Introducing Nihilium


Revolutionizing cryptography-based applications

This article is about giving insight in why I think this protocol is so damn significant for the crypto space and to give a bit of history and perspective on how the Nihilium protocol came to be!

As Nihilium solves one the mayor barriers to mass adoption of cryptography based applications.

The problem

Most of the early adopters in the crypto(currency) world understood that blockchain gave great individual power but that it came with great responsibility. In this case, the responsibility for your private keys. Early adaptors of cryptocurrency understood the gravity of what they were doing and were fine giving up a user-friendly experience if it meant absolute control over their assets. Quickly convenience and dollar signs won terrain and we saw cryptocurrencies' first massive trust failure in the form of the hack of Mt Gox where many users lost their bitcoins.

Quite frankly, since then not a whole lot has changed, yes exchanges are more secure, yes wallets are more secure, and strong reputations have been built. But there is still a glaring issue lingering in the background …

And what is better than to introduce this issue with a quote from an excellent article by Vitalik Buterin:

‘One of the great challenges with making cryptocurrency and blockchain applications usable for average users is security: how do we prevent users’ funds from being lost or stolen? Losses and thefts are a serious issue, often costing innocent blockchain users thousands of dollars or even in some cases the majority of their entire net worth.’

Today, secure wallets come with warnings, instruction sets, and a whole set of best practices to keep your private keys and seed phrases secure. From my own experience creating a decentralized application for artists, this was a humongous barrier to overcome in order to get ‘grandma’, an artist or really anyone to use a cryptography first application.

‘Please use our app to secure and timestamp all your artistic work with a huge sign: if you lose this random number, you are done for’ wasn’t really helping for adoption. For most this is just daunting, a no-go, we live in a society where most individual responsibilities are paid off by either taxes or insurances. For the majority of cases, this works fine and for non-critical data the impact is often neglectable, therefore, for most cases, most of us trust it if a company says they won’t secretly share that data, because there is a law. As long as we get to blame someone we prefer user-friendliness over security.

(Re)defining the problem

As definitions are important: what exactly IS the problem of ‘key-recovery’?

It is simply the ability to recover your private key when you lose it, like when your kid thinks it can dry your phone with your keys on it in the microwave oven.

At face value, a solution for this looks quite straight forward: print it and store it somewhere safe. This is exactly what a lot of people have been doing. I don’t think I have to explain that spilled coffee, leaks, fires, or having small children can be a problem here. Now that only was the issue of losing the paper(or storage device). What if someone finds it? And do you really want to do this all the time you want to use some service? Every time you install an app and go through this process?

I can write pages of examples and detailed ways to protect one’s private keys but I am going to skip to the end conclusion of every single one of those methods.

In the end you always need to trust a person or multiple people to reconstruct your keys.

At the same time, these parties can conspire at any point to obtain your keys without you ever knowing it and without any repercussions. There is no other mechanism than plain old trust that prevents this from happening.

This is exactly where Nihilium comes in, a first off its kind security protocol that solves the trust issue that comes with unattended access to secret information.

A first off its kind security protocol that solves the trust issue that comes with unattended access to secret information.

Nihilium does this by making the encryption and decryption part of a staking-based public node system, set up as a fairness protocol. Enforcing publication of intent, in other words: you get a message -prior- to someone’s capability of accessing the encrypted information.

It seems small, ‘just enforce a message’, but the implications of this feature cannot be overstated.

As I believe this is a missing piece of the puzzle to finally make cryptography-based applications user-friendly and ready for mass adoption. No longer large explanations on how to keep your keys safe but secure trustless custodian integrations by a wallet provider or a decentralized social media platform. Custodians? Yes, the breaking change that comes with Nihilium is that you no longer need to trust your custodians! You get to validate their honest behavior independently!

It is however important to empathise that Nihilium became so much more than a solution for this particular problem.

‘Receiving a message’ is only the simplest building block provided by Nihilium. The protocol can easily extend to different rules as long as the order of events and timings can be verified, which is exactly the unlying role of blockchains.

For example with time locks, allowing a time delay between publication and the physical access to said data. Allowing you to either intervene or move your crypto’s if you suspect suspicious behavior.

