How is that supposed to work? Blockchains are public, they don't keep secrets.

> then even if you get a copy of the asset you can't do anything with it without using the chain.

Sure can. Take the key off the public chain, put it on pastebin. Done.

> you can't replace it either because that would change the signature,

Sure can. Yeah, signatures may change. But that only matters to the extent that people do. The chain has no effect.

> and the owner can just reupload his original copy with the correct signature.

What owner? I still have no idea what you're envisioning here. What's this for? What purpose does it serve? How does it do that technically?

you can store encrypted data on the chain. if i sell you a movie, i can give you the encrypted movie and use your public key to store an encrypted message with the key to open the movie. that way i can use a smart contract on the chain to track if you opened the movie.

Yeah, signatures may change. But that only matters to the extent that people do. The chain has no effect.

if the signature is on the chain and the chain is used to verify your ownership claim, then how exactly does the chain have no effect?

What owner?

the owner of the digital asset. an NFT for example, let's ignore for a moment that NFTs are stupid. or a movie. the purpose that it serves is to track the ownership of an asset. sure, you can make a copy of it. but you don't own that copy. if i discover that you made a copy, i can charge you with theft (see piracy) because i'll use the chain as proof of ownership and i can prove that you don't own your copy.

i am not saying that we want this. i am not a fan of blockchains. but to my understanding this is how they can be used.

That's not going to work. Any encrypted material in the blockchain is public. Any algorithm in it is also public. So I can just execute the code by hand, skipping any tracking code.

> if the signature is on the chain and the chain is used to verify your ownership claim, then how exactly does the chain have no effect?

This is all contingent on everyone caring about what the chain says. If I get hold of the movie and the key, the chain may say you own the movie, but I don't care. Now what?

> the purpose that it serves is to track the ownership of an asset. sure, you can make a copy of it. but you don't own that copy.

Movies are sold by the millions. Is the idea here making a million different watermarked copies of any given movie? If so, the watermark is the important bit, so what do you want the blockchain for? Just point to the court that John Smith has a movie that was tagged as having been sold to Joe Bloggs, and thus isn't his.

> if i discover that you made a copy, i can charge you with theft (see piracy) because i'll use the chain as proof of ownership and i can prove that you don't own your copy.

1. I bet it's going to be fun to explain all the details of the blockchain to the court and to convince them that this is indeed a tight proof of ownership.

2. If the blockchain is the ultimate arbiter of who owns what, then as soon as I manage to hack you, I can steal all your stuff, become its rightful owner in the view of both the blockchain and the law, and then sue you.

Any encrypted material in the blockchain is public. Any algorithm in it is also public. So I can just execute the code by hand, skipping any tracking code.

i do not believe this is true. otherwise smart contracts would not work. if i store something on the chain, and accessing it triggers a smart contract, then you should not be able to bypass the contract. i don't know how that works, but if it didn't work then smart contracts would not be enforceable. if that is the case i'd really like to see evidence of that.

Is the idea here making a million different watermarked copies of any given movie?

a watermark only tracks ownership, but it doesn't call home to count how many times the movie has been watched. it's not something i want. but it is something the blockchain would enable. and again, i am not interested in learning how to solve that problem without the blockchain, but i want to learn how the blockchain would solve this problem, regarless of better alternatives.

If the blockchain is the ultimate arbiter of who owns what, then as soon as I manage to hack you

you would not just have to hack me, but you would have to initiate an ownership transfer on the chain. and these things already happen, millions of coins have been stolen by some mechanism that allowed the transfer of ownership on the chain. and the transfer could not be undone, at least not without resetting the chain. so clearly this is a weakness of the whole blockchain concept. and something the developers will need to address. the question here is, can it be addressed or is the whole concept so flawed that this can't be fixed?

Smart contracts work because they keep everything on the chain. You're proposing a weird hybrid model, like "let's tie the legitimate possession of a real-life movie to the state of an item in World of Warcraft".

Things work if you're within WoW fully, or dealing with a physical DVD fully. Trying to combine both into a single system is where things get weird.

> if i store something on the chain, and accessing it triggers a smart contract, then you should not be able to bypass the contract.

This works so long everything you care about is on the chain. But your movie isn't.

> i don't know how that works, but if it didn't work then smart contracts would not be enforceable. if that is the case i'd really like to see evidence of that.

Try to think of a mechanism that would force me to have a WoW account, and to register my interactions within WoW every time I wanted to watch say, Guardians of the Galaxy.

> a watermark only tracks ownership, but it doesn't call home to count how many times the movie has been watched.

I think you're not getting that the blockchain and the movie exist separately. For the blockchain to refer to my particular copy of the movie, my copy has to be unique in some way. It has to have an unique SHA256. I'm saying that if my copy is already unique, it's already identifiable as mine, so the blockchain doesn't really add much to solving anything here.

Your legal issues are solvable by just "Look, here's a record that I sold this movie to Bob Smith and his copy has SHA256 ABCDEF0123...., and look, here it is on Pirate Bay"

> the question here is, can it be addressed or is the whole concept so flawed that this can't be fixed?

IMO, it's unfixable. The whole point of blockchains is the lack of a central authority. Your identity on one starts and ends in the possession of a public/private key pair. The second somebody gets their hands on that, as far as the chain is concerned, they're you. At that point they transfer your stuff to their account and you're screwed. There's nobody to appeal to, because the very point of the system is that nobody can override that mechanism.

sure, once you decrypt it, you can potentially copy it, but that's not a failure of the blockchain, because the same is true without it. the blockchain has other benefits here.

your movie becomes unique by encrypting it with with your public key. you can probably keep a watermark in the movie too, but that only makes it harder to share the decrypted movie, not impossible.

No, I mean, think of an open source game. You have both the code and the data. Say it's a fighting game.

The game only has effective power if your interest lies entirely within the game. If what you want is to beat a friend in a match then you must act within the game's rules -- use the controller, use the provided moves, and win by applying your skill.

But if all you want to do is to watch the ending cinematic, then you can escape the game's rules. You can just read the source, find the right file, and decode the ending cinematic. You can skip the requirement to finish the game or to play in hard mode. You have the code and the data, so you can break the rules.

Blockchain stuff is like that. So long what you want is within the blockchain and nowhere else, the blockchain has power.

You can store encrypted data on the chain. But since the data is public and the code is public, you can always bypass the chain. You can just take the secret, feed it yourself into OpenSSL, apply the decryption key, and bypass whatever stats accounting/etc might be part of the smart contract.

> sure, once you decrypt it, you can potentially copy it, but that's not a failure of the blockchain, because the same is true without it. the blockchain has other benefits here.

It doesn't have any, it only has weaknesses. A standard webserver would be stronger, because a webserver can work with secrets you can't access. A blockchain is by definition open code, and works with open data. It can't keep any secrets from you, or to reach into any private storage.

https://bitsbyblocks.com/how-to-access-private-data-from-a-s...

https://quillaudits.medium.com/accessing-private-data-in-sma...

"Private data in a smart contract is not private as such since we are dealing with public blockchains"

Yeah, "private" exists as a language construct, in the way it does in C++. No, it's not actually private from the world though, and so anything you put there is something I can get my hands on trivially.