Matthew Roberts and Elías Snær Einarsson, two developers who have been active in the crypto space, recently proposed and published a new technology known as timechain.
Simply put, the timechain is a chain of keys that can be used by anyone to encrypt any information for a certain period of time. It introduces proper incentives for the people who create and maintain the chain, hence the system is considered a decentralized autonomous company (DAC).
The idea received quite some attention, as it claims to offer genuine security improvements for the crypto space. A lot of people have made attempts to use the element of time in cryptography, as it can solve many daily problems. Think of a trustless auction where people’s bids are revealed after a specific amount of time without relying on any third party.
But how can we tie cryptography, the science of secrets, with time?
Cryptography and Time
Machines, despite being fast compared to humans, require a processing time for completing actions. A more complicated process results in more computations by a machine, which obviously requires more time to be completed. One good example can be bitcoin mining, which requires roughly 10 minutes for miners to compute the puzzle and propose a block to the blockchain.
So assuming we use a known input and generate an output using this complicated, long-running process like continuous hashing (Hashing is perfect since it’s a one way function and can’t be inverted) by machines and then use the generated output as an input in the science of cryptography, for example using the output as a cryptographic key to encrypt information.
Once the encryption is completed, if we can get rid of the output that was generated earlier, we are only left with that known input, with which we started off. Decrypting that information can only be done with the output that we got rid of and the only way to generate that output now is to apply that long-running process again to the input.
Therefore, now we can consider our information time-locked. The time that is required to unlock that information is the time needed to generate that output again. This is the basic concept time-locked encryption that was proposed in 1996 by Rivest and Shamir (two of the well-known cartographers of all time).
Time-lock encryption has two steps. First step is to time-lock an input using a long-running process and the second step is to redo that process to achieve the same number again. The first step can be done using parallel processing concurrently to speed the process up whereas the second step can only be done in sequence to find the right output.
So now the question is who’s going to perform this long running process?
Maintaining the Timechain
Timechain creates a process that anyone can participate in, just like mining, and generates a chain of locked numbers roughly every five minutes. The incentive for participant is a fee that is paid by those who want to use the service.
Cointelegraph asked Matthew Roberts about who initially maintains the timechain and what problems can it solve initially. He said:
“To start with: we are. We're building the timechain to solve a very specific problem with smart contracts called transaction malleability. TX malleability effects refund protocols in smart contracts, and in order to fix them you have to rely on third parties to hold private keys. The timechain allows us to provide a refund service for our smart contracts (or anyone’s) which can't be hacked because of how the service is enforced.”
But how do we make sure that those who create these outputs are throwing them away and not storing them? There is no guarantee that those who generate the output using hash functions will delete them. Roberts replied:
“If the service in question wants to keep parts of the timechain around, they can, but it would defeat the security benefits of using a timechain and that wouldn't make much sense to spend so much money on computations and then not generate the timechain correctly. That's not to say that a single timechain should be trusted. In the ideal scenario, you would use your own timechain for things like wallets, and companies would each generate their own. But if you absolutely have to, you can always use a threshold scheme where information is encrypted with multiple timechains in such a way that a threshold can fail without being able to compromise the time-lock.”
Roberts continued by mentioning a few other problems with the current paper. “There's a few more problems left with the timechain that will be fixed in v2 of the paper, like the double-spend problem with financial incentives and our messy blockchain idea,” he said. “Not big issues, just requires us to propagate rewards up the chain and gives the first person who gets to a reward the ability to hide it for around 10 minutes, so they have chance to claim it before another person arrives.”
Ultimately timechain addresses a few security issues and tries to solve these problems by using time-lock encryption and creating a decentralized autonomous corporation with the right incentives for its maintainers to build these time-locked keys.
While it still has a few technical challenges, it certainly holds a lot of promise and we need to wait to see the second paper describing their practical system before judging this technology.