| Neat project! I thought up a trustless scheme for this a while back, but it's beyond my means to implement: You can encrypt an entire circuit with homomorphic encryption, which users can run without decrypting its internal state. Construct a device like so: Inputs:
1. Ethereum block
2. Previous run-state (encrypted) or zeros. Outputs:
1. Next run-state (encrypted)
2. Decryption key (if triggered) or zeros (if not.) Internal state:
0. Hash difficulty range
1. Hash of previous block seen
2. Pubkey to scan for
3. Counter of # blocks seen without a tx signed by pubkey. If you feed the device more than 1 week of blocks without a tx from pubkey, the accumulator hits zero and it spits out the secret. An attacker would have to mine 1 week of blocks at hash power IS.0 in order to trick the device into spilling its guts. If you die, and don't send txs for a week, anyone with the device can play a week of blocks into it and the secret will pop out. Unfortunately, homomorphic encryption is still too slow for this to be quite feasible. Food for thought though! And you can build this today with SGX, if you trust that. |