageszeitung” which describes the purchase of 20 million possibly defective masks by the Austrian government/company from a Chinese company.]
A possible solution: Even Blockchain will not be able to avoid intentional fraud, for example, if the seller vanishes into thin air after the goods have been shipped and disappears with the deposit. Where blockchain can be used is to verify that, for example, the goods were not exchanged during transport. Smart Contracts can additionally be implemented for payment transactions and other aspects such as warranty, which will ensure more secure processes for all parties involved, from the manufacturer, sales, logistics companies and wholesalers to the end customer. Riktig (YouStartIt Alumni, Malta) invented a solution based on chips as we know them from passports. In the example shown here, this chip can be built into the sealing of the package. If the packaging is broken, the original chip can no longer be attached. If a counterfeit chip is attached, this can at best lead to a counterfeit verification website. This means that if the recipient of the goods is only a little bit careful and works with the best of his or her knowledge and conscience, the goods cannot be exchanged after sealing. The great thing is, with this solution you can also work with different blockchain systems to increase the safety even more. For example, while the Chip IDs are registered on the Bitcoin Blockchain during production (i.e. before delivery to the dealers and manufacturers), the contract data can be registered on another solution (such as Ardor, Nxt, Ethereum – or if delivery is made within a company on a private (consortium solution).
Mapping of delivery routes
State of affairs or a possible scenario: The truck’s route is recorded on the truck driver’s transport documents (perhaps crumpled slips of paper) in connection with various central databases. This is of course supported by technical solutions like GPS, but the entries of the GPS data are again only stored in central databases. It is therefore (easily) possible for system administrators of the respective systems to change data in general, or to correct specific information, e.g. the truck driver or owner of the truck company for a specific route. This can be done intentionally because someone has made an incorrect entry, or maliciously to hide information. Of course, digital forensics can then be used to try to find the perpetrators of this fraud, assuming that the investigators can get access to the data at all, and for this a court action is needed. The data can also be deleted by software and hardware until the legal process starts. In the current situation, this often means that the question is not only “where is my goods at the moment?” but also whether the currently rapidly changing situation in legislation has an influence on the dispatch of the goods. In Germany, for example, trucks with urgently needed protective equipment in Austria were prevented from continuing their journey, because Germany has imposed an export restriction (Article Kleine Zeitung). If this export restriction is only valid from a certain purchase and/or shipping date, it is necessary to be able to control deliveries at the border immediately and in accordance with the law, and to stop only those trucks that actually violate current regulations.
A possible solution: If the freight documents are set up on blockchain and Smart Contracts trigger transactions either at predefined events or when the freighter confirms these with his or her digital signature, they can no longer be manipulated afterwards. This transaction can contain (again encrypted, of course) the GPS coordinates, time stamps, the people involved, the total travel time, the fuel used, or any other relevant information. If there is any misinformation due to a human or machine error, a correction record can be created. However, this does not overwrite the old data record, all information on the blockchain is always visible, even if links should be removed in the end user app. Of course it is also possible that, if all parties agree, the information that is bound to the token as a message will be deleted from the blockchain after some time. For example with the formula: Accepted delivery + 2 years. This helps that the blockchain does not grow indefinitely.
Verification of text, image and video sources to protect authors’ rights and prevent fake news
State of affairs or a possible scenario: Especially in times of crisis and uncertainty it is more important not only to take action against actively spread fake news but also against media companies that knowingly (or unknowingly) use film, audio, image or even text material. For example, in late March, CBS News used video footage to illustrate the dramatic situation in NYC, which was filmed in Bergamo, Italy, and used by Sky News for a report shortly before. (See NY-Post article).
A possible solution: Blockchain and digital signatures can provide a very efficient solution here: A unique hash value can be generated from each digital medium.In a decentralized author database, the author enters his work, which can result in a unique token that is held by the author (if, for example, only the copyright for open source footage is to be secured), or several pieces of a unique token series can be created that represent the rights of use and media companies that want to use the footage must hold the respective token. It can also be considered in advance that the authors not only enter the respective piece into a database and sign it there, but all authors also sign the digital file. A smart contract could then automatically handle contractual matters such as royalties. Ultimately, it would also work very well if media companies were to display the origin of the respective footage on their own websites and information platforms by referring to the token IDs or transaction IDs associated with the respective broadcast. Even if this never becomes legally binding, quality media could voluntarily start doing so in order to distinguish themselves from trash, tabloid or hate media.
