Author

Topic: Total exchange transparency - linking virtual trades to bitcoin transactions! (Read 1404 times)

hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Any centralized method will have major flaws. There really is no substitute for distributed transaction ledgers. We're unfortunately seeing the results of bad planning and human error when it comes to how some exchanges function. Can't completely engineer that out.

Well the whole point of an exchange is centralisation, thats exactly what a market is, a central place for people to trade.
legendary
Activity: 2408
Merit: 1121
Any centralized method will have major flaws. There really is no substitute for distributed transaction ledgers. We're unfortunately seeing the results of bad planning and human error when it comes to how some exchanges function. Can't completely engineer that out.
legendary
Activity: 1708
Merit: 1020
everyone is free to publish his bitcoin addresses...

?

People can publish their bitcoin addresses on their websites, linked-in and facebook profile pages - thus leaving the realms of anonymity, if that is what you're implying. Although I fail to see how this has anything to do with the issues that are being addressed here.

This is about in-site accountability guys, not feeling free to publish information about me that I wanna share. As stated in my previous post, no additional private information are necessarily getting leaked.

oops, I got it completely wrong.  Roll Eyes

you want to prevent bitcoin laundering at the exchanges by linking the exchange transaction to the block chain transaction?

Is it really worth the effort? There will always be places to launder. I think I would prefer a laundering exchange both buying and selling.



member
Activity: 102
Merit: 10
everyone is free to publish his bitcoin addresses...

?

People can publish their bitcoin addresses on their websites, linked-in and facebook profile pages - thus leaving the realms of anonymity, if that is what you're implying. Although I fail to see how this has anything to do with the issues that are being addressed here.

This is about in-site accountability guys, not feeling free to publish information about me that I wanna share. As stated in my previous post, no additional private information are necessarily getting leaked.
legendary
Activity: 1708
Merit: 1020
everyone is free to publish his bitcoin addresses...
member
Activity: 102
Merit: 10
Hello guys!

Thank you for all the replies so far already.

As mentioned by you before it seems that 2 main issues would have to be addressed here:

1) How can you maintain transparency when storing your bitcoins in offline wallets?

2) Does linking and publishing block chain transactions and internal trade IDs reveal too much private information?

---

The answer to the first question seems actually rather simple:

 - Assign internal fund IDs to all incoming block chain transactions.
 - Store most of your bitcoins in offline wallets, use fractional reserve.
 - If funds change hands while staying inside the system, keep initial fund ID assignments.
 - If some funds leave your system, replace original fund IDs of the original incoming block chain transactions that remain inside the system (due to potentially being stored in offline wallets) with the fund ID of the incoming block chain transaction that are just about to leave your system (whichever bitcoins happen to be available for immediate transfer).

Here a simple example for visualization purposes:

 - User A inputs 100 bitcoins - Funds ID 001 assigned to incoming block chain transaction of those 100 bitcoins, User B inputs 200 bitcoins - Funds ID 002 assigned to incoming block chain transaction of those 200 bitcoins. 200 bitcoins stored in an offline wallet.
 - User A sells bitcoins to user C - Funds IDs don't change, still assigned to the original incoming transactions.
 - User C withdraws bitcoins from your site and the original bitcoins associated to Funds ID 001 happen to be stored in an offline wallet, while some bitcoins associated to Funds ID 002 are not -> reassign Funds IDs, User Bs funds now contain 2 incoming transactions, 100 bitcoins of his original transaction and 100 bitcoins of User A's original transaction.

The same principle could be applied for more complex transaction examples as well. As long as the sum of all incoming transactions >= sum of all outgoing transactions this will be okay.

Perhaps in the future there will even be a merchant bitcoin client/daemon that is able to precisely extract coins out of a "big" wallet based on their incoming block chain transaction IDs and you guys could offer users to receive back precisely their original funds if they were willing to wait a certain time for your system to access the offline wallets and extract those particular bitcoins - if they indeed wish to do so that is. Until then the process described above should do the trick.

---

The second question raised is about user privacy. Assuming a User A transfers 10000 bitcoins to his account - what information would the system now be giving away?

The only 2 additional information other users now have is that they can now link an internal trade to the volume of an initial incoming block chain transaction (or by that time, maybe several incoming block chain transactions if the initial transaction got replaced due to some of User A's original bitcoins being withdrawn from the system), and that they can be assured that such a transaction into the system backing those funds in the trade actually took place.

They cannot be sure that the Trade IDs didn't get switched because those funds got shoved around some offline wallets in between, unless the user wants his original coins back (given the technical option to provide this service). In fact - if user A splits his one big incoming transaction into several smaller transactions, nobody would even be able to tell that user A has that many bitcoins in his account. Thus, full privacy was maintained.

---

I understand this takes some time and efforts to implement, but I really think we will need something like this if we truly want bitcoins to succeed. We simply cannot just rely on the "trust of good community name" standards forever. Bitcoins are and will be what they are mostly because of their mathematically guaranteed properties. Taking these away at the commercial back-end is like not having those guarantees there to begin with. So what's the point?

