Hi Daniel, fascinating stuff. Can’t help but think of this old xkcd comic: https://xkcd.com/538/
Onno ter Wisscha

Thanks for writing. It is focused on both the online and real world.

I do specifically talk about that type of attack. In essence it is no different from today’s attacks, in that someone can rob you and take your ID and wallet and do damage. Any attack involving physical violence is the most difficult to defend against in any system. Today we have virtually no defense against it. I talk about how alerts go on your credit cards, etc, but it is imperfect at best. My sister was the victim of fraud once and they attackers just kept opening cards in her name and some of the attempts were missed, despite alerts that said they are supposed to get her authorization for any new Visa, Mastercard, etc. The attacks just spam open accounts and a few will hit.

We are looking to deal with it in two ways. One way we are considering is offering a “coercion” password that would allow transactions to be conducted for a time and then automatically reset as if they did not work. That possibility has some problems as people could potentially use it for fraud, to scam merchants, so that is still in discussions.

It’s important to note that they would have to rob you and beat you and force you to tell them your password as well. Just grabbing your phone or ID is not enough, as it uses the blockchain to enforce strong password choices, including a rainbow table of crappy passwords that are not allowed. So theoretically everyone will have a strong private/public key with a strong password.

In the event that someone does steal the ID, the advantage of biometrics is that you have a built in verification that you own the ID. So if you’re robbed you can go to planned third party proof of stake companies or government entities like a court and they can scan your eye to deduce that you were robbed and someone else has your ID. At that point there is a procedure where the court or ID company can reset that ID to a fresh one, by you and them signing authorizing jointly that the key should be reset. The old key would then be blacklisted in the blockchain, unusable for contracts, monetary transactions, etc, and your newly generated key would now supplant the tainted one. This is a very effective method versus how it works today, which doesn’t work at all.

All of that is discussed in the paper and more.

Thanks for your questions.