DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Follow-up to interview conducted on 06/02/2021
In an effort to advance prosecution, Examiner drafted and shared with Applicant on July, 1st 2021 via e-mail, a proposed claim incorporating details of how the keys recited by the claims are employed, according to the specification, in the certification contract generation in the identity management blockchain network and subsequent account creation. As of 9/13/2021 no reply to this e-mail communication was received. A copy of this e-mail is incorporated to this Office Action for clarity of the Record.


Status of claims
This office action is in response to the amendment received on 06/10/2021.
Claims 1, 12 and 17 were amended.
Claims 7, 11, 13 and 20-25 were canceled.
Claim 16 was previously withdrawn.
Claims 1-6, 8-10, 12, 14-19 and 26-28 are pending.
Claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 were examined.

Response to Arguments/Amendments
Claim rejections - 35 USC § 101
Applicant’s amendments and arguments (see remarks, pages 2-5, filed on 06/10/2021), with respect to the rejection of claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 under 35 USC § 101 as being directed to an abstract idea have been fully considered. With respect to the rejection of the claims as being directed to a judicial exception, Applicant asserts “the claimed solution is necessarily rooted in computer technology”. Examiner finds Applicant's arguments persuasive, therefore the rejection under 35 USC § 101 has been withdrawn in view of the claim amendments.

Claim rejections - 35 USC § 112(a)
Applicant’s amendments and arguments (see remarks, page 5, filed on 06/10/2021), with respect to the rejection of claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 under 35 USC § 112(a) have been fully considered. With respect to the written description requirement Examiner finds Applicant's arguments persuasive in view of the submitted amendments, therefore the rejection was withdrawn.  However, upon further consideration, new grounds of rejection under 35 USC § 112(a) were made for claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 in view of the amended language.

Claim rejections - 35 USC § 112(b)
Applicant’s amendments and arguments (see remarks, pages 5 and 6, filed on 06/10/2021), with respect to the rejection of claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 under 35 USC § 112(b) have been fully considered. With respect to lack of 

Claim Rejections - 35 USC § 112
The following is a quotation of the first paragraph of 35 U.S.C. 112(a):
(a) IN GENERAL.—The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor or joint inventor of carrying out the invention.

The following is a quotation of the first paragraph of pre-AIA  35 U.S.C. 112:
The specification shall contain a written description of the invention, and of the manner and process of making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or with which it is most nearly connected, to make and use the same, and shall set forth the best mode contemplated by the inventor of carrying out his invention.

Claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 are rejected under 35 U.S.C. 112(a) or 35 U.S.C. 112 (pre-AIA ), first paragraph, as failing to comply with the written description requirement. The claim(s) contains subject matter which was not described in the specification in such a way as to reasonably convey to one skilled in the relevant art that the inventor or a joint inventor, or for applications subject to pre-AIA  35 U.S.C. 112, the inventor(s), at the time the application was filed, had possession of the claimed invention. 

