DETAILED ACTION
Acknowledgements
The amendment filed on 07/17/2024 is acknowledged.
Claims 15-28 are pending.
Claims 15-28 have been examined.
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claim Rejections - 35 USC §101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.
Claims 15-28 are rejected under 35 U.S.C. 101 because the claimed invention is directed to an abstract idea without significantly more.
Analysis
In the instant case, claims 15-28 are directed to a method. Therefore, these claims fall within the four statutory categories of invention.
The claim(s) recite(s) recovering funds. Specifically, the claims recite “providing a distributed [cryptographic key] being shared among two or more [nodes] with each [node] holding a share of the [cryptographic key and none of the [nodes] holding the entire [cryptographic key], the [cryptographic key] providing access to the funds of the [crypto currency wallet], storing recovery information regarding the [cryptographic key] in a [storage] being separate from the two or more [nodes], in the case that the [cryptographic key] and/or the [wallet] becomes in-operational, a user retrieving the recovery information from the [storage] and providing at least part of the retrieved recovery information to an emergency recovery service, and the emergency recovery service and the user in cooperation performing an emergency recovery transaction of funds from the [crypto currency wallet] to a new [crypto currency wallet], based on the recovery information, by the emergency recovery service and the user together running an interactive [Secure Multiparty Computation (MPC) protocol].”, which is “commercial or legal interactions” within the “certain methods of organizing human activity” grouping of abstract ideas in prong one of step 2A of the Alice/Mayo test (See MPEP 2106) because the claims involve a series of steps for recovering funds. Accordingly, the claims recite an abstract idea.
This judicial exception is not integrated into a practical application because, when analyzed under prong two of step 2A of the Alice/Mayo test (See MPEP 2106), the additional element(s) of the claim(s) such as the use of cryptographic key, computer nodes, crypto currency wallet, storage and secure multiparty computation protocol merely use(s) a computer as a tool to perform an abstract idea. The processors and memories are recited at a high-level of generality (i.e., as a generic processor performing a generic computer function of recovering funds) such that it amounts no more than mere instructions to apply the exception using a generic computer components. Accordingly, the additional elements do not impose any meaningful limits on practicing the abstract idea, and the claims are directed to an abstract idea.
The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element of using cryptographic key, computer nodes, crypto currency wallet, storage and secure multiparty computation protocol to perform funds recovering steps amounts to no more than mere instructions to apply the exception using a generic computer components. Mere instructions to apply an exception using a generic computer components cannot provide an inventive concept. The claim is not patent eligible.
Dependent claim 16 describes emergency recovery transaction. Dependent claims 17 and 21 describe the recovery information. Dependent claim 18 describes the steps that user takes. Dependent claim 19 describes the recovery information and the steps that user takes. Dependent claim 20 describes the unique identity. Dependent claim 22 describes the user identity. Dependent claims 23-24 describe the steps that nodes perform. Dependent claim 25 describes encrypted cryptographic key and the steps of storing recovery information. Dependent claim 26 describes master chain node. Dependent claim 27 describes cryptographic key, master chain node and storing recovery information. Dependent claim 28 describes verifying th retrieved recovery information. These claims further recite the abstract idea of certain methods of organizing human activity. This judicial exception is not integrated into a practical application because the additional element(s) of the claim(s) such as the use of cryptographic key, computer nodes, crypto currency wallet, storage and secure multiparty computation protocol merely use(s) a computer as a tool to perform an abstract idea. The claims do not include additional elements that are sufficient to amount to significantly more than the judicial exception. The claims are not patent eligible.
Viewed as a whole, the combination of elements recited in the claims simply recite the concept of recovering funds. The claims do not, for example, purport to improve the functioning of the computer itself. Nor do they effect an improvement in any other technology or technical field.
The use of cryptographic key, computer nodes, crypto currency wallet, storage and secure multiparty computation protocol as tools to implement the abstract idea does not render the claim patent eligible because it does not provide meaningful limitations beyond generally linking the use of an abstract idea to a particular technological environment and requires no more than a computer performing functions that correspond to acts required to carry out the abstract idea.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claims 15, 18-19 and 24-27 are rejected under 35 U.S.C. 103 as being unpatentable over US Application Publication US20190007205A1 (“Corduan et al.”) in view of US Application Publication US20200259638A1 (“Carmignani et al.”).
