Handshake Airdrop 101
What is it?
The Handshake airdrop is an anonymous and permissionless airdrop of Handshake coins to the open-source community. The goal of the airdrop is to incentivize the open-source community to participate in and grow the Handshake ecosystem. That said, you are under no obligation to do anything with your coins if you receive the airdrop.
Who is included in the airdrop
You are included in the Handshake airdrop if you
- Have a GitHub account with over 15 followers. Your GitHub account must have an SSH or PGP key associated with it. View GitHub claiming instructions
- Have a PGP key in the PGP Web of Trust Strongset. View PGP claiming instructions
- Have a Keybase account with a verified Hackernews account. Your HN account must be >1.5 years old. View Keybase claiming instructions
Note: Handshake.org had a hosted airdrop that you could sign up for before they implemented the decentralized airdrop. If you received coins from the hosted airdrop, you can import your coins to Namebase via these instructions.
How the airdrop works
The Handshake airdrop works similarly for GitHub, PGP, and Keybase airdrop recipients. The key premise is that the public key associated with an airdropped account included is used to verify identity (i.e. GitHub exposes your SSH public keys). The Handshake team downloaded the public keys of everyone included and added them to a merkle tree. This merkle tree is computed and its root is added to consensus rules of the Handshake blockchain, allowing the owner of a key to publish a signed merkle proof on-chain in order to redeem their airdrop.
An airdrop to Github and PGP users presents an obvious privacy concern: Github and PGP keys are generally tied to a person's real identity. While impractical, a determined analyst could link an on-chain airdrop redemption to a person's identity.
To solve the privacy issue in a non-interactive way, a 32 byte scalar has been encrypted to your public key (you will have to grind a file full of encrypted blobs to find it). For EC keys, this scalar is meant to be added to your existing key pair (a la HD derivation). For RSA keys, a much more complicated setup is necessary. In either case, once your new key is derived using this scalar, you will be able to find its corresponding leaf in the merkle tree published above.
Publishing a signed airdrop proof using this method does not leak any information about your actual identity.
The full list of keys will be destroyed upon mainnet launch. Plaintext nonces are not saved at all during the generation phase. The ephemeral keys used for the ECIES key exchanges are also not saved.
Why does the airdrop need to use my private key?
The Handshake airdrop utilizes Goosig, a new technology invented by the Stanford Center for Blockchain Research which allows for the creation of signatures originating from RSA private keys without revealing the RSA public key. This lets recipients claim their airdrop anonymously, without revealing any information about their public key, which could otherwise be used to de-anonymize anyone who claims their airdrop. This is why the Handshake airdrop tool needs to use your private key instead of working with standard SSH signatures.
I don't trust the airdrop tool. What can I do?
There are three options you can use if you don't trust the airdrop tool
- Read the source code - The full source code of hs-airdrop is available here. The function that uses your private key is findNonce.
- Claim on an air-gapped machine - View the instructions for claiming on an airgapped machine in the hs-airdrop README.
- Deprecate your key - Deprecate the public key included in the airdrop and generate a new one for GitHub, PGP, or Keybase. This way you can claim your coins using your deprecated key even if you don't trust hs-airdrop. It's also better for security if you rotate your keys every so often!