Topic: 2013-11-19: Buying a new identity (Read 5211 times)

It's not been stated in this variation before, and I think you may be on to something there (others that tried to pose mining your own ID "what if"s were on to nothing).

From the way I understand it, if you solo mined or operated a pool, someone could do just what you're suggesting (they'd have to bide their time until they got a block in the chain, though). Worse, they could submit a very expensive ID sacrifice, and use it to give the illusion to anyone checking that ID in conjunction with the providing of goods/services to the ID holder that the holder should be more trustworthy than otherwise, as they did spend a fortune on their ID after all! Who would want to throw that away! Furthermore, a big enough miner could make a side business of selling IDs that cost him nothing at less than "cost".

thanks for the replies

I get how Retep's suggestion for a number of consecutive transactions could help or sending it to a blackhole,
but I'm not that familiar with svp proof

This has probably been answered already, but what stops me from keeping the transaction to myself (not broadcasting it) and mining for the block that contains the transaction myself, so that the fees go to me, and I essentially don't pay fees?  (Or at least mining for it with a mining pool I control, so that I get some chunk of the fee back?)

The object includes an spv proof of inclusion in the block chain. All the verifier needs is the block headers.

See my first ever post to the bitcoin-development email list: http://www.mail-archive.com/[email protected]/msg01005.html

Much improved upon a few months later: https://bitcointalksearch.org/topic/purchasing-fidelity-bonds-by-provably-throwing-away-bitcoins-134827

Though these days I'm thinking spend to unspendable is a lot safer for a variety of reasons...

So is this ID only usable with parties who have seen the "sacrifice transaction" publicly announced on the network?, otherwise couldn't the id seeking person just make a deal with some miner or pool to not announce this transaction, mine it and get his $200 back minus a fee for the miner.

I knew someone would say this, and I was tempted to say so myself. But what stopped me was the fact that, as Jeff alludes to, this does not prove your identity or your age. At all.

It still requires you to trust all past and present employees or those with access to the facilities of the background checking/passport agency who provide the document that is signed. Even if that company also signs the ID/age verification data themself, it's open to abuse. You could still get that apalling set of circumstances where a person who has been dead for years has their ID information stolen, then signed and accredited by the passport agency or suchlike organisation via a miscreant employee. The ID of an unaccountable ghost is then used to commit a whole range of crimes. Cases such as this have happened in the past where the everyday police have arrived at the house belonging to the parents of the dead ID theft victim, and the mother of a child who has been dead since infancy has to put up with a traumatic ordeal, whereby the police officers accuse her of harbouring the child, of making up wild and elaborate fantasy stories about the child being long dead. These parents could be subjected to hours of this sort of questioning, perhaps in police custody. This sort of thing is a total disgrace, of course. It should not even be possible to commit such disgusting abuses of an ID system, and I suggest that the blockchain offers us a way to introduce an improved system where this cannot be done.

Corrupting ID schemes hacks away right at their essence. In the currently proposed usage, the Bitcoin system becomes the 4th party. Why trust another layer, when you may prefer someone to produce their passport to verify the (designed for portability anyway). It becomes less about empowering the user and more about the potential 2nd instance verifier saying "So, what does this Bitcoin ID associated person get up to online, eh?". Why not create a new layer that improves trust in the veracity of the ID mechanism itself? The proposed usage only creates an opportunity to collect more reliably attributable data about it's users.


I don't know if it's technically possible, but with the use of a similar mining fees sacrifice mechanism, these abuses could be averted. Put a hash of real ID information in the blockchain. Instead of using 3rd party meta-data (that can be subverted in more ways than one throughout the process), use genuinely unfalsifiable data like a complete genome, or genetic fingerprint. Possibly this would be technically inadequate for some reason, perhaps the available 80 bytes isn't enough to ensure that collision hashes aren't easy to reproduce for such large sample data as those of DNA fingerprints. But if it could be done, it would be a much more powerful identity system for it.

This is an unprecedented opportunity to create a mechanism for IDs that is very difficult to subvert or abuse, and the world would be a better place for it. The real issue today is that we do not have a level playing field, powerful organisations that are part of the industry for verifying ID can be (and are) used to gently chip away at the trust in the very system they are administering. Why not do for these organisations the same thing Bitcoin has been designed to do for the financial services and the central banks: usurp their relevance and their usefulness entirely, by providing an altogether improved system. After all, at the most fundamental level, we all like Bitcoin so much because it's a system where no-one can cheat.

