[E-Lang] Ownership certificates via capabilities?

hal@finney.org hal@finney.org
Thu, 1 Mar 2001 09:54:15 -0800 

Ben Laurie writes:
> The capability could be one that allowed you to play the card _on behalf
> of a particular player_ - so stealing it would not give you the card,
> though you would get the ability to play it inappropriately - however,
> you can fix that by setting things up such that only the player whose
> turn it is can play at all (which can be done by handing out "turn"
> capabilities to the "game process") - then if someone tried to exercise
> their capability out-of-turn, they wouldn't be able to (their turn
> capability would not yet be valid), and in-turn, it wouldn't work (their
> card capability would be linked to the wrong player).

What I'm trying to get at is, in an off-line environment, the two parties
can only have capabilities to each other.  In other words, could you
write a program in (distributed) E which would solve this problem?

Actually I do have an idea now, which may be similar to what Ben had
in mind.

Before meeting, during an online phase (perhaps when the player buys
his cards from the manufacturer), each player grants to the manufacturer
capabilities similar to what Ben suggests.  These capabilities represent
"the authority to play card such-and-such".  They could be time-limited
or one-use, etc.  They would be capabilities TO the player himself, for
every card in the game.  If someone presents such a capability to him,
the player agrees that they are considered to have that card.

At the same time, the player would receive capabilities to represent his
own cards.  For this solution to work, these capabilities would have to
be accepted by any other player whom they might meet.

This is where an E solution seems to have problems.  The trivial method
would be to give each player a bundle of capabilities to every other
player in the world, that represents a given card.  So if Alice has the
Gremlins card, she gets a capability to Bob that lets her "play Gremlins",
a capability to Carol that lets her "play Gremlins", and so on, for
every player in the world.  This bundle would represent the Gremlins card.
When she then went to play against someone, she could use the appropriate
capability for that person, and the game could proceed.

With cryptography we can efficiently create a sort of "meta-capability"
that can be accepted by anyone.  Anyone can verify the PK signature and
know that the game manufacturer has issued the card.  But I don't think
E has a notion like this.

If the players knew in advance whom they were going to play against
off-line, the bundle method could actually work and perhaps even be
practical; they could just get the capabilities they need beforehand.
And even if not, the bundle solution still works in principle.  So I no
longer think that it can't be done in capabilities, and more specifically
that it can't be done in E.

Hal