Voting within companies, universities or other entities
State of affairs or a possible scenario: For a medium-sized private limited company, an election of the owners is pending. Due to the Covid-19 situation the owners are spread all over the world. Normally they would meet, take a printout in an envelope and put it in a box. However, they also do not want to use a commercial solution where they do not know where their information is stored.
A possible solution: On blockchain this could simply be done by the company operating a small private blockchain. Or use a public blockchain and encrypt the voting text accordingly. Every owner gets the same token. For example, 15 tokens were generated for 15 owners, which have the same token ID and the same rights for each token are registered in the account properties. This means that the token enables voting.To ensure anonymity, the token is set to shuffling. This means that each person gives a vote, but a randomized other manager sends the vote. It is not possible to track who has cast which vote, not even the system administrator, because the shuffling mechanism itself is not accessible by any key. If a public blockchain is used, one could go so far that the vote is sent from an account of tens of thousands of other users to the company’s voting software. (encrypted of course, the key of the voting software only decrypts the information about the vote cast, e.g. red or blue; yes or no; increase or decrease). An article about shuffling can be found e.g. here in the technical documentation of the NXT Blockchain.
There are, of course, other ways to ensure privacy. These might be described as “zero knowledge proof” systems. MIT has been working on these since the 1980s and this WIRED article gives a useful introduction about them. I would rather describe it as “only-the-system-knows-and-we-trust-the-system-proof” until I find a better name.
If someone likes to test voting on blockchain, a promising approach is SmartVoting developed by “WireMaster”.
Political votes
State of affairs or a possible scenario:: We have the same problem especially at times of crisis due to a virus in political votes. In Austria, for example, the National Council has already been decimated to a smaller number of people, as provided for in the emergency protocol. This is of course a serious decision in terms of democratic policy, but it was necessary after the first parliamentarians tested positive. (Article Kleine Zeitung) During the crisis, the National Council therefore has 96 instead of 183 members of parliament who are entitled to vote. This means that currently 87 voters are not able to vote. In this case, the votes are also public and are broadcast on television during the regular sessions. It should (so one would think) be particularly easy to switch to digital systems here.
Due to the Covid-19 situation, the first digital elections were held in the EU Parliament on march 26. But how this was carried out is worrying. MEPs received a digital document, had to print it out, tick their vote, scan it and then send it from their email address to a central email address. The scope for manipulation is, of course, enormous, since the MEPs also used their private infrastructure to vote. There was also no automated counting, although the votes were taken digitally. (This Techcrunch article describes the situation well). Within the EU this is particularly surprising, as there is a legal regulation called E-IDAS, which defines the digital signature system very precisely and describes the technical and legal conditions in detail. Digital signatures should therefore not be new territory in the EU.
A possible solution:It is very similar to the first case, except that we do not only want to know who voted. We also want to know who voted for which result. We must therefore take the opposite approach to the one above and make sure that the blockchain address to which the “voting authorization token” is assigned also belongs to a specific person and that only this person has access to vote on it. Like the private key (knowledge) and a generated code on the secure service phone (possession). If this technology would be used in government voting, all the advantages of blockchain in combination with digital signatures and proof of identity would be given. A highly secure, personalized, transparent vote that can be automatically and instantly counted and published at the end of voting.
Public elections
State of affairs or a possible scenario: Due to the Corona crisis, public elections are of course a critical point. Done Non-digital, you put people at great risk. The New York Times reports on the postponement of 16 elections in the USA due to the crisis. In Austria the Vienna elections were postponed to the last possible date in mid-October (see article on wahltermine.at). In Austria, it is currently possible to use the so-called citizen card or mobile phone signature (cell phone signature) to apply for voting cards for postal voting. In smaller elections, such as those for university representatives, the citizen card has already been used. The first attempts were perhaps a little too early, being implemented in 2009 (see Article from der Standard) when the citizen card was not yet available on mobile phones but only on smart cards. The evaluation report of 2010 shows the strengths and weaknesses of the pilot project at that time. Only 1% of eligible voters took advantage of this option in the pilot test, as the penetration of digital identity in Austria was only marginal in contrast to 2020. Unfortunately, this attempt, 10 years ago, still has a certain aftertaste and gives politicians in Austria excuses not to carry out e-voting with the help of mobile phone signatures and modern open-source blockchain systems in a highly secure, transparent, automated manner, while still respecting the secrecy of the vote. Now, due to the Covid-19 situation, there is a new pressure on politics, but unfortunately the deep understanding of blockchain technologies is not available among decision makers. Referring to this example in Austria, it has to be clearly stated that this took place in the pre-Bitcoin (and therefore blockchain) era.