Regarding claim 15, Corduan et al. discloses:
A method for performing an emergency recovery transaction of data from a wallet, (¶0006, Fig. 1 item 102C) the method comprising the steps of:
providing a distributed cryptographic key being shared among two or more nodes with each node holding a share of the cryptographic key and none of the nodes holding the entire cryptographic key, the cryptographic key providing access to the data of the wallet, (¶¶0022-23)
storing recovery information regarding the cryptographic key in a storage being separate from the two or more nodes, (¶0030 and ¶0032)
in the case that the cryptographic key and/or the wallet becomes in-operational, a user retrieving the recovery information from the storage and providing at least part of the retrieved recovery information to an emergency recovery service, and (¶0040)
the emergency recovery service and the user in cooperation performing an emergency recovery transaction of data from the wallet to a new wallet, based on the recovery information, (¶¶0049-50)
Corduan et al. does not explicitly disclose:
wherein data is funds;
wherein a wallet is a crypto currency wallet;
wherein performing the emergency recovery by the emergency recovery service and the user together running an interactive Secure Multiparty Computation (MPC) protocol;
However, Carmignani et al. discloses:
wherein the data is funds; (¶0048)
wherein the wallet is crypto currency wallet; (¶0048)
wherein performing the emergency recovery by the emergency recovery service and the user together running an interactive Secure Multiparty Computation (MPC) protocol (¶0043)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including utilizing sMPC for the private key recovery in accordance with the teaching of Carmignani et al.. This modification enables combined system to recover the private key so cryptocurrency funds in the wallet can be accessed. Moreover, it utilizes sMPC protocol for private key recovery which improves data security by protecting data from other participants in the computation.
Regarding claim 18, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
wherein the step of the user providing at least part of the retrieved recovery information to the emergency recovery service comprises the step of proving the identity of the user towards the emergency recovery service. (¶0125)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including user identity requirement for the recovery in accordance with the teaching of Carmignani et al.. This modification ensures the right party is allowed to retrieve the sensitive information.
Regarding claim 19, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
wherein the recovery information comprises information regarding a unique identity of the user, and (¶0125)
wherein the step of proving the identity of the user towards the emergency recovery service comprises the step of the user proving ownership of the unique identity. (¶0125)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including user identity requirement for the recovery in accordance with the teaching of Carmignani et al.. This modification ensures the right party is allowed to retrieve the sensitive information.
Regarding claim 24, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
further comprising the step of the two or more nodes creating an encrypted version of the cryptographic key, based on the shares of the cryptographic key and using a multiparty encryption process, and (¶0043)
wherein the step of storing recovery information regarding the cryptographic key in the storage comprises storing the encrypted version of the cryptographic key in the storage. (¶0043)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including creating encryption key based on multiparty encryption process and storing the encryption key in accordance with the teaching of Carmignani et al.. This modification enhances the security and eliminates single point failure as keys are split into multiple shares and distributed to multiple nodes on the network.
Regarding claim 25, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
wherein the encrypted version of the cryptographic key comprises a zero-knowledge proof, and (¶0046, ¶¶0049-50 and ¶0088)
wherein the step of storing recovery information regarding the cryptographic key in the storage comprises verifying the zero-knowledge proof prior to storing the encrypted version of the cryptographic key. (¶0050)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including utilizing zero-knowledge proof for identity validation in accordance with the teaching of Carmignani et al.. This modification enhances the security by not expose the identity data and verify the identity prior storing the encrypted key.
Regarding claim 26, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
further comprising the step of providing a master chain code and storing the master chain code at the two or more nodes, and (Fig. 1F; ¶0045)
wherein the step of storing recovery information regarding the cryptographic key in the storage comprises storing an encrypted version of the master chain code as part of the recovery information. (Fig. 1F; ¶0045)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including storing encrypted master chain code in accordance with the teaching of Carmignani et al.. This modification enhance the security and availability of the master chain code. Hence, the master chain code can be accessed for recovery in an event of key loss.
Regarding claim 27, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
wherein the distributed cryptographic key and the master chain code are derived from a common master seed, and (Fig. 1F; ¶0048 and ¶0056-57)
wherein the step of storing recovery information comprises storing an encrypted version of the common master seed. (¶0046)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including deriving master chain code from a master seed in accordance with the teaching of Carmignani et al.. This modification simplifies key management and enhances the security and availability of the master seed. Hence, the master seed can be accessed for recovery in an event of key loss.
Claim 16 is rejected under 35 U.S.C. 103 as being unpatentable over US Application Publication US20190007205A1 (“Corduan et al.”) in view of US Application Publication US20200259638A1 (“Carmignani et al.”), and in further view of US Application Publication US20200351074A1 (“Wood”).
Regarding claim 16, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Corduan et al. further discloses:
wherein the step of the emergency recovery service and the user in cooperation performing an emergency recovery transaction comprises the steps of:
the emergency recovery service generating a cryptographic transaction key, based on the received recovery information, and (claim 14)
the emergency recovery service performing an emergency recovery transaction of funds from the crypto currency wallet to a new crypto currency wallet, using the cryptographic transaction key. (claim 14)
Corduan et al. and Carmignani et al. do not explicitly disclose:
wherein the cryptographic key is a one-time cryptographic transaction key;
However, Wood discloses:
wherein the cryptographic key is a one-time cryptographic transaction key; (abs and ¶0069)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including one-time cryptographic transaction key in accordance with the teaching of Wood. This modification improves the data security since single use key prevents replay attack and eliminates the risk of compromised key.
Claim 17 is rejected under 35 U.S.C. 103 as being unpatentable over US Application Publication US20190007205A1 (“Corduan et al.”) in view of US Application Publication US20200259638A1 (“Carmignani et al.”), and in further view of US Application Publication US20230224147A1 (“Pettit”).