 generating a first seal contract for the first toughened hierarchical deterministic wallet; and deploying the first seal contract on a user identity management blockchain network”. The specification as filed recites, inter alia:
“[0044] An embodiment of the invention provides a system and associated methods for securely linking blockchain accounts to real users. Referring to FIG. 2, the user registration and certification process, for securely linking blockchain accounts to real users, is described in more detail. User registration process is done to link a real user 250 to one or more blockchain accounts. For the registration process, the user 250 either uses a registration application either on mobile or a desktop computer. In the registration application, the user provides the identification information (including fields such as name, address, date of birth and other identification information), scanned identification card (such as a driver license, passport or other types of ID cards), fingerprints and other biometric data, user photo, and any other type of data that can be used to identify the user. Each data field provided by the user in the registration application (collectively referred to as the 'UserData' 256) is hashed using a one-way hash function 258, generating hashed data 260. The registration application then creates a new smart contract from this hashed data 260, which is referred to as the 'Seal Contract' 262. The transaction to create this new Seal Contract 262 on the blockchain network is signed by the user's private key. The Seal Contract 262 maintains a record of the hashed user data and the user's address on the blockchain network. A separate private and/or permissioned blockchain 254 may be used for user identity management, where the Seal Contract is deployed. When the transaction to create the new Seal Contract is mined, the user gets an address of the contract, which is referred to as the 'Sealed UserRecord Address' 264. This completes the user registration process.
[0052] The transaction to create this new Seal Contract 270 on the blockchain is signed by the certification authority's private key. When the transaction to create the new Seal Contract 270 is mined, the certification authority 252 gets an address of the contract, which is referred to as the 'Sealed VerificationRecord Address' 276. 
[0070] The super or enhanced HD wallet keys can be derived using the same or similar approaches as in BIP32 for this. This "super" or "enhanced" HD wallet is differentiated from the other "toughened" wallets used for each blockchain network further because the "super" or "enhanced" wallet is generated for each user (e.g., are linked to the user identity) whereas "toughened" wallets are generated separately for each blockchain network account that the user's account participates in.”
Therefore, the specification as filed does not recite how the newly introduced steps of "generating" and "deploying" are comprised by the first toughened hierarchical deterministic wallet generation, in addition to the three previously recited steps of "deriving" (keys). In other words, the claims were amended to incorporate two additional steps to the three steps comprised by the previous wallet generating step. The specification as filed does not recite such an embodiment. In fact, according to the specification as filed, "The transaction to create this new Seal Contract 262 on the blockchain network is signed by the user's private key." (see paragraph [0044]). Therefore, one of ordinary skill in the art would reasonably convey that the seal contract generation depends on the complete performance of the wallet generation step (i.e. having a private key available to sign the contract), and not incorporating the "seal contract" generation into the wallet generation procedure, as claimed. Therefore, the specification as filed does not provide sufficient written description for the claimed language (see MPEP 2161.01). In other words, the algorithm or steps/procedure taken to perform the function must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed. Dependent claims 2-6, 8-10, 12, 14, 15, 18, 19 and 26-28 are also rejected since they depend on claims 1 and 17, respectively.
receiving an access request for the first seal contract to verify the identity of the user from a first blockchain network; and permitting the first blockchain network access to the first seal contract to verify the identity of the user.” The specification as filed recites, inter alia:
“[0052] The transaction to create this new Seal Contract 270 on the blockchain is signed by the certification authority's private key. When the transaction to create the new Seal Contract 270 is mined, the certification authority 252 gets an address of the contract, which is referred to as the 'Sealed VerificationRecord Address' 276. [0053] Next the certification authority creates a new smart contract, referred to as the 'Certification Contract' 272 by providing the Sealed UserRecord Address 264, Certification Token and Sealed VerificationRecord Address 276 as the input data 278 to the contract. When the transaction to create the Certification Contract 272 is mined, the certification authority gets an address of the contract, which is referred to as the 'CertificationRecord Address' 280, and shares this address with the user. This completes the user certification process. The certification process establishes the ownership of the blockchain account (and its associated public-private key-pairs) to a real user 250 whose identity is verified by the certification authority 252. The certification token can be used to set a validity or a timeout period for a key-pair. After the timeout of the certification of key- pair, the certification process has to be done again. This certification renewal process adds additional security and prevents against any misuse of keys.
