Author

Topic: RFC : Trust & Transaction (Read 1641 times)

legendary
Activity: 2506
Merit: 1010
December 11, 2012, 03:07:57 AM
#6
Does anyone else have more?

Coincidentally, Sirius (forum user #2, after Satoshi) began a discussion you might wish to review:
 - https://bitcointalksearch.org/topic/identifiorg-address-book-with-ratings-130137
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 10, 2012, 09:40:32 PM
#5
Read the second half of my original post.  I talk about the need to build true identity in to the WoT.  I agree completely with your statements.
legendary
Activity: 1078
Merit: 1003
December 10, 2012, 06:41:31 PM
#4
In my opinion any of these WoT ideas so far always had an inherent problem - anonymity. If anyone wants to convince me that they really came up with a solution for how to reward the responsible members of the community and effectively deal with the bad apples while allowing for anonymity, they'd first need to convince me that accountability isn't needed when it comes to responsibility and trustworthiness. I think anything else is just pissing in the wind.

If you ask me, YES it sucks that we would prefer to remain anonymous because of the threat to our well-being for simply voluntarily providing a good or a service but I think there is no way to eventually end up with a true WoT without some sort of unique ID, whether it's photo, finger print or maybe even DNA. And although I detest the government issued passport I have to have in order to be allowed to travel around the world, open a bank account, stay at a hotel, buy a house, a car, or anything really valuable (making it practically mandatory), I see absolutely nothing wrong with opt-in voluntary IDs in privately owned and managed databases. And I strongly think that that's the only viable direction we have to start to move in.
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 10, 2012, 06:09:02 PM
#3
I'd like your feedback and input on this idea.

Related:

Bitcoin's Decentralized PKI (Public Key Infrastructure)
 - https://bitcointalksearch.org/topic/bitcoins-decentralized-pki-public-key-infrastructure-91232

Great information, thanks.  hile much of the thread you referenced is about building identity around the transactions, there was some reference to building a disributed web of trust.  The goal of my comments about align with this. 

http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2 

The goal is to provide a trust network so that two traders can reliably interact, and it's less about the transaction.

Thank you for the information.  I'll be researching it.

Does anyone else have more?
legendary
Activity: 2506
Merit: 1010
December 10, 2012, 05:06:37 PM
#2
I'd like your feedback and input on this idea.

Related:

Bitcoin's Decentralized PKI (Public Key Infrastructure)
 - https://bitcointalksearch.org/topic/bitcoins-decentralized-pki-public-key-infrastructure-91232
mjc
hero member
Activity: 588
Merit: 500
Available on Kindle
December 10, 2012, 12:29:17 PM
#1
I'm not sure if there is an official or proper way to do this, but I thought I'd put this out there for conversation and feedback.

It is clear that there has been much fraud and much written about the fraud in the Bitcoin space.  This is certainly not restricted to Bitcoin.  I'm proposing a conversation about how to decrease the likelihood of fraud and to inject a global mechanism that holds true to the decentralized nature of the Bitcoin infrastructure.

There has been some real good work done in this space.  There are varying levels of intrusiveness into peoples personal information.  For instance:

The Web of Trust used by the bitcoin-otc (http://bitcoin-otc.com/trust.php) is a great example of a non-intrusive manner of building trust.  If you have dealt with this network at all you know there a number of people who have a high enough rating (http://bitcoin-otc.com/viewratings.php) that you can trust them enough to send them your money or BTC first and that they will live up to their end of the bargain.  This demonstrates that there are a number of people that want to do legit business.

This system could be abused, and it doesn't identify who a person is, just that they have established an account, GPG key and have shown to be trustworthy in the past.  Some people’s ratings are worth more than others.  If a user assigns trust without much concern then others will trust their assignment of trust less.  Whereas others tightly control who they assign trust to then their assignment of trust is held in higher esteem.

Another group that I found that is trying to build a level of trust is the folks over at BTC Jam (https://btcjam.com).  They have a multi-point system that includes the bitcoin-otc web of trust. 
- allow you to import you WOT rating / handle 
- have a mechanism to tie your handle from this site
- Link to your Face book and linked in accounts
- link to your phone (through SMS verification)

None of these really build identity but they are a start.

BTC Jam also allows a user to provide documentation of identity, credit rating and proof of residence. This will allow them to build a stronger identity relationship.  This means that a user has to be someone, which is important if they wish to remain in the community.  It also means that they cannot simply recreate a new identity if they scam people when using this one.  This identity could also be used should there ever be a collection agency established.

The problem with the BTC Jam method is it is only for BTC Jam.  I say that not trying to harm BTC Jam, I like and use their site and applaud them for moving trust in the community forward.  Although,  I would like to see some statement from them around privacy and where there stand with privacy.  I want to know that they will never share or sell any information they have about person’s identity.  That’s not to say that the fact that someone has been properly identified cannot be sold.

This leads me to what I'd like to discuss.  I think there is a market for a distributed method of trust.  If we take the best of both of these and expand on them I think a system of trust verification could be manufactured that allows a mechanism of trust to be established.  I open this to you because I suspect there are a number of other legit methods of building trust that should or could be considered.

The WOT is a start.  Adding in the Links to social media is good, if others can see them.  This way if I'm investigating someone and I see that their FB and linked in have no social links I can assume it is a fake.  The fact that they have a mobile phone is not very useful, unless it is later used by a collection service. (Another opportunity for discussion, but not here).   This is all easily distributed or built on top of the existing WOT or a new WOT created, once the details are worked out.

The ratings misuse or abuse should be more tightly controlled.  If there was an API that every site could tie into, then the transactions on various sites could be tied to the users WOT account.  As a result a better view of the persons overall trust level could be established.  Also, rather than allowing them to provide a -10 to +10 directly as a number, a question with set parameters should be used that forces people to consider the value they will assign.  This would allow people to build some commonality around their assignment.  This should be a set some generic conditions.  for instance if we were to use and example  form the PGP WOT a +10 would only be granted to someone I knew personally and also were willing to vouch for.  Whereas some are willing to give a +10 for a good trade.  2 or 3 trades should still only be awarded a +1 I my book.  That has to be clearly established.  That could potentially be built into the rating system.  Let the rating be either Good, neutral or Bad.  If a person does a lot of transactions with someone then their rating would go up over time.  Then the WOT real strength would grow.  If alice has a +8 trust level with bob, and bob has a +6 trust level with charlie, and alice and charlie do not know each other, they could assume that there is a level of trust based on the existing trust.

The method of identity verification adds some level of complexity.  It would have to rely on something akin to a certificate authority.  This would add a second level of trust.  The user’s identity verification would have to a factor of the trust of the authority that verifies them.  If this authority is found to hand out verification without much research, then they would be down rated and so would everyone they verified.  A user could also if they wanted to identify with more than one authority.  Users would be able to shop around and look for the one with the best privacy statement, best reputation and security record or plan.

This system should be open to anyone performing transactions with bitcoins, and could potentially be used by anyone for any untrusted relationship.  There should be an API so that interactions could be made from various vendor sites.

I'd like your feedback and input on this idea.  I do not want to own this idea.  I want it to be owned by the community and driven by it.  I think we can establish something that will close one of the gaps that exists not just with Bitcoins but in general on the web.
Jump to: