Topic: Anonymous Mail Service (Read 5178 times)

Nice.  I think what I like most about this whole mail service deal is the freelance nature of it.

"Yah have a job?"

"No."

"Yah want one?"

"Yes."

"Gotta car?"

"Yes."

"Well ... there's good money to be made driving from Denver to Cheyenne and back 3 times a day."

The downside is, what happens when some freelance driver who is about to retire from the gig decides to pilfer all the packages.  Perhaps some kind of escrow system could be put in place where in order to drive, one needs to deposit a large amount of Bitcoin into the system.  They can make good money ... but only if they put up $100,000 into the pot...

Wait ... I know.  The driver himself is the insurer.  So suppose the sum total of his delivery for the ride is insured for $100,000.  One can assume that the total contents of the packages will be worth less than $100,000.  So the only driver who can deliver is one who can put that sum, you can almost call it a bond, into escrow.  If the driver fails to deliver or he steals the packages or something, the insured get their money.  If he does deliver, he gets the delivery fee + his $100,000 bond back.  And now he's going to find that when he steals the packages, he loses money.  If everyone insures their stuff for 10% more than the actual value, theft would be non-existent.

Okay, I've been giving this some thought over the last few days and think I may have a workable solution.

Please prepare for another wall of text.

Using a network and protocol similar to Bitcoin, I believe it is possible to have a (somewhat) decentralized, anonymous, transparent and open mail service. (DATOM)

Essentially, DATOM would be built on top of an alt-coin which creates "coins" that represent packages in different states. DATOM coins won't have any value in and of themselves, they will only be traded between DATOM Hubs, senders and recipients, created when package transactions are initiated and discarded once the package reaches its final destination. Anyone will be able to act as a node but there won't be any incentive built in, so, realistically, only Hubs (and possibly some related services) would find it useful to support the network.

Here's how I imagine it might work:

R buys a t-shirt from S online. R agrees to pay shipping from DATOM Hub 1 to DATOM Hub 2.
R generates a public key representing package "SHIRT", the package origin (Hub 1) and the package destination (Hub 2). This key is the "coin" of the DATOM network and, as such, can be generated by R himself if he happens to be running the client, but will more likely be generated by one of the Hubs offering this as a service to their customers. A corresponding private key is generated as well that R will keep private until he needs to present it as proof of ownership of package "SHIRT".
R then logs onto the website belonging to Hub 1, calculating and paying for shipping from Hub 1 to Hub 2. Each Hub will determine their own prices based on size, weight and rates charged by the drivers they utilize.
R sends the QR code representing public key of package "SHIRT" to S, along with the receipt of payment to Hub 1.

S prints out the QR code and affixes it to the package, which he has ready for shipping. S doesn't live near Hub 1, however. S is obfuscating his location. S follows the same steps R did but the originating location will be his local Hub, Hub 3 and the destination Hub will be Hub 1.
S re-packages the shirt inside an outer layer and affixes the appropriate label, including the new QR code.
S drives over to Hub 3 and drops off the package. Before S leaves Hub 3, he pulls out his smartphone and visits a site similar to blockchain.info designed for the DATOM network. After a few seconds, he can see that Hub 3 has scanned the package and broadcast to the network the fact that his packge "ONION" is ready for pickup by a driver headed to Hub 1.

Alice is a freelance driver registered with Hub 3. She picks up all the packages destined for Hub 1 after having her Driver Badge scanned by the operator of Hub 3. Hub 3 broadcasts over the DATOM network that package "ONION" is now en route to Hub 1.

Several hours later, Alice arrives at Hub 1 and waits while the Hub operator scans the incoming packages and broadcasts that they have arrived over the DATOM network. Alice stretches her legs and drinks a cup of coffee while she waits for Hub 3 to acknowledge the deliveries and sends payment to her BTC address.

