Topic: Atomic cloud storage contracts - feedback requested (Read 345 times)

I've been working on a series of new smart contracts for doing p2p cloud storage that make it so that users can pay to download back their stored files without the host being able to receive payment for delivering back the wrong content. The contracts are all fully atomic - you either get back your original data and the host gets paid for it -- or you don't and you get a full refund.

The person that hosts the contents are also periodically audited through a separate smart contract to ensure that they're still hosting files. If they are -- they are guaranteed payment for it without a third-party -- and if they aren't -- the audit payments are refunded to the person paying for the storage with the results publicly verifiable. If a host fails audits (or fails to provide requested content) - they don't get paid for it, the requester gets a refund, and it then has negative consequences for their long-term reputation / proof-of-stake -- however the bulk of this scheme relies on cryptography and not collateral or reputation for it to be enforceable.

Additionally, the scheme is all pay-as-you go so the host only gets paid for as long as they store content and the file owner only makes payment based on the number of downloads. (So hosts get paid for storing files long-term and each time they have to upload them back when requested. Disk space and bandwidth, basically.)

Let me know what you think. It's quite a long read but there's some fairly new ideas there. Like using zero-knowledge proofs for SHA 256 TXID preimages to sign partial transaction chains, using partial transactions to force someone to reveal private keys, homomorphic encryption based on ECDSA + ElGamel, using Bitcoin double-spends as a kind of random number generator (not exactly but for random audits at least.)

The paper is here: http://roberts.pm/atomic_cloud_storage