Are there any examples of this solution used in production? I’ll google around, but this was the first thing that came to mind. Seems like a viable option w/out doing any research myself.
Interesting links I found. I think I understand this. It’s like TrueCrypt. It’s a simple encrypted payload of variable size that is added to anything and does not impact the original thing. It’s like an encrypted wart that you cannot see and can hide stuff in. Is that about correct?
Why does it 4x the original size? Isn’t the bloat a function of what you are adding to the encryption package? For example: If I add the string “deeZNNutz” to a 100kb image will it 4x the image size?
Same for me. Very interesting ideas.
Yes, it’s like a TrueCrypt container.
A quick test on my end shows that using a small text file as the secret input will not greatly impact the output file size.
Example:
input.png = 180 KB
secret.txt = 1 KB
unencrypted and encrypted output were both 180 KB
this is a pretty good idea. Can the contents of the container be changed? Not sure why we would need to do that. But I assume a public key would be added the the container. And that, along with the private key, will confirm ownership of the digital asset. If the contents of container are tampered with the private key will not authenticate ownership.
And if someone loses the image it’s like losing a private key? What is to prevent someone from removing the container and attaching it to another image? I assume the key generation is a function of the hash of the object the container is attached to?
This is cool.
I’m not aware of a commercial software that offers this steganographic solution, but maybe someone has already tried this?
Yes, it’s dynamic and can be updated by the token holder.
As for why we want this – let’s aim for multi-use NFTs as opposed to single-use.
I’m still thinking of how this will impact the NFT record on-chain.
Yes, but hopefully the carrier is uploaded to a reputable storage service.
Nothing. Some actors may try to extract and bruteforce these containers. This is the tradeoff for having open source code, a public ledger, and a project criteria to embed any amount of data.
I’m still working on this part, but ideas for key management are welcome.
Awesome. I can dig around for key generation articles too.
But to be clear, the goal is to make sure an encrypted container is attached to a specific “thing A”. And if we remove the encrypted container and attach it to “thing B” it will not be authentic.
Correct?
Spectral Attestation could check a hash that is part of the NFT’s record on-chain.
hash(output with embedded secret)
If someone manages to append the secret container to another file, good for them. They still need the private keys and the ledger won’t validate the imposter file is authentic.
I like this idea a lot. Encrypted Warts.
EW standard.
Here are some research links to read.
- Encrypted Variable Tokens: The Next Generation of Innovative Media Assets
- https://www.newtonproject.org/en/evt/
- The Future of NFT Is EVT, the New Game Changer Token – Press release Bitcoin News
- “NFTs are static, while EVTs are dynamic. EVTs allow certain aspects of the metadata to be re-programmed. Ultimately, EVT functionalities solve the residual royalty problem for creators. With EVTs, a creator can continuously enjoy a percentage of royalties as the content/metadata continues to be traded. NFTs weren’t designed this way because of security issues surrounding the coded language.”
- (Not so relevant) https://www.researchgate.net/publication/356339205_Understanding_Security_Issues_in_the_NFT_Ecosystem
- How to Make NFTs Secure? - Merehead (Not applicable)
- https://apptainer.org/ (Encrypted docker containers. Just FYI)
- Wonder if we should submit a ZIP (EIP-721: Non-Fungible Token Standard)
Not much out there on embedded encrypted data in NFTs.
Interesting discussion about Sign in with Ethereum where they discuss data vaults to store information.
These guys are working on the identity standard
Wonder if there is anything we can learn about their data vault.
I checked your PoC and tried to familiarize myself a little with these concepts.
I understood you’re proposing to just add an encrypted payload to the file and the solution does not necessarily need to use LSB or BPCS. Would the benefit of using LSB or BPCS be that it would be harder for an outsider to determine the file has something hidden in it?
Why would encrypting the embedded contents make those methods not work?