The "identities" created by proof of sacrifice aren't really identities, they're just arbitrarily expensive objects that can be created with an app. There's no name or anything else attached to them. That's why I call them  "anonymous passports" but that name isn't really right either. I think we need to invent new words to describe these things. I'm not really happy with any of the names proposed so far.

If you want to prove your age but nothing else at all, then I'm researching convenient ways to do that as well. The recent cryptographic breakthroughs with zk-SNARKs open up the possibility of being able to use an Android NFC-capable phone to create provable derivatives of your passport with certain fields left out. For instance you could create yourself a proof that your name is Peter and you were born in 1981, but nothing else.

I've heard in the USA it's a bit different, but at least in most parts of the world I've been to, ~everyone has a passport and lots of people have Android phones. If you don't you could always borrow a friends, or purchase a cheap USB NFC reader.

However the above technique doesn't rely on Bitcoin at all. You could present a passport-proof and a sacrifice-proof together I guess, to prove you are over-age and still remain anonymous/bannable.

Yes.  That's digital attestations.  Background Checks, Inc. can perform a background check on me, and then sign my identity "jgarzik (key 0x1234) passed our background check level 1 on date Y/M/D".  Anyone who trusts the signature of Background Checks Inc. may trust key 0x1234 as having passed a background check.

You may also offer this signature as hash(signature), and only reveal the actual signature privately upon request, to enhance privacy further.

Plug for my own identity tech spec: https://en.bitcoin.it/wiki/Identity_protocol_v1

This idea is fascinating.  It solves parts of the identity problem much better than "government issued ID" while still allowing reasonable anonymity (or separation between nightlife-self, work-self, etc, as mentioned earlier).  

Would it be possible to take this idea further and create identities in such a way that we are reasonably sure that the owner of the private key has reached the age of majority in their state or country?*  Imagine that a market for bitcoin "Notary Publics" emerges:  each notary public has paid a very high fee for their identity (say, $100,000) so they do not want to be discredited--they have a strong incentive to be honest.  They could offer a service where they would digitally sign a message with their private key to the blockchain to vouch that the human identity behind your public key was, say, >= 19 years old.  You would have to show them reasonable proof of this fact in order for them to "vouch" for you.  If crooked notaries emerged, they would eventually get found out by unhappy mothers or police sting operations, and they would be quickly put out of business and render their $100,000 investment worthless.  


*I ask because I read early today that the operators of sites that deliver x-rated content are hesitant to allow bitcoin payments because it could be a 12 year old kid on the other end [https://bitcointalksearch.org/topic/bitcoin-and-porn-340145] [Apparently, despite the fact that the 12-year old can download pornography for free, if he buys it and his parents create a stir, this can cause problems for the site operator].  Bitcoin + x-rated content is obviously a very large and mostly untapped market.
  
 

The amount of mining fees you use for the ID is provable, recorded in the blockchain. You can choose the fees now, as you no doubt will be able to for these IDs. So, if your service is getting way too much ID fraud, or too much abuse from people using cheap IDs, you raise the minimum amount of sacrifice that was use to create the ID for all new people registering.

I'm not saying this is perfect, and at the risk of getting labelled as "Mike Hearn's new best friend", I'm still going to say that this needs to be discussed.

Remember as well that there are all sorts of times in life where being able to prove your identity is really useful. If someone for some reason accuses you of something you didn't do, being able to offer evidence as to who you definitely are and what you were really doing or where you really were when the alleged incident took place, it's almost priceless, depending on the accusation. Everyone's face and voice are the most basic identities there are, I don't think people who value their privacy more than your average person would advocate for wearing masks and voice-distorters just to achieve perfect privacy at all times. Who would trust the faceless voice-less stranger? Maybe they could build up a relationship with the faceless/voiceless person to get a feel for how you behave, but then you become really easy to impersonate, the impersonater needs a copy of your mask and the same voice distortion settings. It's a complicated problem.

The cost isn't a deterrent at that level. It would only foster pushing fraud to the edges, stealing enough to "sacrifice" yourself a new identity.

How is this better, at all?

No, but the cost to creating multiple PGP keys is the time it takes to write yourself a bash script to do so, really. In circumstances where you really want to put people off from abusing the ability to sign things digitally to present as a form of proof, you can disincentive that with an ID you have to pay for.

Another example would be these very forums, we get spammed and trolled with great enthusiasm. I'd argue that the clever trolls should be allowed to stay, as you can learn something from mischief that involves thought and innovation. I guess that it could be the decision of the moderators and site operators to decide their own policies, as well as when to make exceptions for them.

