BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Bob McElrath

Bob McElrath contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Cryptography and Securityhep-ph

Trust snapshot

Quick read

Trust 17 - UnverifiedVerification L1Unclaimed author
4works
0followers
2topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

4 published item(s)

preprint2020arXiv

Bitcoin Covenants: Three Ways to Control the Future

A bitcoin covenant is a mechanism to enforce conditions on how the control of coins will be transferred in the future. This work introduces deleted-key covenants; using pre-signed transactions with secure key deletion. With this, a general class of covenants are possible without introducing new security risks to bitcoin. There is a range of security models for the key deletion process, but this is subject to a security-convenience trade-off and requires interactivity in a multi-party context. On the other hand, this work makes a compelling case for what can be gained through a soft-fork upgrade to the signature hash system [Dec17] which enables recovered-key covenants through elliptic curve key recovery. This has similar properties to script-based covenant mechanisms proposed previously [Rub20]. Key factors are discussed and compared for the three covenant mechanisms, including; the enforcement process, methods for proving accessibility of funds and whether or not they are bound by a covenant, methods for dynamic fee allocation, the underlying cryptographic assumptions, and their feasibility in single-party, hierarchical and adversarial multi-party contexts. Despite the relative downsides of deleted-key covenants, they are a practical tool for custody protocol design. The comparison shows precisely how soft-fork proposals improve the practicality of bitcoin covenants, through non-interactive enforcement and tighter cryptographic assumptions, to enhance custody protocols and enable some adversarial applications such as payment protocols.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Custody Protocols Using Bitcoin Vaults

A bitcoin \textit{covenant} is a mechanism to enforce conditions on future bitcoin transactions. A bitcoin \textit{vault} is a specific type of covenant transaction that enforces a time-lock on the transfer of control of funds to a hot wallet, but enables an immediate transfer of funds into a deep cold recovery wallet. This paper demonstrates how to integrate a bitcoin vault into a custody protocol and demonstrates the security properties of that protocol. The vault is implemented using pre-signed transactions with secure key deletion (as proposed in \cite{Swambo2020cov}). It is shown that vault-custody protocols enable the wallet owner to specify their desired balance for an inherent trade-off between the security of and accessibility of bitcoin holdings by adjusting the length of time-locks used. It is also demonstrated that wallet owners have increased control of risk-management by compartmentalizing funds across numerous vault transactions. While it isn't realistic to completely prevent theft, the most likely theft scenarios (compromising the hot wallet) have severely limited profitability for an attacker, deterring attempts at theft from the beginning. The proposed architecture was designed to offer defence-in-depth through redundancy and fault-tolerant functionality as well as countermeasures for class breaks through diversity across hardware and software layers. Finally, the architecture employs a detection (a watchtower) and response system that enables fail-safe recovery from attempted or partial thefts through a second type of covenant transaction, a push-to-recovery-wallet transaction.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Accurate Mass Determinations in Decay Chains with Missing Energy: II

We discuss kinematic methods for determining the masses of the particles in events at a hadron collider in which a pair of identical particles is produced with each decaying via a series of on-shell intermediate beyond-the-SM (BSM) particles to visible SM particles and an invisible particle (schematically, pp -> ZZ + jets with Z -> Aa -> Bba -> Ccba -> ... -> cba... + N where a,b,c,... are visible SM particles or groups of SM particles, A,B,C,... are on-shell BSM particles and N is invisible). This topology arises in many models including SUSY processes such as squark and gluino pair production and decay. We present the detailed procedure for the case of Z -> 3 visible particles + N and demonstrate that the masses obtained from the kinematic procedure are independent of the model by comparing SUSY to UED.

0 citations0 reviewsNo code linkedOpen access
preprint2004arXiv

Loop induced decays of the Little Higgs: H --> gg, gamma gamma

We analyze the loop induced decays of the Higgs boson into pairs of gluons and photons in the Littlest Higgs model. We find that the deviation of the partial widths for these decays relative to their Standard Model values scales with 1/f^2, where f ~ TeV is the mass scale of the new heavy particles in the model. For f = 1 TeV, Gamma(H -> gg) is reduced by 6-10% and Gamma(H -> gamma gamma) is reduced by 5-7% compared to their Standard Model values. While the LHC and a linear e+e- collider would be sensitive to these deviations only for relatively low values of f <~ 650 GeV, a photon collider could probe the deviation in Gamma(H -> gamma gamma) up to f <~ 1.1 (0.7) TeV at the 2 (5) sigma level.

0 citations0 reviewsNo code linkedOpen access