[0054] Referring to FIG. 3, a method aspect of the present invention for user validation is described in more detail. A certified user 250 can then interact with blockchain applications (either smart contracts or decentralized applications). These blockchain applications may be deployed on different blockchain networks 300. When a blockchain application requests the identity of a certified user 250, the user sends the CertificationRecord Address and the signed and hashed UserData 260 to the blockchain application. The blockchain application then carries out the validation process 308. The steps involved in the validation process 308 may include, as follows: 
[0055] 1. Get Sealed UserRecord Address 304 from CertificationRecord Address 302
[0056] 2. Get Hash(UserData) from Sealed UserRecord Address 304 
[0057] 3. Decrypt Sign(Hash(UserData)) with user's public key 
[0058] 4. Compare outputs of steps 2 and 3. If equal it proves that the UserRecord has been created and sealed by the user and the user own's the record and its seal. 
[0059] 5. Get Sealed VerificationRecord Address 306 from CertificationRecord Address
[0060] 6. Get Hash(VerificationRecord) from Sealed VerificationRecord Address 306
[0061] 7. Get Token from CertificationRecord Address and check if it is valid 
[0062] 8. Recreate verification record: VerificationRecord' = (Hash(UserData)+Token) and generate its hash: Hash(VerificationRecord') 
[0063] 9. Compare outputs of steps 6 and 8. If equal, it proves that the user has been authenticated by the certification authority. 
[0064] The above steps complete the user validation process 308. Once a user has been validated, the blockchain application may generate an application specific session token 310 (with a short validity), so that the user can interact 312, 314 further with the application without going through the validation process again for each transaction. A reference implementation of Seal 350 and Certification 352 smart contracts, according to an embodiment of the invention, is shown in FIG. 4. 
[0080] An embodiment of the invention provides a system and associated methods for maintaining user identity across multiple blockchain networks. Referring to FIGS. 9 and 10, a method aspect of the present invention for maintaining user identity across multiple chains is described in more detail. For each user a 'Super HD Wallet' 700 is created 714 and separate 'Toughened HD Wallets' 702, 704 are created 716, 718 for separate blockchain networks 612/708, 614/710. The user registration process 624 needs to be done only once for a user, generating a seal contract 600 as described hereinabove. The certification process 626/720 can be carried out once for the Super HD wallet and then for each Toughened HD wallet, generating a certification contract 602 as described hereinabove. Once a master key in a HD wallet (Super or Toughened) has been certified for a user, the ownership of a child key can verified by sharing the derivation path from master to child key without the need to through the whole certification and validation process again when the master key is already certified. To use a child key from a Toughened HD wallet on a blockchain network, the user creates a new blockchain account by importing 722, 724 the key 608, 610 from the Toughened HD Wallets 702, 704. The identity of the user may be verified 726, 728 by the blockchain networks 612/708, 614/710 accessing 622, 618 the certification contract 602.”
Therefore, the specification as filed does not recite how a request is received from a first blockchain network to access the first seal contract and later permitting the first blockchain access to this contract. The specification as filed recites, in conjunction with Fig. 9, that a user registration process 624 "needs to be done only once for a user, generating a seal contract 600 as described hereinabove". Then, the specification as filed further details a user certification process 626, in which a certification contract 602 is generated. Seal contract 600 and Certification contract 602 are clearly distinct, the former provided by user 250 and the latter provided by a certification authority 252. 
Fig. 9 then further discloses first and second blockchain applications verifying identity of the user "from the smart contracts on the blockchain for user identity management, namely A. certification contract 602 and B. Roles & Privileges contract 602. Specifically for verifying the identity of the user by blockchains 614 and 614, the specification recites "accessing 622, 618 the certification contract 602" (see also paragraph [0080]). 
Therefore, while the claims were amended to recite that a "first seal contract" is requested to be accessed by a first blockchain network, the specification as filed clearly recites that to verify the identity of the user, the "certification contract" is accessed instead. In fact, the specification as filed recites a single embodiment in which the user "sends the CertificationRecord Address and the signed and hashed UserData 260 to the blockchain application (When a blockchain application requests the identity of a certified  Anyone in possession of the Sealed UserRecord Address 304 is able to retrieve the hashed user data from the blockchain network. In summary, the specification as filed details the participation of a certification authority in generating a Certification Contract (see Fig. 2 steps 266-280) and sharing its address with the user, which, in turn, shares this address with an application in another blockchain. While the Certification Contract comprises the address 264 of the seal contract 262, the language "When a blockchain application requests the identity of a certified user 250, the user sends the CertificationRecord Address and the signed and hashed UserData 260 to the blockchain application" from the specification cannot be reasonably translated into the claimed language "receiving an access request for the first seal contract to verify the identity of the user from a first blockchain network". Even though the language "for the first seal contract to verify" carries no patentable weight, there is no "access request" disclosed. The specification recites a verification procedure in which data and an address is received and a 