You can't outlaw trolling or spamming, but you could achieve a decent increase in the amount signal to noise. There suddenly exists another tool to shape cultures.

You don't need the block chain to do that.

The cryptographic angle.

You can take any piece of digital information, and use the ID to sign a digital signature of that piece of digital information. This is what makes these ID's so powerful.

The entry requirements for getting a social media network account could be a signed photograph of yourself. Or a signed copy of a document with your postal address on it, if they're particularly snoopy. Somewhere like Linked In might well insist on a fairly high level of identity proof; they don't need the hassle of known fraudsters using their network to perpetrate confidence based scams, it hurts the reputation of Linke In, it devalues their network. Don't like how nosy the network is? As long as we have the freedom to choose, and developers/businesses have the freedom to create the platform they want to provide, then you can still be odolvlobo and I can still be Carlton Banks.

The killer for me is to sign a digital copy of your complete genome with your Bitcoin ID, a near absolute identity. Birth Certificates are so 2nd millennium these days, pah.

Other than establishing the age of an identity, is there a benefit to publishing it in the block chain?

As a point of comparison, bulk-created fake Gmail accounts cost about $1 for 10 on the grey market. So if your sacrifice was more than about 10 cents, you'd have created yourself an identity with about as much weight as a Gmail account. In practice this is often good enough. The difference is that getting the cost of spammy Gmail accounts that high took years of work by a dedicated team, whereas anyone can implement Bitcoin anonymous identities very easily.

Actually I spent a lot of time talking with Babbage from the Economist and explained many things. There will be a longer article in the print edition coming out in the near future.

Am I reading this right, or is this really a very trivial application which basically boils down to "you can make use of the fact that the blockchain is a public ledger to link your identity to a BTC address, and then sign messages with your private key to prove going-forward that you are who you say you are?"

And not to knock it, because, true, it certainly be used to do that (but, of course, can also do *so* much more...).  It sort of confirms a suspicion I've had for awhile: obviously (almost by definition) the detractors of Bitcoinl clearly don't understand what it is and what it can do -- but I suspect that there are an awful lot of "supporters" (especially newcomers to the bandwagon) of Bitcoin who also haven't even yet really grasped why it's so revolutionary and what it can really do when its potential is fully realized.

In other words: wow, Economist, if you're impressed by the fact that Bitcoin lets you create a persistent provable online identity by signing messages with your private key, it's *really* gonna bake your noodle when somebody (like, say, Mike Hearn) sits down with you and explains colored coins and smart property and multi-sig transactions and autonomous agents, and...  

Well, it's the miners and the blockchain that are verifying the veracity of the transaction that creates the identity, the idea is to send a special transaction with no recipient or amount, just fees. And I think the $200 figure is kind of notional, they imply that in the text. The fact that it's a fees-only transaction should give you an idea of the price range they will start from from for the cheapest.

I think it's a good plan, as is. Jeff Garzik described it as "choose your own level of privacy", and that's boadly what it could offer. And what's more, it puts more informational power in the hands of each individual, instead of with authorities (particularly individuals that suffer from the actions of unpleasant governments). Imagine you're the government in a country where they have big problems with foreign political subversion by agents from another state. You would start insisting that all tourists, NGO and Embassy/Diplomatic staff have passports linked to blockchain identities with very very high fees attached. You could check the blockchain yourself to see that it was all as you require. It would be a smart way of handling that kind of problem; states with malign secret services can get fake identity documents at virtually zero cost, and with huge benefits to them.

This identity scheme seems to level the playing field when it comes to these systems. All of a sudden, government ID documents aren't as valid as the ones you can knock up yourself. And you can have more than one (keep your forum, blogging, social media, medical purchases, career or nightlife identity totally separate from each other. Or not, as preference and circumstances demand)


Also, plaudits to the Economist. They rarely cover Bitcoin, and they often get the technical aspects just a tiny bit muddled (as they did describing mining, both in this article and a previous one). And that they picked this issue shows some genuine insight, as I suspect this ID Protocol has the potential to introduce even more transformational qualities from Bitcoin system. And at least they're not that mixture of Chicken Little and fanatical luddism like the rest of the established press so often are. For them, at least maintaining a pretense of rationalism is their raison d'etre  

What exactly are you proposing? That services require you to have a costly account to mitigate the potential to create thousands of accounts for free? Why donate to miners and not a set of charities? Why exclude people who only have an annual income of 200$?