A possible solution: If social-distancing due to Covid-19 were not currently one of the most important measures to combat the virus, my suggestion would be that the election be held at the polling station after all. Not on a piece of paper, but on your own smartphone or a device that is provided for this purpose (and where it is technically guaranteed that the voting software is reset after each voting). The voter authenticates himself with his passport/a government-recognized digital or non digital ID, scans a QR code, generates a anonymous blockchain wallet-address which receives a unique token, and goes, as is the tradition, into a voting booth and clicks on his or her vote. On the smartphone, a green arrow will appear to confirm the vote. In the background the voting information is stored on the voting tokens and sent to the central address which stores all voting results. The block chain address generated for the voting process has a “one-time key”, this key is only known to the system and is used during the voting process and is ultimately no longer usable. Technologically, it must be guaranteed that no personal reference to the vote can be made. In this case it would only mean that “a person who is entitled to vote has cast a vote”. The person him/herself is removed from the electoral register the moment he/she identifies him/herself to the local election commission. This means that even if the person does not vote on election day, he or she cannot get a new authorization. (Now one can also pick up the voting paper and vote invalidly or not even put it in the envelope but go home without having voted although one would be entitled to do so.) In this way, the systems of authentication and the voting itself are separated. The advantages of this type of election are clear: the election commission has no chance of manipulating the counting of votes. The results are available instantly after the end of the election, almost 100%. Only the remote votes by absentee ballot would have to be added, these could still take place classically on slips of paper in the first attempt of the election.
Now it is of course different in the current situation and new solutions have to be worked out, because even in countries that have more than a decade (in Austria almost 20 years) of experience with digital identities, they are still not completely rolled out.
A simple approach would be a non-digital election, giving citizens one week to go to the polling station and vote. Here the problem is figuring out how to install the election commission per polling station over a long period of time, as the people involved do this voluntarily and off the job.
It is possible to switch to 100% postal votes and thus start the election process earlier and set the deadlines for the nomination of candidates accordingly.
Or if you switch to digital processes, this could be implemented in the long term in such a way that you register as a voter for an autumn election starting now in spring (so you have no queues at the registration desks). Citizens receive the right to vote, whereby the data of the candidates that can be elected will only appear in the actual election app shortly before the election. (Technically absolutely no problem and also democratically).
For elections that have to take place at short notice, voters could register themselves by entering several things about themselves. Passport number (or similar document), number of the main residence registration form, postal code of the first registered residence and similar. This information is then used to generate the authorization to vote in the blockchain-based voting app. Persons who have a digital identity can of course use this for this purpose. Technologically, however, it must be clearly guaranteed that the authorization to vote and the voting itself are clearly separated. And the source code of the software itself must be accessible to scientists and IT specialists. Self registration in the way described above, does not prevent fraud to 100 % of course.
In terms of blockchain technology, you can either use a public blockchain or a consortium solution, where the nodes are located at the various political parties, but also at the Federal Computing Center, in the ministries and at NGO organizations that monitor the election. The transaction hashes can then be stored on a public blockchain at the end of the election to ensure that nothing can be manipulated afterwards.
Maintaining a health passport and implementing health requirements for certain activities, taking into account privacy and data protection.