Claim 12 recites “generating a second toughened hierarchical deterministic wallet at the computerized device, comprising: deriving a first toughened parent public key by applying a public CKD function to a combination of the parent public key and the parent chain code of the second secondary seed; deriving a first toughened parent private key by applying a private CKD function to a combination of the parent private key and the parent chain code of the second secondary seed”. The specification as filed recites, inter alia:
“[0014] In some embodiments, the method of generating wallets may further comprise receiving a second secondary seed and generating a second toughened hierarchical deterministic wallet, comprising deriving a first toughened parent public key and a first toughened parent private key from the second secondary seed, deriving a first toughened primary child public key from a function including as inputs the first toughened parent public key of the second toughened hierarchical deterministic wallet, a first parent chain code of the first toughened parent public key of the second toughened hierarchical deterministic wallet, and the enhanced parent public key. Additionally, the method of generating wallets may further comprise deriving a first toughened primary child private key from a function including as inputs the first toughened parent private key of the second toughened hierarchical deterministic wallet, a second parent chain code of the first toughened parent private key of the second toughened hierarchical deterministic wallet, and the enhanced parent private key. Furthermore, the method may comprise performingthe identity registration and certification procedure for the second toughened hierarchical deterministic wallet. The first toughened primary child public key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child public key of the second toughened hierarchical deterministic wallet and the first toughened primary child private key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child [0018] Furthermore, embodiments of the invention are directed to a method of generating wallets for discrete blockchain networks comprising receiving a primary seed, and generating an enhanced hierarchical deterministic wallet comprising deriving an enhanced parent public key and an enhanced parent private key from the primary seed, and performing an identity registration and certification procedure for the enhanced hierarchical deterministic wallet. The method of generating wallets may further comprise receiving a first secondary seed and generating a first toughened hierarchical deterministic wallet, which may comprise deriving a first toughened parent public key and a first toughened parent private key from the first secondary seed, deriving a first toughened primary child public key from a function including as inputs the first toughened parent public key, a first parent chain code, and the enhanced parent public key, and deriving a first toughened primary child private key from a function including as inputs the first toughened parent private key, the first parent chain code, and the enhanced parent private key. The method of generating wallets may further comprise performing the identity registration and certification procedure for the first toughened hierarchical deterministic wallet, receiving a second secondary seed, and generating a second toughened hierarchical deterministic wallet, which may comprise deriving a first toughened parent public key and a first toughened parent private key from the second secondary seed, deriving a first toughened primary child public key from a function including as inputs the first toughened parent public key of the second toughened hierarchical deterministic wallet, a first parent chain code of the first toughened parent public key of the second toughened hierarchical deterministic wallet, and the enhanced parent public key, and deriving a first toughened primary child private key from a function including as inputs the first toughened parent private key of the second toughened hierarchical deterministic wallet, a second parent chain code of the first toughened parent private key of the second toughened hierarchical deterministic wallet, and the enhanced parent private key. Additionally, the method of generating wallets may further comprise performing the identity registration and certification procedure for the second toughened hierarchical deterministic wallet. The first toughened primary child public key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child public key of the second toughened hierarchical deterministic wallet and the first toughened primary child private key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child public key of the second toughened hierarchical deterministic wallet. Furthermore, an identify of a user associated with each of the enhanced hierarchical deterministic wallet, the first toughened hierarchical deterministic wallet, and the second toughened hierarchical deterministic wallet is verifiable by an external blockchain network as a result of the identity registration and certification procedures. Each of the toughened first primary child public key and the first toughened primary child private key of the first toughened hierarchical deterministic wallet may be operable to be exported to a first blockchain network. Additionally, each of the first toughened primary child public key and the first toughened primary child private key of the second toughened hierarchical deterministic wallet may be operable to be exported to a second blockchain network.public key of the second toughened hierarchical deterministic wallet.[0022] Additionally, in some embodiments, the network communication device may be operable to receive a second secondary seed and the processor may be operable to generate a second toughened hierarchical deterministic wallet by deriving a first toughened parent public key and a first toughened parent private key from the second secondary seed, deriving a first toughened primary child public key from a function including as inputs the first toughened parent public key of the second toughened hierarchical deterministic wallet, a first parent chain code of the first toughened parent public key of the second toughened hierarchical deterministic wallet, and the enhanced parent public key, and deriving a first toughened primary child private key from a function including as inputs the first toughened parent private key of the second toughened hierarchical deterministic wallet, a second parent chain code of the first toughened parent private key of the second toughened hierarchical deterministic wallet, and the enhanced parent private key. Furthermore, the processor may be operable to perform the identity registration and certification procedure for the second toughened hierarchical deterministic wallet. The first toughened primary child public key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child public key of the second toughened hierarchical deterministic wallet and the first toughened primary child private key of the first toughened hierarchical deterministic wallet may be non-equivalent to the first toughened primary child public key of the second toughened hierarchical deterministic wallet.”
Therefore, the specification as filed does not recite how the first toughened parent public and private keys are separately derived by applying "a public CKD function" and  "private CKD function", respectively. It appears that there was an attempt to recite the generation of the first toughened primary child public and private keys, however those depend on the previous "deriving a first toughened parent public key and a first toughened parent private key from the second secondary seed" as recited in the specification as filed. The specification as filed does not appear to recite the generation of those parent keys by applying two distinct functions, as newly claimed. The specification as filed only discloses "deriving a first toughened parent public key and a first toughened parent private key from the second secondary seed" and subsequent child keys generation (see paragraphs [0014], [0018] and [0022], therefore, there is insufficient written description for the newly claimed steps of "deriving a first toughened parent public key by applying a public CKD function to a combination of the parent public key and the parent chain code of the second secondary seed; deriving a first toughened parent private key by applying a private CKD function to a combination of the parent private key and the parent chain code of the second secondary seed". Therefore, 
Lastly, Examiner cautions Applicant regarding the attempt of changing the claim scope between claims 12 and 17 (previously commensurate in scope), as further amending those claims to represent distinct embodiments might result in a Restriction Requirement (i.e. Species Restriction).


Claims 12 and 17 were amended to recite “generating a second toughened hierarchical deterministic wallet at the computerized device, comprising:… generating a second seal contract for the second toughened hierarchical deterministic wallet; and deploying the second seal contract on the user identity management blockchain”. The specification as filed recites, inter alia:
Refer to paragraphs [0044], [0052] and [0070] above.

Therefore, as the specification as filed does not recite how the newly introduced steps of "generating" and "deploying" are comprised by the second toughened hierarchical deterministic wallet generation, in addition to the previously recited steps of "deriving" (keys). In other words, the claims were amended to incorporate two additional steps to the deriving steps comprised by the previous wallet generating step (claim 12 four deriving steps, claim 17 three deriving steps). The specification as filed does not only once for a user, generating a seal contract 600 as described hereinabove." Therefore, since the second wallet generation process is not described to include the newly introduced steps of "generating" and "deploying", and the specification is also silent regarding a "second seal contract" generation, the specification lacks written description for the newly introduced language. Therefore, the specification as filed does not provide sufficient written description for the claimed language (see MPEP 2161.01). In other words, the algorithm or steps/procedure taken to perform the function must be described with sufficient detail so that one of ordinary skill in the art would understand how the inventor intended the function to be performed. Dependent claims 14, 18, 19, 27 and 28 are also rejected since they depend on claims 12 and 17, respectively.

Claims 12 and 17 were amended to recite “receiving an access request for the second seal contract to verify the identity of the user from a second blockchain network; 
Refer to paragraphs [0052]-[0064] and [0080] above.
Therefore, as the specification as filed does not recite how a request is received from a second blockchain network to access the second seal contract and later permitting the second blockchain access to this contract. The specification as filed recites, in conjunction with Fig. 9, that a user registration process 624 "needs to be done only once for a user, generating a seal contract 600 as described hereinabove". Then, the specification as filed further details a user certification process 626, in which a certification contract 602 is generated. Seal contract 600 and Certification contract 602 are clearly distinct, the former provided by user 250 and the latter provided by a certification authority 252. Fig. 9 then further discloses first and second blockchain applications verifying identity of the user "from the smart contracts on the blockchain for user identity management, namely A. certification contract 602 and B. Roles & Privileges contract 602. Specifically for verifying the identity of the user by blockchains 614 and 614, the specification recites "accessing 622, 618 the certification contract 602" (see also paragraph [0080]). Therefore, while the claims were amended to recite that a "second seal contract" is requested to be accessed by a second blockchain network, the specification as filed clearly recites that to verify the identity of the user, the "certification contract" is accessed instead. In fact, the specification as filed recites a single embodiment in which the user "sends the CertificationRecord Address and the signed and hashed UserData 260 to the blockchain application (When a blockchain application requests the identity of a certified user 250)" (see paragraph [0054]). 

The following is a quotation of 35 U.S.C. 112(b):
(b)  CONCLUSION.—The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the inventor or a joint inventor regards as the invention.


The following is a quotation of 35 U.S.C. 112 (pre-AIA ), second paragraph:
The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the subject matter which the applicant regards as his invention.


Claims 1-6, 8-10, 12, 14, 15, 17-19 and 26-28 are rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor (or for applications subject to pre-AIA  35 U.S.C. 112, the applicant), regards as the invention.

a first toughened hierarchical deterministic wallet at the computerized device, comprising:...  generating a first seal contract for the first toughened hierarchical deterministic wallet…”. This language is unclear as the step of "generating… wallet…" was amended to incorporate, as comprised by the step, the sub step of "generating a first seal contract for the first toughened hierarchical deterministic wallet". However, the attempt to incorporate this sub step into the wallet generation step renders the scope of the "first… wallet" unclear. In other words, the step of "generating... wallet..." was further amended to recite a sub step of "generating ... contract ... for the... wallet". At this stage, the wallet is not fully generated yet, which renders the sub step of "generating... contract" as part of the wallet generation unclear. The duality arises on the fact that one of ordinary skill would not be able to reasonably convey whether the sub step of "generating... contract..." is performed "for" the not yet complete wallet (i.e. a wallet that was not fully generated yet, without the step of generating contract) or whether the contract is generated "for" the intended generated (complete) wallet, comprising the contract. Dependent claims 2-6, 8-10, 12, 14, 15, 18, 19 and 26-28 are also rejected since they depend on claims 1 and 17, respectively.