It naturally doesn’t stop with just time-locks, all sorts of signature and timing-based features are supported, like approvals signed by specific actors, access revocations, accessibility from a certain time, accessibility until a certain time, access based on cryptocurrency payments, and much more. To give a small hint of what is possible I want you to take a look at the commitment scheme (flowchart) below. It shows a use-case of inheriting crypto-currencies and is a combination of all sorts of mechanisms that need to evaluate to true before access is granted to private keys that relate to the inherited coins.

If someone wants to claim the cryptocurrency secured by the Nihilium protocol it will require a death certificate provided by a government-approved agency and a signed notary approval provided by the creator of the commitment scheme. If both conditions are met and a month has passed without the death certificate being revoked the Nihilium protocol actors will process the key-regeneration process when requested.

It is important to keep saying this, because it makes Nihilium unique, is that during this time the holder of the inherited cryptocurrency has the file locally available but won’t be -able- to access it! Neither can the government issuing the certificate, nor the notary can. The nodes actually performing the key-regeneration process -could- potentially conspire like in a tranditional setting but they would generate proof of cheating and would risk losing their position and stake in the protocol.

So how?

At its very core Nihilium is a ‘scalable blockchain agnostic staked fairness protocol that provides distributed key generation.’

Now that is a mouth full of buzz words so let’s break it down;

Distributed key generation: each participant in the protocol generates numbers that are signed together with a commitment scheme, committing them to a particular scheme. Allowing a set of rules where revealing information will -not- lead to losing stake.

Fairness protocol: For a good explanation see this video:, Nihilium utilizes recovery schema’s where protocol participants commit to every interaction. By committing they stake a very small amount of currency creating a ‘split and choose’ setup of interactions where the slightest deviation from the protocol leads to detection of dishonest behaviour.

Staking: If protocol participants reveal information on a different stage in the schema the receiver has immediate proof of cheating and gets to ‘slash’ a node and claim their stake. The protocol itself doesn’t require any costs to operate, 100% of the stake can always be reclaimed, given certain requirements.

Blockchain agnostic: The protocol is not tied to any blockchain platform and is developed to run across multiple chains simultaneously in order to upgrade across chains with the goal to outlive them. The only requirement Nihilium sets is: ‘ funds locking’, being able to prove merkle trees with proofs a max size of ~64kb and elliptice curve signature validation. For most platforms, 64kb can become crazy expensive but it is only utilized when conflicts occur and stake is at risk.

Scaling: The protocol is not limited by the capacity of underlying technology. The transaction requirement is constant over time and independent of usage, allowing Nihilium to be independent of the blockchain technology used. Making it horizontally scalable.

That sounds great but….

Now we know that Nihilium offers some unique features that are not limited by the scaling issues of blockchains, it is also important to know what Nihilium can’t do and what its limitations are.

Nihilium does not provide operational security: you cannot build a wallet with the protocol, the security of ‘hot keys’ is still the responsibility for the application, what Nihilium does offer is a way to give your key to anyone and recover them and be sure no-one has ever seen them. But making it able to store your keys somewhere securely, operational security can become much better since Nihilium can be used as a fallback mechanism for many intermediary steps, like pin-codes or passwords.

Nihilium does not provide security beyond the first time of accessing data: once data has been viewed it means it is ‘plain-text’ on the given device and out of control of the protocol. The applications can implement deletion after opening but this is no longer controlled by the protocol itself. Nihilium protects that what needs to stay secret until it is revealed. Sending pictures around on a messenger that are intended to be viewed immediately is overkill for Nihilium. Unless, you want to be absolutely sure someone received and viewed the picture.

Nihilium, the protocol, does not guarantee access to files, everything is calculated and encrypted locally. You are still responsible for distributing the encrypted data yourself. It does allow you to distrust anyone, however the protocol itself is not a transport layer. Nihilium, the company, will provide services to do this and will provide API’s for seamless integration, others are encouraged to do so too. That is exactly what will make Nihilium decentralized and allows for cross-validation.

Because the protocol is staked there is a game-theoretical limit to what you should secure. You can make all sorts of formulas to how much this exactly is but a rule of thumb would be: the value of the data (private keys to cryptocurrency) of a single entry secured by the protocol is game theoretically at riks if the stake of the nodes processing your commitment scheme is lower then your then what it is that you are keeping secret.

The significance of Nihilium

Now, every founder will claim its product will revolutionize the world, I am no different in that regard. In conversations, I had some jaw-dropping reactions to what Nihilium is solving but most replies and reactions were somewhat like: ’so you get a message when someone opens a file, isn’t whatsapp also doing that?’

