I’m not thinking of changing what’s on the chain but controlling who is legitimate to access it at a given time. If KES keys need to be updated it’s because there is a mechanism in caradano that makes them invalid for signature after a certain time, fixed in number of blocks. (hope I’m correct)
The same mechanism could be used to invalidate keys used to decipher something stored on the chain.
Imagine that, in its construction, the function
f used to decipher include the last block number
b along side the message
m and the key
f could work only for a combination of
b, and not work if the block number is not the one associated with the key
Obviously someone who was able to decipher the message at an earlier stage would still have access to a copy o the message but he would not be able to prove that this message was legitimate.
The French commission in charge of national compliance the the european GDPR (General Data Protection Regulation) says :
As regards the right to erasure, the right to rectification and the right to object to processing, the CNIL acknowledges the existence of technological solutions that should be evaluated. Without resulting in strictly identical effects, these solutions enable stakeholders to come closer to the GDPR’s compliance requirements , in particular by blocking access to data depending on the format chosen (e.g., commitment, fingerprint generated by a hash function with a key, encryption, etc.)
which is in favor of the existence of mechanisms to block access to encrypted information stored on a chain.