One of the key security principle we observed, in designing the blockRings™ is the resilience to “corruption”.

if someone what to misbehave let’s him do it… however he is exposed !

That is why we use “open-hash” function in our “content-addressable-storage”.

In fact it is a rather a KVS as there is no provision for someone not to change the content pointed by a certain key.

The hash-function is differed to the application layer, consequently a blockRing™ blob is

[addr=hash(data),data]

This allows us to use keyed-hash (HMAC) to sign the blocks and provide a forward chain for distributing mutables

We use KeccakMAC with a length of 224 for our cryptographic-hash-function

what does it means that if someone create collision or use a non-secure hash, well it will mean that the associated payload is simply “anonnymously” modifiable. by adding signatures to the block we “premissionned” the blockRing™ exposing, all misbehaviors.

As a consequence all “payload” can be corrupted and we validate it when we use it by checking its message authentication code, the keys used for the authentication are distributed via a “one-time-key-chain