Topic: [BETA TESTING] crowex.com (Read 643 times)

It would be more interesting languages, get more people , greetings 

This is just crazy talk   

 Yes, maybe I will post in the technical section for anyone interested in discussing security aspects.

 The techniques we use are all standard cryptographic techniques. ECDH, DLP (Discrete Logarithm Problem) and secure hashing functions for anyone who wants to google, and we have tested everything as thoroughly as we can without a problem, which is why we’re putting it out there for further testing.

The website is designed to fulfil a few different functions and you can pick and choose which you use.

 FIRSTLY It is an easy way to negotiate agreements, with a simple interface. It has all of the functionality that you would use in an everyday negotiation, such as the ability to withdraw offers and the ability to negotiate amendments to the original contract. There is a discussion box for each contract so you can have a live discussion while you draft the agreement. If it goes into dispute the arbitrator can join the discussion. Multi-signature isn’t very effective if you don’t know what you’re signing or agreeing to!
 
 (if you want to test the site and don’t know someone with another user name to try a dummy contract with, then you can just register two user names and use two different browsers, say Safari and Chrome, to try negotiating a contract with yourself to demonstrate the functionality)


 SECONDLY, It aims to be a marketplace for arbitrators. A place where you can find independent third parties in case there is any problem with a transaction. At the moment there are no restrictions on who can become an arbitrator so you have to satisfy yourself of their independence and authenticity.


 THIRDLY, we have the built in system for creating a crowex address that can be used for the transaction. This system handles all of the cryptographic operations and everything can be done offline for extra security.

 If for any reason you don’t want to use the crowex address, then you could just use the website to negotiate a contract and choose an arbitrator and use your own multi-sig wallets for the payments. Similarly a traditional escrow service that actually holds the funds could still become an arbitrator on our site and customers of that service could still use the site to make their agreements and interact with the traditional escrow service.
 

Interesting, I assume you have tested this somewhat? I would speak to a few of the core devs to verify this is safe/secure

no, we don't have any access the funds, it works in a similar way to multisig.
it's based on this:

https://en.bitcoin.it/wiki/User:Casascius/Escrow_scheme_draft

there's some more technical stuff here,

https://www.crowex.com/static/digconapp/crowex_protocol.pdf

Basically an ECDSA public key is created and there are three partial keys. Any two of these can be put together to construct the private key, so the effect is pretty much the same as a 2 of 3 multisig.

Not sure any of what you said makes sense. If it isnt a multisig wallet then you can just run off with the funds.

 With this method the crowex address is sort of like a stealth address, so the address isn’t known to the server (or arbitrator) and is only revealed if there is a dispute. Nobody even knows the address is a form of multi signature address, it looks like a normal bitcoin address.
 Because we use the ECDSA points we can integrate hundreds of virtual currencies that don’t necessarily have the bitcoin infrastructure and could benefit from a simple escrow service.
 We wanted it to be useful for wallets that don’t support multi-signature.
 Also, because we have tried to create a really simple interface between the parties and the arbitrator (just press a button to release the funds etc.) this is slightly simpler to implement than constructing the transactions and signing them and, at the same time, keeping things simple.
 
 If people like the interface and the website and there’s a demand then it would not be overly difficult to adapt it to multi-signature because both methods rely on a public key from each of the parties involved.

Maybe Im missing something, but why not just use multi-signature

hi,
  We are looking for beta testers for our escrow (or crowex) website.

www.crowex.com

THIS IS BETA TESTING.

We don’t make any guarantees so, for the moment, please use this with nominal amounts.
More information in the resources section.
For best results use use an up to date version of Chrome.
Each contract is specific to the browser and device that it is initiated with.

Any feedback is appreciated.

Thanks!