Perhaps we can come up with a bounty for a project of an open-source business platform that addresses exactly this issue in particular. Not just for those start-ups that exist right now, but for all future bitcoin companies that are still to come. As in: database set-up, linking the bitcoin (merchant) client/daemon to a funds management system which handles the issues mentioned above (and perhaps some more not yet specified) properly.

As stated before, I'm willing to pledge at least 10 bitcoins to this - if not more (considering its importance to help in the progression from bitcoin infancy/childhood to a MUCH more mature state!).

Other surveilance services as perhaps provided by the future Bitcoin Business Bureau and/or others would of course additionally foster bitcoin businesses and transactions as the most secure transactions there are.
hero member
Activity: 602
Merit: 513
GLBSE Support [email protected]
Total wallet transparency is only possible IF bitcoind also keeps track of which account is transfering what bitcoin to another account, it means that any system hooking in with bitcoind (like mtgox's trading system) must have exactly matching records. It also means that it's not possible to have offsite wallet storage.

Currently this is how GLBSE works, we use our accounting system AND bitcoind to keep track, and we could trivially provide said transparency, however there is a cost.

1)It would require us to have 100% bitcoin on system, i.e. in one wallet.
2)It removes privacy of users, meaning it would be possible not just for users to track where their bitcoin comes and goes from, but everyone else too.

We're in the process of moving away from the above system because it causes needless complications, is a major security risk, and removes our users privacy.

There are other methods to achieve the result you are looking for, and that's auditing, having bitcoin audits by trusted members of the community.

Nefario.
legendary
Activity: 1102
Merit: 1014
Hello,

This thread was linked from our thread on our launch of free two-factor authentication: https://bitcointalksearch.org/topic/free-instant-two-factor-authentication-now-available-at-exchb-33926

I can see how total wallet transparency would be desirable to some but of course there are trade-offs. For example, there's another thread here: https://bitcointalksearch.org/topic/open-letter-to-online-exchanges-and-wallets-store-coins-offline-34011 asking exchanges to about security policies in terms of holding BTC offline. Holding BTC offline while enabling total wallet transparency is a complex problem.

That being said, I'm constantly inspired by the ideas and products that spring from the Bitcoin community. I wouldn't be surprised if near-future developments allow a user to be able to verify their balance while still enabling an exchange or wallet service to partition the threat of loss. Will ExchB come up with it? That's hard to say but I appreciate the concern and look forward to further comments and proposals on the issue.

Thank you,

David Sterry (weex)
President, ExchB
member
Activity: 102
Merit: 10
...

We'll be opening our ideas up for public discussion on Friday, as well as an extremely limited private beta!

Looking forward to learn more about what kind of service you will be providing to the community and maybe also participating in testing out your beta.
sr. member
Activity: 322
Merit: 251
I've been hard at work the last month on something you'll probably find very interesting, the Bitcoin Business Bureau. I assure you, it is indeed different than the several attempts at establishing a layer of trust on top of the anonymous transaction network that Bitcoin gives us. It also conforms to the community and anonymous aspects of the Bitcoin project itself. Our server counts as a "centralized" data source, however our data will be available for public analysis/consumption.

We'll be opening our ideas up for public discussion on Friday, as well as an extremely limited private beta!
member
Activity: 102
Merit: 10
Hi guys.

I have already mentioned this issue in the official MtGox IRC channel but would also like to bring this to the attention of the greater community in general as well.

I find it mildly astounding that while we are all using a transaction network which is based on total transparency as one of its greatest assets in its very foundation, people are conveniently willing to give up on this very right (yes, I think it is my right to know where my bitcoins are coming from) by exchanging their bucks in open exchanges for potentially unaccounted for bitcoins.

Considering all the bad news about bitcoin lately, I think it would be in the best interest for overall bitcoin legitimacy to make use of the network's already existing transparency and link all virtual trades to actual bitcoin transactions.

Not only would this help track down stolen coins more easily, but it would also ease many people's minds and concerns as to where exactly those 10s of thousands of bitcoins come from that get poured into the markets on a daily basis.

I think this needs to be addressed somehow and has to be implemented in one form or the other - as such I'm even willing to pledge 10BTC for its development so people start taking this issue more seriously. Perhaps other people are willing to commit to this issue as well, but generally I think this actually has to happen with or without any pledges (especially if it can be established as some form of standard for any legitimate bitcoin business that works with virtual, non-directly bitcoin backed user accounts).

Perhaps we can get some MtGox, Tradehill and Camp BX (non-exclusive list!) officials to post their stance on this issue.

Thanks for reading, now fire away! Grin

edit: I am mostly referring to internal exchange sites transparency, as in I purchase 10 bitcoins on MtGox and get a transaction ID which I can then trace back to a verified previous transaction in the bitcoin chain as an additional way to verify the legitimacy of said purchase without having to wait until the coins are actually being cashed out!
Jump to: