Author

Topic: Working on an idea for simple web-based alternative to bitcoin-otc web of trust (Read 2789 times)

legendary
Activity: 1498
Merit: 1000
About time for me to unwatch the thread - best of luck OP and PM for further discussion if interested.

Goodbye Grandpa LOL Maybe you should look up being mature next time cause you clearly not that yet your triple our age LOL
legendary
Activity: 1498
Merit: 1000
Maybe you should look up trolling.

^^^^^^^^^^^^^^^^^^^^  Why? When you've just showed us all a perfect example right there.

LMAO if you think I am trolling then you clearly have no idea what trolling is... and your being super mature when you do that Wink LMAO
newbie
Activity: 44
Merit: 0
About time for me to unwatch the thread - best of luck OP and PM for further discussion if interested.


Sorry to see you go, and thanks so much for your input! I'll PM you when I'm a bit further along.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
About time for me to unwatch the thread - best of luck OP and PM for further discussion if interested.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Maybe you should look up trolling.

^^^^^^^^^^^^^^^^^^^^  Why? When you've just showed us all a perfect example right there.
newbie
Activity: 44
Merit: 0
at least on the plus side, it would be nice to have a range (similar to the 5 star system).

I understand but IMO that just makes it easier to *game* the system (i.e. getting 10 +5 *fake* ratings is certainly going to be easier than getting 50 +1 *fake* ratings - I have the same problem with the "skill points" system I have implemented in CIYAM Open and am now thinking of changing it for just this reason).


Regarding the issue of scoring — my untested instinct is that flexibility in the scoring will be useful to users. There are plenty of types of highly structured or very simple trades that I can imagine where -1/0/+1 scoring would be totally appropriate. But for other types of trades that have multiple elements of trust (do I trust this person's ability to deliver on time? to deliver to spec? to communicate clearly? to be courteous in interactions?), more flexible scoring could allow for more nuanced interpretation.

If the protocol can support both, I imagine it will allow more widespread usage than if it rigidly supports a single scoring methodology.

This doesn't prevent any specific user or community — say CIYAM Open's community — from only considering +1/0/-1 scores for the purposes of its own, community-specific trust criteria.

Another untested instinct I have is that interpreting the trust data in the blockchain should be considered a separate process from getting that data into the blockchain (I put something to this effect in the FAQ section on my pitch). For users concerned about specific patterns of scoring that "game the system" (like your example of getting 10 +5 fake ratings versus 50 +1 fake ratings), those users can define what types of scoring data carry weight for their personal decision-making. Scoring histories that are acceptably trustworthy to some users might not be trustworthy to others. I think users should be expected to consider what algorithm/criteria they use to interpret the trust data; it keeps them responsible, rather than encouraging blind trust in a single number.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I think you need to check the definition of a protocol, this is uniform way of doing trust at best.

As far I can see the OP is about creating a send of standard conforming tx's over the Bitcoin protocol that can be used to define a WoT system - if you have something other than terminology disputes or arguments about how easy GPG is or isn't to use that would be helpful to this thread otherwise your input is just coming across as trolling (if you think people should just use Bitcoin-OTC you are entitled to that opinion and I think you've already made that point here so can we keep OT please?).
newbie
Activity: 44
Merit: 0
But there is not a protocol...

Correct. I haven't yet written a detailed protocol specification. Just to reiterate: this thread is for the purpose of brainstorming an idea with the benefit of other Bitcoin users' and developers' feedback. My goal in this thread is to gain insight that can help me start experimenting with some different protocol specifications.

So you just hoping people will recognized this as uniformed way of doing trust.

No, I don't expect lots of people to simply recognize and adhere to a new standard for scoring trust. I do hope, however, that in time I can build a proof of concept, gather a few alpha users, etc., and then try to grow it from there.

I really think this needs more time to be thought out, I think your jumping in with two feet, but it takes a lot of time to develop these things.

Agreed. Again, this idea is currently in the early concept phase. Version 0.01. Or 0.00000001, if you prefer ;-)
legendary
Activity: 1498
Merit: 1000
GPG is already too easy how much more easier do you want it?

i know you're not serious. you couldn't possibly be serious.

Very serious LOL 100% serious, I don't know what software you were using but honestly I know about 10 people non-techies that use gpg no problems.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
at least on the plus side, it would be nice to have a range (similar to the 5 star system).

I understand but IMO that just makes it easier to *game* the system (i.e. getting 10 +5 *fake* ratings is certainly going to be easier than getting 50 +1 *fake* ratings - I have the same problem with the "skill points" system I have implemented in CIYAM Open and am now thinking of changing it for just this reason).
full member
Activity: 211
Merit: 100
"Living the Kewl Life"
1) rather than ratings between -10 and +10 why not just keep it minimal so: -1 (failed), 0 (resolved) or +1 (succeeded)

at least on the plus side, it would be nice to have a range (similar to the 5 star system).

Ideally, I'd like to see the AudenX.com website develop into a showcase of how such an open protocol can work, and of how easy to use it could be.

the problem as i see it is that this should really be integrated into the CLIENTS. so unless you plan on offering your own client, what you are currently suggesting sounds to me like a new proprietary protocol that you want the currently OPEN clients to adopt. i don't want to in any way discourage you from what you're doing, its just that i'm just starting to see the trends in bitcion and they all seem to move towards OPEN / DECENTRALIZED protocols.

i'm currently working on a fork of bitcoinjs, which comes with its own web-based client -- similar to blockchain.info's mywallet. i'd love the idea of integrating a blockchain wot into this client.

GPG is already too easy how much more easier do you want it?

i know you're not serious. you couldn't possibly be serious.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
A couple of things I'd like to suggest:

1) rather than ratings between -10 and +10 why not just keep it minimal so: -1 (failed), 0 (resolved) or +1 (succeeded)

2) reserve the entire 8 digits of each protocol tx so that the protocol can be extended

and of course it would be advised to *formalise* the protocol *before* starting up the service.

Apart from rating specific transactions for services or goods it would be useful to have *special* ratings for things like GPG identity and perhaps even other *real identity verifications* that could useful for services such as loans.
legendary
Activity: 1498
Merit: 1000
The way I see it, as soon as the idea catches on there will be at least a dozen audenx trust networks maybe using the same protocol, maybe not.  Don't you think it would be best to start with an OPEN protocol (as in NOT tied to any specific address)?

Yes!

Ideally, I'd like to see the AudenX.com website develop into a showcase of how such an open protocol can work, and of how easy to use it could be. Whether the protocol that ultimately emerges requires users to send outputs to a certain address or not, I imagine there will still be a place in that ecosystem where users will need products (web, mobile, etc.) that give them easy interfaces to the trust info on blockchain. Long-term, I'm hoping AudenX can offer products like that. Near-term, AudenX could just be a testing ground to get the wheels turning in peoples' heads. There are already a ton of ideas I have that presuppose the existence of this trust data — but the protocol needs to exist first, and I need to find a group of people interested in using it.

But there is not a protocol... So you just hoping people will recognized this as uniformed way of doing trust. I really think this needs more time to be thought out, I think your jumping in with two feet, but it takes a lot of time to develop these things.
newbie
Activity: 44
Merit: 0
The way I see it, as soon as the idea catches on there will be at least a dozen audenx trust networks maybe using the same protocol, maybe not.  Don't you think it would be best to start with an OPEN protocol (as in NOT tied to any specific address)?

Yes!

Ideally, I'd like to see the AudenX.com website develop into a showcase of how such an open protocol can work, and of how easy to use it could be. Whether the protocol that ultimately emerges requires users to send outputs to a certain address or not, I imagine there will still be a place in that ecosystem where users will need products (web, mobile, etc.) that give them easy interfaces to the trust info on blockchain. Long-term, I'm hoping AudenX can offer products like that. Near-term, AudenX could just be a testing ground to get the wheels turning in peoples' heads. There are already a ton of ideas I have that presuppose the existence of this trust data — but the protocol needs to exist first, and I need to find a group of people interested in using it.
legendary
Activity: 1498
Merit: 1000
Well that is true, but they will figure it out that it will be more and more important as there bitcoin career goes on.