State of affairs or a possible scenario: Cultural or sporting events currently do not take place or only under very restrictive conditions.Mothers have to give birth to children alone in the hospital without their partners, sick people are not allowed to be visited and no visits are allowed in old people’s homes. There are also extremely strict measures for travel, such as the travel ban for Europeans to the USA. (All these things are known to everyone, so I do not link any articles here that are reporting these issues). One solution – which is of course extremely controversial from an ethical and sociological/socio-political point of view – is to prove that you already have antibodies against Covid-19 (i.e. that you have already survived the disease), or if you look into the future, let’s say 2022, to prove that you have received a vaccination. However, various solutions are already being worked on worldwide, including a solution by the Austrian State Printing Office called Restart.ID. (Article from futurezone) The State Printing Office solution combines the digital passport, which can be applied for in Austria, with a digital proof that antibodies (or later a vaccination) exist. The idea is that in all the above-mentioned cases one can prove his/her health status linked with his/her digital identity e.g. at the entrance of an event venue. This can of course also be shown with paper documents, but here one does not know whether the health status (or even the ID) is not fake. While in the solution, as Restart.ID intends, the digital proof of authenticity is / can be provided. Apart from the social concerns, the app Restart.ID must currently be viewed neutrally, since the technical construction of the app cannot be verified due to the fact that the system is still under development.
(Remark: The State Printing Office is a privately managed company and only bears the name of the original institution, as the name was also purchased during privatisation).
A possible solution: At this point I would like to introduce the concept of Mark Bugeja (University of Malta) and me in more detail – the E-ID Wallet: An E-ID wallet, is a wallet for blockchain-tokens, which is linked to one or more digital signatures of the owner(s). Valid signatures include government issued signatures, any signature from a self-sovereign identity app, a signature issued by an educational institution, signatures issued by an identity verification company or a connection to a social media account. There are different levels of trust in the digital signature to be considered. Depending on the selected signature type, the proof of the signature transaction is stored and displayed differently. The signature hash value can be published, for example, on a protocol page of the respective trust center, on the blockchain used by the SSI app, in which case, a token (including the private data as encrypted message) is sent from the (signed E-ID wallet) of the SSI app provider to the newly signed E-ID wallet of the user. Or it could be a published tweet, with the wallet address and the signature value, if the own Twitter account has been chosen for identity binding. Different levels of trust establishment require different measures to store the signature proof. The signature chain can be retrieved for each E-ID wallet. For example, if an E-ID wallet is dedicated to a department of a company, you will see that the main account of the company and the person responsible for the department have signed. But also who originally signed the main account of the company and how the main person responsible for the department got this status. Whether the private data is publicly accessible or encrypted is of course always subject to the person or institution and their needs. In other words, whether it is essential that everyone can see who the wallet is assigned to, or if only persons, company-partners, or other departments of a company who gain access to this information should know the ownership. However, the special feature of the E-ID Wallet is that, in addition to digital identities, it can and should also hold blockchain-based tokens and can therefore be used for utility tokens linked to an identity on the one hand, but also for cryptocurrencies as a form of payment with proof of identity (to counteract money laundering and other similar problems) on the other. It should also be noted that some blockchain-token wallets already offer the possibility to name the wallet publicly (for example original Ardor wallet), but here it is a pure self authentication. (Taken from: Introducing the concept of “digital-agent signatures”: How Self Sovereign Identity (SSI) can be expanded for the needs of Industry 4.0)
In the case we want to accomplish here, the E-ID wallet would offer the possibility to choose from one or more different forms of digital identity (Depending on the required level of ID verification) and to combine this on the one hand with the proof of health (proof of anti-bodies) and, for example, the admission ticket or the flight ticket, which are kept in the wallet as separate tokens.
