Our soon-to-be user selling his 660 acre lake front home in Northern Idaho, story from the Miami Herald:
http://www.miamiherald.com/2014/03/07/3980445/idaho-lakefront-property-for-sale.html
Topic: AnArk.re: Bitcoin marketplace with trust-free escrow (Read 1142 times)
Do you have a backup procedure in place for buyers/sellers, in the case that you or your website disappear?
For instance, would you be able to provide a flat-file HTML document with javascript that allows buyer and seller to recover the private key without your site?
For instance, would you be able to provide a flat-file HTML document with javascript that allows buyer and seller to recover the private key without your site?
Yes, that is exactly how it works.
Every single transaction can be saved to a flat-file just by going to File -> Save on the webpage. This file contains all the escrow variables and can be used offline to recover funds. You just have to send your escrow code to the other party and they can type it into their offline webpage to calculate the key.
After both parties delete the transaction from the server will purge the escrow variables.
We also do database backups regularly.
Do you have a backup procedure in place for buyers/sellers, in the case that you or your website disappear?
For instance, would you be able to provide a flat-file HTML document with javascript that allows buyer and seller to recover the private key without your site?
For instance, would you be able to provide a flat-file HTML document with javascript that allows buyer and seller to recover the private key without your site?
My partner and I are happy to share our new project, https://www.anark.re - Buy and sell anything including fiat, real estate, and more!
We all know that we should never trust bitcoins to sites with hotwallets, but up until now there has not been a good way to do trades without one. Multi-sig promises to deliver trust-free escrow, but so far it has been difficult to make widely accessible due to wallet fragmentation and a confusing user experience.
After doing some research, I discovered that we could make a much more user-friendly system that is functional today while still achieving trust-free escrow similar to multi-sig. The alternate method we are using is called the Casascius Escrow Scheme and it was invented by Mike Caldwell. You can read about it here: https://en.bitcoin.it/wiki/User:Casascius/Escrow_scheme_draft It is similar to Shamir's secret sharing, but it was specifically designed for escrow. The javascript implementation can be found at www.bitescrow.org (this is what I used).
Using this scheme we are able to perform escrow functions (like refunds) while never actually touching the bitcoins. There is no hot-wallet, meaning funds cannot be lost or stolen from our servers. Keys are generated separately in each user's browser and on the server in a way that prevents the server from ever having all the keys needed to spend the bitcoins. In fact, once the seller accepts a purchase request, the entire transaction can be completed offline by manually exchanging escrow codes with the other party.
This method is trustfree because all the important code is client-side and can be reviewed. Additionally, all the HTTP requests can be examined to ensure there is no sensitive data being passed to the server.
Pros and Cons
The major limitation of this method is that partial refunds from escrow are not possible, the escrow address is winner-take-all fund. Also, the transaction types cannot be very complex.
On the other hand, there's no sending long and confusing blocks of text back and forth to be deciphered and signed. There's no worrying about how to publish your transaction to the bitcoin network, and there's no waiting for confirms. You can load the private key into your wallet (wif) and see the funds immediately.
Usage
So we went ahead and created a basic market place around this escrow system. Making an account is as easy as signing up with an email. The email you sign up with WILL BE SHARED with other site users under certain circumstances. For security reasons, we do not want to handle user communications at this time. We want to focus on providing the most secure marketplace and would encourage you to find alternate channels of communication beyond email if needed.
Every time you create or accept a transaction, you must make an Escrow Transaction Password. This password protects the sensitive bits of the transaction from the server, meaning if you lose it you will have to release the escrow funds to the other party. If both people lose it, the funds in the escrow address will be lost.
Right now we are looking for feedback and have made no decisions about account limits or pricing. Currently the system is 100% free to use. Please let us know your thoughts! If you have any questions, concerns, or ideas just reply to this thread or email [email protected] and I will get back to you asap.
Cross posted to Reddit http://www.reddit.com/r/Bitcoin/comments/20o2uw/an_ark_bitcoin_marketplace_with_trustfree_escrow/
We all know that we should never trust bitcoins to sites with hotwallets, but up until now there has not been a good way to do trades without one. Multi-sig promises to deliver trust-free escrow, but so far it has been difficult to make widely accessible due to wallet fragmentation and a confusing user experience.
After doing some research, I discovered that we could make a much more user-friendly system that is functional today while still achieving trust-free escrow similar to multi-sig. The alternate method we are using is called the Casascius Escrow Scheme and it was invented by Mike Caldwell. You can read about it here: https://en.bitcoin.it/wiki/User:Casascius/Escrow_scheme_draft It is similar to Shamir's secret sharing, but it was specifically designed for escrow. The javascript implementation can be found at www.bitescrow.org (this is what I used).
Using this scheme we are able to perform escrow functions (like refunds) while never actually touching the bitcoins. There is no hot-wallet, meaning funds cannot be lost or stolen from our servers. Keys are generated separately in each user's browser and on the server in a way that prevents the server from ever having all the keys needed to spend the bitcoins. In fact, once the seller accepts a purchase request, the entire transaction can be completed offline by manually exchanging escrow codes with the other party.
This method is trustfree because all the important code is client-side and can be reviewed. Additionally, all the HTTP requests can be examined to ensure there is no sensitive data being passed to the server.
Pros and Cons
The major limitation of this method is that partial refunds from escrow are not possible, the escrow address is winner-take-all fund. Also, the transaction types cannot be very complex.
On the other hand, there's no sending long and confusing blocks of text back and forth to be deciphered and signed. There's no worrying about how to publish your transaction to the bitcoin network, and there's no waiting for confirms. You can load the private key into your wallet (wif) and see the funds immediately.
Usage
So we went ahead and created a basic market place around this escrow system. Making an account is as easy as signing up with an email. The email you sign up with WILL BE SHARED with other site users under certain circumstances. For security reasons, we do not want to handle user communications at this time. We want to focus on providing the most secure marketplace and would encourage you to find alternate channels of communication beyond email if needed.
Every time you create or accept a transaction, you must make an Escrow Transaction Password. This password protects the sensitive bits of the transaction from the server, meaning if you lose it you will have to release the escrow funds to the other party. If both people lose it, the funds in the escrow address will be lost.
Right now we are looking for feedback and have made no decisions about account limits or pricing. Currently the system is 100% free to use. Please let us know your thoughts! If you have any questions, concerns, or ideas just reply to this thread or email [email protected] and I will get back to you asap.
Cross posted to Reddit http://www.reddit.com/r/Bitcoin/comments/20o2uw/an_ark_bitcoin_marketplace_with_trustfree_escrow/
Jump to: