Using the NFC Chip of the Passport to Do Proof-of-Work

Finding ASIC, FPGA and GPU resistant hashing algorithms to perform a more equitable proof-of-work that would even let Smartphones participate on an equal level with computers has been a long term problem and so far there are no good solutions to it.

I myself didn’t believed there could be a solution until very recently when I got an epiphany while working with the “active authentication” feature of the passport.

Let me explain, biometric passports have been equipped with an NFC chip since their introduction 15 years ago.

Many of these passports have a feature called “active authentication” that verifies if the NFC chip has been cloned or not.

To do so the verification terminal sends a challenge to the NFC chip, a private key contained in the chip then signs the challenge and returns the signature.

It is also noteworthy that the NFC chip’s private key cannot be extracted from it, at least not easily and that it’s public key is signed by a Document Signing Certificate from the government.

So how could this help with POW?

Well, signing a challenge with a private key is similar to using sha256 or any other hashing algorithm in the sense that it will create an unpredictable and unique output for any provided input.

In this scenario passports would try to mine a block by signing it, until they find a signature that matches a certain difficulty requirement just like it is the case with the classical POW.

It is to assume that passport chips are similar enough so that they would provide a similar signing rate per second. Making it probably the most egalitarian POW mechanism that could exist.

This is how passport mining could look like, the passport or the left is using a smartphone, the one on the right an NFC reader connected to a computer

Conclusion

I am surprised that so little has been done to combine the NFC capabilities of passports with the blockchain and hope that this field will be explored in the future.

The passport POW is an interesting approach and this is why I decided to share it here but it faces some problems. What if a hardware hacker is capable to recover the private key from the NFC chip for example? I am not expert enough to say how realistic this is.

Related work

Some related work has already be done in the direction:

ubic.app — Is using the NFC chip to distribute newly minted coins to people who have authenticated the NFC chip of their passport (similar to what described previously but without mining), about 10,000 passports are registered on the UBIC blockchain.

q.org — Q was intending the NFC chip of the passport to distribute their coin. The project is now defunct despite having them spend $500,000 on the domain name.