S has been waiting for the arrival status of package "ONION" to be broadcast. He now contacts Hub 1 with the private key that corresponds to package "ONION" proving ownership and gives instructions to open the package and scan the next code which indicates it is now package "SHIRT" and payment has already been tendered.

Package "SHIRT" follows a similar journey as package "ONION", culminating in its arrival at Hub 2. R receives a text via the service he is subscribed to indicating his package "SHIRT" is ready for pickup.

But R doesn't live near Hub 2! R also wishes to keep his home city from S, so he contacts Hub 2, provides the private key to prove ownership, and instructions and payment to send the package "FINAL" on to Hub 4. The Hub 2 operator prints out a new shipping label and slaps it over the old.

One last time, the package is picked up by a driver, delivered to Hub 4 and, when it arrives, its status is broadcast over the DATOM network so that R may retrieve it.

Incidentally, R would not be able to tell the difference if S simply held on to the package for 24 hours before dropping it off at Hub 1 and vice versa.

Perhaps it could be the sender who determines that, with each hub setting their own fees.  The sender can pay x for 3 hops with 100% delivery ratings, or y for 2 hops with 99% delivery ratings.  Something like that.

After reading Dawn of Autonomous Corporations, Powered by Bitcoin (credit to Ephebus for the link), I'm beginning to wonder if this might be a good candidate for an "autonomous" Bitcoin based business.

The most obvious hurdle I see is making it decentralized. AMS hubs must be able to decrypt an address label, therefore someone must be able to decide who is a hub (authorized to download or utilize the decryption software) and who is merely a customer.

I'm more concerned as to how law enforcement would treat the owner of an AMS hub.

If I'm running a small business and moonlighting as an AMS hub, would I be held responsible for the contents of a package in my possession that has no identifying information other than an QR code with encrypted data? Packages at a FedEx Office location demonstrate at least an attempt by the shipper to identify sender and recipient to each package. Here's how I imagine it might go:

Agent: "This package is full of drugs! You're under arrest for possession with intent to distribute."

Hub operator: "Officer, that package doesn't belong to me. I was simply delivering it the same way the Post Office does."

Agent: "Okay, then tell me who sent it and where it's going."

Hub operator: "That information is in our computer system that suffered an unfortunate crash just a few minutes ago, erasing everything beyond retrieval."

Agent: "How convenient. Well, if you can't tell me who it belongs to, we'll have to assume it's yours. You're under arrest for possession with the intent to distribute."





Ah, it's a decentralized system. I was picturing a single website to generate the payment addresses and create user accounts. So there wouldn't be an overreaching AMS arm to help identify hubs and recruit couriers while taking a cut of hubs' profits? I guess hubs could pay a "franchise fee" to get listed in an AMS directory and place Want Ads for drivers, etc.




Volume is the key.  Realistically, I only have about one customer a month within the state of Texas. Depending on how many bitcoiners were willing to try this, it could take a while to get off the ground. Still not a reason to forego it, just trying to be realistic.





Seems to me potential customers might feel more secure knowing a courier can't run off with their package with no repercussions.

1 - What good would it do?  Even if a drug dog sniffed drugs in a package, they know neither where it came from, nor where it is going.  Perhaps AMS could have an internal policy whereby if a package is found to contain something illicit (even if it is the police who found it) the package is destroyed, so that the police wouldn't be able to track it to its ultimate location.  I suppose the short answer is, the risk is there whether one uses AMS or not.

2 - This one is more interesting.  Remember the limited information on the QR code.  The only thing the sending hub knows is whether or not their postage fee has been paid, the end hub city, and the recipient address.  The only goal when onion routing the package is to merely conceal the fact that the receiving hub is the owner of the recipient address.  You never know when you're at the last box because unless you can sign a message with your own address ... it may be the last box.  Opening it would be just like opening someone else's mail.  Why go through all that when you can just do your leg of the journey.  The cheating hub wouldn't benefit anyway as all the postage is already paid out by the original sender.  Best to just scan, throw in pile, and drive a couple hours to the next hub.

