373 total views
How it works
The top ~250,000 users on github have had their SSH keys and PGP added to a
merkle tree. Out of those ~250,000 users, ~175,000 of them had valid
SSH and PGP keys at the time of tree creation.
If you had 15 or more followers on github during the week of 2019-02-04,
your github SSH & PGP keys are included in the merkle tree.
Likewise, roughly 30,000 keys from the PGP WOT Strongset have also been
included in the tree.
As a final addition, Hacker News accounts which are linked with Keybase
accounts are included in the tree provided they were ~1.5 years old during the
This merkle tree is computed and its root is added to consensus rules of the
Handshake blockchain, allowing the owner of a key to publish a signed merkle
proof on-chain in order to redeem their airdrop.
With the final mainnet key list, every open source developer will receive
4,246.994314 HNS coins from the airdrop.
There are a few gotchas: we do not allow standard PGP signatures on the
consensus layer. This is done for simplicity and safety. This means that a
regular call to
$ gpg --sign will not work for handshake airdrop proofs. As
far as SSH keys go, people typically do not sign arbitrary messages with them.
Because of this, we require a special tool to do both the signing and merkle
An airdrop to Github and PGP users presents an obvious privacy concern: Github
and PGP keys are generally tied to a person’s real identity. While impractical,
a determined analyst could link an on-chain airdrop redemption to a
To solve the privacy issue in a non-interactive way, a 32 byte nonce has been
encrypted to your public key (you will have to grind a file full of
many ciphertexts to find it). For EC keys, this nonce is treated as a scalar
and is used to derive a new key from your old one. For RSA keys, a much more
complicated setup is necessary. In either case, once your new key
is derived using this nonce, you will be able to find its corresponding leaf in
the merkle tree published above.
Publishing a signed airdrop proof using this method does not leak any
information about your actual identity.
The full list of keys will be destroyed upon mainnet launch. Plaintext nonces
are not saved at all during the generation phase. The ephemeral keys used for
the ECIES key exchanges are also not saved.
If you’re uncomfortable having third party software access your PGP and SSH
keys, you are always able to generate this proof on an air-gapped machine. QR
code generation will be added to this tool for convenience (eventually).
Fallback for HSMs
Not everyone keeps their SSH and PGP keys on their laptop. In the event that
your key is not accessible by the signing tool, the signing tool can present
you with the raw data needed to be signed. Your regular key is also included
in the merkle tree (concatenated with a random nonce, seeded by the encrypted
scalar to preserve privacy). Unfortunately, this will forgo the privacy
preservation mechanism described above.
Accepted Key Algorithms
To simplify consensus implementation, we only allow the top 3 most popular key
algorithms used on github:
- RSA (1024 to 4096 bit modulus, e <= 33 bits) – See the Handshake paper as
to why 1024 bit moduli are considered acceptable.
- P256 (NIST curve)
Faucet Participants and Sponsors
This tool also allows for the creation of proofs for faucet recipients and
sponsors. See the usage below for details.
$ hs-airdrop -h hs-airdrop (v0.7.0) This tool will create the proof necessary to collect your faucet reward, airdrop reward, or sponsor reward on the Handshake blockchain. Usage: $ hs-airdrop [key-file] [id] [addr] [options] $ hs-airdrop [key-file] [addr] [options] $ hs-airdrop [addr] Options: -v, --version output the version number -b, --bare redeem airdrop publicly (i.e. without goosig) -f, --fee set fee for redemption (default: 0.1) -d, --data data directory for cache (default: ~/.hs-tree-data) -h, --help output usage information [key-file] can be: - An SSH private key file. - An exported PGP armor keyring (.asc). - An exported PGP raw keyring (.pgp/.gpg). [id] is only necessary for PGP keys. [addr] must be a Handshake bech32 address. The --bare flag will use your existing public key. This is not recommended as it makes you identifiable on-chain. This tool will provide a JSON representation of your airdrop proof as well as a base64 string. The base64 string must be passed to: $ hsd-rpc sendrawairdrop "base64-string" Examples: $ hs-airdrop ~/.gnupg/secring.gpg 0x12345678 hs1q5z7yyk8xrh4quqg3kw498ngy7hnd4sruqyxnxd -f 0.5 $ hs-airdrop ~/.ssh/id_rsa hs1q5z7yyk8xrh4quqg3kw498ngy7hnd4sruqyxnxd -f 0.5 $ hs-airdrop ~/.ssh/id_rsa hs1q5z7yyk8xrh4quqg3kw498ngy7hnd4sruqyxnxd -f 0.5 --bare $ hs-airdrop hs1q5z7yyk8xrh4quqg3kw498ngy7hnd4sruqyxnxd
Note that if you ran
hs-airdrop before mainnet, you will need to upgrade to
the latest version of hs-airdrop and clear the cache (
rm -rf ~/.hs-tree-data).
- Copyright (c) 2018-2020, Christopher Jeffrey (https://github.com/chjj)
- Copyright (c) 2018-2020, Handshake Contributors (https://github.com/handshake-org)
See LICENSE for more info.