The provider – e.g. the concert organizer – basically specifies the requirements, the customer shows that the requirements are met. That’s it. There is no private data transferred to any cloud service, advertising providers, trackers and similar entities. And the provider of the service receives a secure guarantee that the requirements are met without needlessly finding out other things (e.g. when the illness took place, if there are other illnesses, where the person lives, passport number and similar). Of course it makes sense if, apart from the “green tick”, a picture of the user is also displayed. The image comes from the stored and used ID, or another linked and trusted source. (Thanks to Lloyd Donelan from the LIVE Lab of Texas A&M University for contributing)
Now in this case and also in the Handshake App described below, we have to think a big step further, it is a pandemic and not a local crisis. Therefore, we need solutions which are accepted by the whole world. How does it help me if I am allowed to go to a concert in Vienna, but in Valletta it might be understood that there is the E-IDAS regulation and signatures are to be recognized and it takes 20 minutes to get confirmation to enter but the USA only accepts strictly those products that were developed by US-Universities and Companies. (And this dispute will come for sure). The E-ID Wallet can now also serve as the superordinate decentralized open-source solution, which offers all local systems the possibility to connect. So the digital passport of the Austrian State Printing Office could just be an option that is selectable as a digital ID. Or the way the Restart.ID app stores the health data could be a way to select the proof of health and then this is just connected to the entrance ticket. One solution would be for the authorities in each country to declare what digital evidence they accept in the country and so the security at the concert hall in Boston would see the digital evidence that my home country considers this form of digital ID and the stored health data to be valid. This would then help accelerate the worldwide acceptance of these solutions. Because only the possibility of obtaining health proof worldwide makes sense globally. Everything else are local gimmicks that only work as long as our borders are strictly closed and we are only in our own country.
Handshake Apps. (Learn if you have met someone who tested positive at time X after the encounter)
State of affairs or a possible scenario:: Various countries, universities and companies are developing apps that allow people to determine if they have met another person who has tested positive after the encounter. Behind the solutions are different interests of politicians, entrepreneurs or simply the desire to help. Let’s compare again Austria and the work currently taking place at MIT.
The “Stopp Corona” app has been developed in Austria, which has major concerns under data protection law and the source code cannot be inspected. (Article from der Brutkasten). Also, there are big concerns about who, with how much money, with what specific reason the investors (an insurance company) financed the app. And also the question what the political motivation behind the app and how it was published. (It has been discussed and proposed by one party that the app should be mandatory). One point of concern, for example, is that the users of the app are registered via their telephone number. In the Austrian media landscape and among Austrian experts there are conflicting opinions on the functionality and data protection of the app. (See articles: ORF.at der Standard Trendingtopics Futurezone)
A much better approach in many respects is the one that MIT is currently developing to find out if you have been around people who later tested positive for Covid-19 (see following article for a deeper understanding MIT News). Those points of criticism that were expressed in the Austrian solution are already taken into account here in advance. In my opinion, the MIT solution has the potential to become a worldwide standard if local solutions use the technology and are developed under the MIT (open-source) license. This would massively reduce the worldwide costs and enable a worldwide usage for such apps corresponding with each other. (and only then it makes sense, especially if the borders are opened again). If you read the MIT News article it describes that the data is uploaded to a database. I would like to follow up exactly there with my suggestion to show how this database can be decentralized and prevent the use of any private data.
Update 05/04/2020: In the EU (including the “Stopp Corona App” described above), DP-3T Standard will be used instead of PEPP-PT. (see Article FM4) Also the Source-Code is now available for review. Code Review from SBA Research.
A possible solution: The goal is, as mentioned, to separate the personal data from the transmitted chirps (bluetooth signals) protocols in the best possible way. Therefore, the minimum amount of personal data that is necessary should only be stored locally on your own device, while the token consists only of a log of the chirps recordings. On the Ardor or NXT Blockchain the Singleton Tokens are the best choice. A Singleton Token is a token that exists once and is registered with an own Asset-ID in the blockchain. (see Ardor technical documentation).
If a user now installs the app, he/she does not have to register in any way. There are only 2 buttons: “Activate/Deactivate Chirp Protocol” and “Self report of a positive test, with selection of the date of the test”. Both buttons have to be confirmed at least one more time. When reporting a positive test, the date must also be entered manually so that it is not transmitted unintentionally.
When the chirp protocol is activated the following happens:
After a fixed period (e.g. always at 0:01 am, or the next time the mobile phone is on the Internet) a request is sent to a main Ardor address (storing all chirp tokens) to generate a new chirp token, and a message is to be attached to this chirp token (each token is a unique asset with a unique asset-ID). The message can be attached unencrypted, because the chirp data itself makes it impossible to trace the user’s device). (I use a similar approach in one of my prototypes for storing grades in the Max Kade funded project)
Each installed app automatically receives a shared-key from the network to trigger this procedure. This shared-key is encrypted so that it cannot be seen and processed by the user, but only by the blockchain network.