Regarding claim 17, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Corduan et al. and Carmignani et al. do not explicitly disclose:
wherein the recovery information is in the form of pre-signatures generated by the nodes based on the shares of the cryptographic key held by the nodes. (Fig. 4; ¶0157)
However, Pettit discloses:
wherein the recovery information is in the form of pre-signatures generated by the nodes based on the shares of the cryptographic key held by the nodes. (Fig. 4; ¶0157)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including recovery information is in the form of pre-signatures generated by the nodes in accordance with the teaching of Pettit. This modification allows users to recover assets in the case of lose keys.
Claims 20-22 are rejected under 35 U.S.C. 103 as being unpatentable over US Application Publication US20190007205A1 (“Corduan et al.”) in view of US Application Publication US20200259638A1 (“Carmignani et al.”), and in further view of US Application Publication US20200005282A1(“Kim et al.”).
Regarding claim 20, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Corduan et al. and Carmignani et al. do not explicitly disclose:
wherein the unique identity is cryptographically linked to the recovery information.
However, Kim et al. discloses:
wherein the unique identity is cryptographically linked to the recovery information. (¶0052)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including linking the unique identity with the recovery information cryptographically in accordance with the teaching of Kim et al.. This modification enhance the security of identity verification. Hence, it ensures only the right party is allowed to retrieve the sensitive recovery information.
Regarding claim 21, Corduan et al. in view of Carmignani et al., and in further view of Kim et al. discloses all limitations as described above. Carmignani et al. further discloses:
wherein the recovery information comprises a zero-knowledge proof which includes the unique identity of the user. (¶0049)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including zero-knowledge proof of user identity for the recovery in accordance with the teaching of Carmignani et al.. This modification ensures the right party is allowed to retrieve the sensitive information but it does not require the user provide the identity. Hence, it enhances the data security as the user identity data is not revealed.
Regarding claim 22, Corduan et al. in view of Carmignani et al., and in further view of Kim et al. discloses all limitations as described above. Kim et al. further discloses:
wherein the user identity is linked to the recovery information using a digital signature. (¶0052)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including linking the unique identity with the recovery information cryptographically in accordance with the teaching of Kim et al.. This modification enhance the security of identity verification. Hence, it ensures only the right party is allowed to retrieve the sensitive recovery information.
Claims 23 and 28 are rejected under 35 U.S.C. 103 as being unpatentable over US Application Publication US20190007205A1 (“Corduan et al.”) in view of US Application Publication US20200259638A1 (“Carmignani et al.”), and in further view of US Application Publication US20220103356A1 (“Be’ery et al.”).
Regarding claim 23, Corduan et al. in view of Carmignani et al. discloses all limitations as described above. Carmignani et al. further discloses:
the two or more nodes providing encrypted versions of their shares of the cryptographic key to each other, and(¶0046)
wherein the step of storing recovery information regarding the cryptographic key in the storage comprises each of the nodes providing the encrypted version of its share of the cryptographic key to the storage in the case that the zero-knowledge proofs are valid. (¶0050)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify System and Method for Autonomous Dynamic Person Management of Corduan et al. by including identity validation prior storing the recovery information in accordance with the teaching of Carmignani et al.. This modification enhances the security to ensure the recovery information is mapped to the right party.
Corduan et al. and Carmignani et al. do not explicitly disclose:
the two or more nodes verifying the encrypted shares of the cryptographic key, and
However, Be’ery et al. discloses:
the two or more nodes verifying the encrypted shares of the cryptographic key, and (¶0011)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including verifying the encrypted shares of the cryptographic key in accordance with the teaching of Be’ery et al.. This modification verifies the validity of the encrypted shares of the cryptographic key.
Regarding claim 28, Corduan et al. in view of Carmignani et al., discloses all limitations as described above. Corduan et al. and Carmignani et al. do not explicitly disclose:
further comprising the step of the user verifying the retrieved recovery information by verifying correspondence between the cryptographic key and the master chain code.
However, Be’ery et al. discloses:
further comprising the step of the user verifying the retrieved recovery information by verifying correspondence between the cryptographic key and the master chain code. (¶0011)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the combined system of Corduan et al. and Carmignani et al. by including verifying the retrieved recovery information in accordance with the teaching of Be’ery et al.. This modification validates the retrieved recovery information.
Conclusion
The following prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
US11394543B2 (“Collier et al.”) discloses a method for managing sensitive data, including: receiving an encryption key from a third party recovery agent; at a user agent executing on a user device, encrypting the sensitive data with the encryption key; and storing the encrypted sensitive data at a third party storage provider system. The method can optionally include, at the user agent: requesting the encryption key from the third party recovery agent using a set of recovery agent authentication credentials; requesting the encrypted sensitive data from the third party storage provider system using a set of storage provider authentication credentials; and decrypting the encrypted sensitive data using the encryption key.
US20200044863A1 (“Yadlin et al.”) discloses techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to YINGYING ZHOU whose telephone number is (571)272-5308. The examiner can normally be reached Mon - Fri 9:00am - 5:00pm ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, John W Hayes can be reached on 571-272-6708. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/YINGYING ZHOU/Examiner, Art Unit 3697