Claims 12 and 17 recite the language “generating a second toughened hierarchical deterministic wallet at the computerized device, comprising:... generating a second seal contract for the second toughened hierarchical deterministic wallet; and deploying the second seal contract on the user identity management blockchain”. This language is unclear as the step of "generating a second… wallet…" was amended to 



Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
US Patent Literature
Costa Faidella et al. (US 2017/0177855 A1) disclose methods and systems for identity creation, verification and management, including identity source storing identity attributes for users, identity wallets for users that enable access to the 
Ouellette (US 2017/0195336 A1) discloses method and system for non-authoritative identity and identity permissions broker and use thereof, including generating an identity token corresponding to the identity for distribution to the individual for use in invoking access to restricted access systems.
Poole (US 9,673,979 B1) discloses hierarchical, deterministic, one-time login tokens, including deriving public/private keys from any child keys.
Sandhu et al. (US 2006/0184786 A1) disclose technique for asymmetric crypto-key generation, including key distribution using asymmetric cryptographic keys.
Cordery et al. (US 6,295,359 B1) disclose method and apparatus for distributing keys to secure devices such as a postage meter, including calculating a device public key as a combination of master public keys.
Le Saint et al. (US 2018/0167208 A1) disclose confidential authentication and provisioning, including blinded and ephemeral key generation mechanisms.
Maletsky et al. (US 2014/0281554 A1) disclose generating keys using secure hardware, including combining, using the secure device, a nonce with the child public key to generate a digest; combining the digest with information associated with the secure device; and generating, using the secure device, the first signature by performing an asymmetric cryptographic signature computation, using the parent private key, on the combination of the digest and the information associated with the secure device.

Andrade (US 9,985,964 B2) discloses systems and methods for providing block chain-based multifactor personal identity verification, including a verification address associated with the blockchain to an individual.
Jutla et al. (US 2018/0048461 A1) disclose apparatus, system, and methods for a blockchain identity translator, including mapping between PKI certificate credentials maintained by certificate authorities and blockchain credentials.
Collin et al. (US 2018/0068097 A1) disclose systems and methods for providing identity assurance for decentralized applications, including providing encryption/decryption and key services to the wallet user interface 52 for generating the transactions, and contract services for creating and maintaining the contracts in the blockchain system.
Moses (US 2018/0097635 A1) discloses methods and apparatus for providing blockchain participant identity binding, including a cryptographic binding of a signature-verification public key and/or a data encryption public key to the identity of the holder of the corresponding private key.
Andrade (US 2016/0283941 A1) discloses systems and methods for personal identification and verification, including allowing creation of transactions each requiring at least two private keys as signature and restricting private keys.

Karkkainen et al. (US 2018/0144341 A1) disclose encryption system, encryption key wallet and method, including an encryption key wallet determined automatically based upon an identity of the user.
Ginter et al. (US 5,892,900 A) disclose systems and methods for secure transaction management and electronic rights protection, including asymmetric key generation and reducing transaction risk.

Non-patent literature
Massimo et al (NPL 2017) disclose an empirical analysis of smart contracts: platforms, applications, and design patterns. Financial Cryptography and Data Security 2017, Volume 10323 ISBN : 978-3-319-70277-3 March/2017, including wallet smart contracts

Araoz et al. (NPL) discloses a new BIP32 structure for P2SH multisig wallets, including shared wallets, retrieved from https://www.mail-archive.com/bitcoin-development@lists.sourceforge.net/msg05156.html on 04/25/2014.
Maxwell et al. (NPL) disclose Deterministic wallets, including multi-signature scripts with respect to homomorphic derivations, and a server storing two public root nodes (i.e. each node consists of a public key and a chaincode), and assemble a script of the needed format for each customer. Bitcoin Israel Conference February 27, 2014.

Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to EDUARDO D CASTILHO whose telephone number is (571)270-1592.  The examiner can normally be reached on Mon-Fri 8-5.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/E.C./Examiner, Art Unit 3685                                                                                                                                                                                                        
/JACOB C. COPPOLA/Primary Examiner, Art Unit 3685