If the user now activates that he/she has been tested positive:
Then all Chirp Protocol Tokens from the token-generating Ardor address will be sent to a 2nd Ardor address on the network which only contains the tokens of people who tested positive. For example all tokens generated 5 or more days before the test was performed up to the current time period. No human developer has access to this ardor address, the private key will be destroyed by the developers after it has been generated, similar to “burn addresses”. The period is of course difficult to determine due to the unclear incubation period. The MIT solution assumes, according to the article, 14 days into the past. Possibly the user could enter additionally from when he/she has first felt symptoms.
Now how do you check if you’ve had contact?
This process has to be started manually, as no automated notification can take place due to the missing personal data. In principle, it is sufficient if there is a website that shows a QR Code that triggers the process. Instead of a website, this could also be built into the graphical user interface of the blockchain node as a dedicated function, so that the user can decide not to use any third-party service. A crawler will then test if the outgoing chirps stored on your mobile phone or an outgoing chirps from the list I sent on one of my generated tokens matches a token stored on the Ardor address that shows the active cases. If so, the date of the contact and the duration can be read.
What is now stored locally and how do you secure this data?
Of course it must be possible to connect the information on the blockchain with the mobile phone’s own signal. Instead of working with the user/PW or the mobile phone number, you only have to work either/and/or with the locally stored list of chirps on your mobile phone or the asset ID of the user-generated tokens stored on your device.
Of course, this information should not be stored in plain text but encrypted, for example with the shared-key, which is only accessible by the Smart Contract but not by a human being.
Only a mobile phone thief who gains access to the mobile phone operating system and access to the app (which could be protected from local access with a simple pin code, which is not the pin code of the mobile phone itself) would have the possibility to check if the owner of the mobile phone had contact with Covid-19 patients. From the outside, it is impossible to establish a person-related connection on a mobile phone that has no malware such as a Trojan installed.
With the Handshake App you also have to take into account that in many cases it also causes worries among the users, which will ultimately be groundless. Therefore, the state-supported test centres, such as the service number 1450 in Austria, should support the persons who have received “Chirp-hits” (and like to share this information) and enable quick and free test.
In both approaches, the “I prove that I am healthy” and the “I want to know if someone has endangered me” app, in addition to the highest possible guarantee of privacy, it is also important to consider how to ensure that there is a worldwide standard that can be accessed by various local solutions, such as local ID verification. And, of course, in consideration of national and international law. In my opinion, extreme caution must be exercised here in these specific usecases and it cannot simply be a contract work from a government or government-related institution to a private company. This possibly even without a call for tender.
Fraud prevention with regard to state-ordered health tests
A possible scenario: It is likely that citizens will receive phone calls or e-mails that they will be tested. For example, in a study by a university or because governments are rolling out antibody tests for the whole population. This time will be used by scammers to call citizens, make an appointment and then commit burglary, fraud or violence. (Article in Salzburger Nachrichten about a fake-invite for Coronavirus testing)
A possible solution: The solution are identification numbers of the test persons stored on blockchain. A test person who is actually from the government has to show the citizens a QR Code. The citizen can then scan if the person is authorized. In principle, a singleton token would be created for each tester, which is signed by the respective government institution.
It is important that the media publish adequate information about the general process. And there is also a separate app developed by the government, together with NGOs and universities, to carry out the validation process. It must be prevented that the fraudsters are so reckless to fake the complete validation process. In this case, each state can develop its own solution, but of course it would save time and money if top universities, together with institutions like the WHO, would provide a potential solution.
Fraud prevention in relation to police activities in times when the police are equipped with massive powers of privilege
A possible scenario: In this case, each state can develop its own solution, but of course it would save time and money if top universities, together with institutions like the WHO, would provide a potential solution. (Article about the situation in Austria published by Kleinen Zeitung).
A possible solution:The solution is similar to the health test above.Citizens should be given the opportunity to ask police officers for a digital and signed authorization card if they think something is wrong or if they suspect that the assumed police officer is only wearing a carnival costume and is only pretending.
Applying for and processing state aid
A possible scenario: Worldwide, the economic system is collapsing and the financial situation of families is precarious. In order to counteract this, there is, for example, the “Härtefond” in Austria or the emergency aid of the government in the USA. In all these cases, processing should be safe and quick. Safe means here that the persons who meet the requirements also receive the money, but also that they receive it via secure channels and do not have to stand in a queue for registration or for collecting the money.
A possible solution:In the handling of state aid, blockchain systems and smart contracts can help massively to accelerate processes and to handle them securely. This would have to be looked at case by case and is beyond the scope of this blog post ;).
Recording of test results (anonymised) for worldwide comparison of case numbers
A possible scenario: The various figures, data and facts relating to Corona patients worldwide are compiled in various databases.These databases are then summarised and published, for example by universities such as John Hopkins University. Even within one country, the counting method often does not work satisfactorily, as the data collection in Austria has shown, where reports from private clinics arrived with a time delay and processes were not automated until recently. (See explanation of Corona data on orf.at)
A possible solution: Blockchain can serve here with its core function to generate trust between different users, companies, countries, and continents. Individual countries can report their daily test results and additional data attachted to the test results, for example used test procedures, daily at a fixed time to a central blockchain based database. Blockchain-based databases are therefore used so that no manipulation is possible, only follow-up reports. Local countries can either use private blockchain solutions or their local health databases, as long as these then store the hash values for the sent data records. (A local blockchain solution is of course preferred so that the country-specific hash values cannot be manipulated and data records are deleted).
E-Assessment and E-Learning
I almost forgot :). My core research area in the field of e-learning, e-assessment and verification of certificates of all kinds obviously became even more relevant in times of Covid-19. On this topic I would like to refer specifically to our paper in the MCAST Journal. Even if Covid-19 is not mentioned there yet, it is clear why our approaches are useful now. Because we have to verify original certificates from the home office, take oral or written exams using online tools and store the grades securely and with the consent of the examinee, as well as many other urgent cases.
Based on the pre-conditions described at the beginning, a small selection of questions which should be asked before working with blockchain in the public / non-profit / e-government sector.
- Is a private or public blockchain used?
- Which blockchain or combination of blockchains systems is used?
- Can the information-carrying tokens be sent from one account to another without this being originally intended?
- Is the private information of the token sufficiently encrypted? And if so, who has the keys to access the data?
- Can (temporary) shared-keys be created that give access to (specific) information for third parties?
- Is it possible for companies / universities / government institutions to operate their own nodes in the network and thus have data sovereignty? If so, how much effort and costs are involved?
- Is it even possible for users to run their own node? And if so, with what effort and costs?
- Do the partners involved have to purchase Cryptocurrencies? If so, for what purposes? And subsequently, do the users have to purchase cryptocurrencies?
- Further: Who pays the transaction fees to the network? Or are solutions used that do not charge transaction fees. If this is the case – which network was used and what are the effects of using a transaction fee-free solution?
- Do the partners of the respective project or the users create their own Blockchain Wallets? Or is this done for them “through the app”. If the latter, who and in what form has control over the private keys? [This is not bad per se in certain cases, when blockchain is used to secure certain data within apps, which are currently only stored on central servers. Nevertheless the architecture of the solution is very important to consider here].
I personally believe that a separate childchain on Ardor for Covid-19 related applications where the transaction fees are in place but absolutely minimal. Or a licensed Ardor Clon by a consortium of trusted NGOs could be a promising approach here. But first demonstrators can be created on Ignis. The childchain used to generate blockchain assets for use in different apps.
You like to play around with blockchain technologies?
If you are now curious about blockchain technologies, just go for it and look for “testnet” of the networks available and tutorials.
Let us work together!
Once again: I am very happy if colleagues contact me, want to expand this blog post here, create graphics and flowcharts together, discuss fundamentals and also point out weaknesses of the article. We can also submit together to conferences or to a journal that actually fits. There is certainly enough material and things to research :).
Additions to this article:
I would like to extend this article here at this place constantly and also the above mentioned short concepts further and in detail. But I am dependent on the feedback of the community and I am happy about topics of discussion or the wish for concepts that are desired and then implemented for the benefit of the society and not because of greed.
Update 19.04.2020 – Appearance in the show together-ing by Elisabeth Mong – aka Cryptowoman.
Elisabeth and I chatted about our current situation and how we live in times of Covid-19. We also discussed how Blockchain can help to be a useful tool in this crisis (if used properly):
The together-ing Videblog – Interview with Alexander Pfeiffer