3 - It would depend only on general volume.  Remember, we're not only counting the packages going from San Antonio to Austin, but also from San Antonio to everywhere else that uses Austin as an intermediate hub between San Antonio and itself.  It all starts be become very economical very quickly if there's enough volume to justify 2 or 3 times a day runs.  How many of your Waco customers would pay $4 for same/next day shipping, if only they travel to AMS Waco to pick up their package?

4 - I could envision some system of record keeping, but I haven't really thought too much about that.  It seems like a trivial add-on once the general project is up and running.

I've thought a lot about a bitcoin denominated shipping service, simply because it's such a significant expense for BitBrew and I hate having to convert my BTC earnings to fiat to pay for it. I've thought of a few hurdles that would need to be overcome:

• Establishing "hubs" - AMS locations would have to be public knowledge in order for customers to know where to pick up or drop off their packages. How often do you think DEA or local law enforcement would stop by with drug sniffing dogs? Even if they never found anything, who would voluntarily expose themselves to the possibility that they would?
• Trust - The increased anonymity resulting from shipping through unnecessary nodes requires increased cost to the customer. What's to stop an AMS hub from opening all outer packaging and simply shipping to the final destination after waiting for a few days to simulate shipping time?
• Hitting the ground running - Carrying packages between San Antonio and Austin is relatively inexpensive if you are already making the trip but it's unlikely that AMS would be able to find drivers who do so on a regular basis. To make it profitable, AMS would either have to charge a premium or wait until they had enough packages to make it worthwhile. Either way discourages customers from using this service for "legitimate" reasons.
• Tracking - As someone who uses FedEx regularly, I can tell you one of the greatest benefits to me is the ability for my customers to tell where their package is and how long it will take for them to get it. If a package was lost or damaged en route, how would AMS know? Some records would have to be kept and the customer would just have to trust that they would be destroyed afterward.

Don't get me wrong, I think this is a great idea, these are just some issues that would have to be addressed before it could really take off.

Sure, but for pretty good anonymity, you don't even need 1 layer... you just send out the package.  And it would be expensive if no one participated, but it could become cheap if entrepreneurs opened their own nodes out of their storefronts or something.

Yup this is just tor or mixmaster or whatever you want to call it, the kind of thing where you wrap it up in layers.  This physical version is easy to implement if people are willing to participate.  You just put boxes inside each other.  The trouble is, with the physical implementation, it would get costly quick, because people generally don't work for free, and to do layers, you're effectively mailing it multiple times, so for example to make it worth while to have a 3 node circuit, you have to pay 3 people.

?

Onion router for packages

great idea. unfortunately the government would never let it happen. we can dream though.

Could anybody summarize that to 10 points? So long to read.

But can you instruct FedEx to remail your package without a trace?

And why there are a lot fewer mailboxes than there used to be.

Fedex has many drop off boxes. You can ship already to a pickup location. All they need to add is buy for cash shipping accounts and the verification of user step.

But I don't they there is enough demand to make it worth their while and Government will want to stop it as well.

Hmm. I never thought about it, but your right. The post office does not know the sender either. I guess that is why the anthrax killer got away with it.

I would venture to say no.  Keeping tabs on senders is a costly endeavor that even the post office doesn't take on, as you can see with all the public and unmonitored mailboxes all over the place.

i like the idea, but there is one possible problem. What if I used your service to deliver a bomb to an enemy? Could you find me after I dropped off the package?

You want to send package anonymously to anonymous person.  You create an encrypted shipping label, fund a bitcoin address and drop off at the facility in your city.  Through the network it goes until it reaches a destination city, wherein the anonymous recipient signs a bitcoin address and is able to pick up the package.  For more information, please see the following link ...

https://bitcointalksearch.org/topic/anonymous-mail-service-311976

Sorry I missed it

Wonderful idea