But when I had the first proof of concept set up, I immediately got this unnerving exciting feeling. A similar feeling I had when I finally ‘understood’ bitcoin and also when discovering the concepts of bittorrent and IPFS. ‘The insight that it will change the operating landscape’.

Now clearly after some conversational try-outs, I haven’t found my perfect pitch yet but let me try to convey this same feeling with some examples where Nihilium provides a crucial role in protecting data and how it opens up new ways of securing data and how this can create completely new markets.

‘Forgot my password’

As explained in the key-recovery inheritance diagram above, Nihilium provides the necessary tools to properly implement private key recovery in a purely digital and transparent way. There are countless commitment scheme options that will support different use-cases with different levels of security and usability. But finally, decentralized cryptography-first applications are possible with a user-friendly ‘forgot my password’ option, hello decentralized social media for the masses!

Trustless custodian services

Because you can authorize access to certain data it no longer matters where this data is stored, as long as it is available, meaning you could also use decentralized storage like IPFS, Swarm, SIA, or even Dropbox to keep your data available. However, these new custodian services are a more generalized version of ‘key recovery’ or ‘forget my password’ functionality but could employ inherently centralized tasks like two factor authentication or active persuing of notifying access (calls, emails, telegram notification etc) without requiring traditional trust that comes with traditional custodians. Moving the service from ‘keeping your data secret’ to ‘keeping your data available’.

Truly autonomous devices

When autonomous devices would generate their own keys the problem arises as to what to do with their wallets once the device is broken. With Nihilium it is possible to let the device give custodial access to the manufacturer or owner and as long the device is able to operate it means it would be able to deny anyone access to its funds. But once broken the funds can get reclaimed!

Fully enabling self-sovereign identity

A lot of the self-sovereign identity applications don’t have a good solution as to what to do with the loss of information or the loss of keys -and- being able to claim they are fully self-sovereign. Private key recovery was already discussed but this also applies to securely store assertations and verifiable credentials. Because once losing your keys you also lose your claims, being able to recover these claims in a seamless matter will make SSI massively more useable.

That is beside the fact that Nihilium can make any Verifiable Claim or future claim part of the secret generation/recovery process. Giving SSI a technical benefit over traditional systems where someone else is always responsible for securing certain data.

Privacy-friendly emergency access to location data.

There are plenty of location-sharing apps already and all of them will share your location data plain-text through their services. With Nihilium it becomes possible to actively share your location data but know for certain no-one is secretly spying on you. Not the service provider, nor a hacked version of the app. No one knows your location because it never leaves your device in a readable format and if someone does access your location, you would immediately know! You can even only share your last two hours, and the receiving side would have no way to look back any further than that. Creating a level of trust and privacy that is unprecedented.

(I am actively developing this use-case!)

Verifiable delay functions

Because allowing for decryption based on ‘time elapsed’ it becomes possible as an application to mimic verifiable delay functions. Allowing, for example, decentralized lotteries where players can commit data and share it with everyone and have the contents revealed at a specific point in time, with precommitment the selection process everyone gets to calculate the proof of whether they are the winner or not. (For the techies, this is application level, not consensus level, it requires prior agreement on some form of elapsed time that is not CPU cycles)

Cryptocurrency payment based decryption

Since conditions on of opening Nihilium data need to be retractable to specific hashes on the blockchain that a smart contract can validate, it becomes possible to have payments as a condition within the commitment schemes. Meaning that I can transfer private keys of an asset(including zk-proofs) to you based on the conditions that you need to pay a certain amount of crypto prior to being able to open it! Allowing for many interesting features in relation to decetralized exchanges and (NFT)marketplaces.

Each of these examples could use their own post to fully explain. But I hope to have given an insight into what new functionality is made possible with the Nihilium protocol. To me, with Nihilium, some of the largest hurdles for usability that come with decentralized technology now have a clear path to a solution, and that is exciting!

What is next?

As this technology was only ‘invented’ recently I am still very much looking for help in any form. Be it marketing, legal advice, financing, cryptographers, developers , testers, or clients, I am going to need all the help I can get, so if you feel like getting involved:




Or mail:

Thank you for reading and feel free to share!

Join Coinmonks Telegram Channel and learn about crypto trading and investing

Introducing Nihilium was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.