GPG is not necessarily TOO hard, but it is certainly and without question the HARDEST form of authentication to adopt.  I recently joined the WoT and was pleasantly surpised to see it using GPG. This allowed me to renew some very old keys, update my passwords and generally update myself on the state of the technology. But I was very disappointed to say the least at how difficult it was to get everything working properly (invalidating old keys, updating the public repos, etc).  I was even more disappointed by how difficult it is to get verified on IRC (at one point I just quit and had to restart the next day).

The only way I can see a non-geek making this work successfully is if you literally "hold their hand and move their fingers for them", then write auth "scripts" that they can use on IRC. I get a little turned off when people suggest that its sooo EASY as if anyone who can't figure it out on their own is an idiot.

I'm totally in favor of both GPG and 2-factor auth.  I'd say that Google Authenticator (free and open source on most platforms) finally made 2FA possible for everyone.  Someone needs to do the same thing for GPG.
--------------------

Moving on, I really like this idea of blockchain trust, but I'd never support a system that was centralized (the same way bitcoin-otc is now) to one organization.  Most of the projects that I'm looking into and working on now are trying to decentralize a centralized service and I think this is the right direction moving forward.

The way I see it, as soon as the idea catches on there will be at least a dozen audenx trust networks maybe using the same protocol, maybe not.  Don't you think it would be best to start with an OPEN protocol (as in NOT tied to any specific address)?

Wait you know how to use GPG and you couldn't use IRC and GPG at the same time, with gribble, then obviously you never knew how to use GPG in the first place LMAO If you know GPG then gribble is a piece of cake probably even easier.

GPG is already too easy how much more easier do you want it? Like you said do you want someone to move the mouse for you that is the only way it will get easier.

Actually there are two people that are non-geeky ident on OTC Wink so yeah I guess they know magic or something.
full member
Activity: 211
Merit: 100
"Living the Kewl Life"
Well that is true, but they will figure it out that it will be more and more important as there bitcoin career goes on.

GPG is not necessarily TOO hard, but it is certainly and without question the HARDEST form of authentication to adopt.  I recently joined the WoT and was pleasantly surpised to see it using GPG. This allowed me to renew some very old keys, update my passwords and generally update myself on the state of the technology. But I was very disappointed to say the least at how difficult it was to get everything working properly (invalidating old keys, updating the public repos, etc).  I was even more disappointed by how difficult it is to get verified on IRC (at one point I just quit and had to restart the next day).

The only way I can see a non-geek making this work successfully is if you literally "hold their hand and move their fingers for them", then write auth "scripts" that they can use on IRC. I get a little turned off when people suggest that its sooo EASY as if anyone who can't figure it out on their own is an idiot.

I'm totally in favor of both GPG and 2-factor auth.  I'd say that Google Authenticator (free and open source on most platforms) finally made 2FA possible for everyone.  Someone needs to do the same thing for GPG.
--------------------

Moving on, I really like this idea of blockchain trust, but I'd never support a system that was centralized (the same way bitcoin-otc is now) to one organization.  Most of the projects that I'm looking into and working on now are trying to decentralize a centralized service and I think this is the right direction moving forward.

The way I see it, as soon as the idea catches on there will be at least a dozen audenx trust networks maybe using the same protocol, maybe not.  Don't you think it would be best to start with an OPEN protocol (as in NOT tied to any specific address)?
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Well that is true, but they will figure it out that it will be more and more important as there bitcoin career goes on.

Even worse - these people want to be paid via PayPal !!!
legendary
Activity: 1498
Merit: 1000
Also If they are giving up that means they are probably frustrated and sometimes it is the teacher that can cause that.

Sure - although they never even got as far as asking for help (basically just complained that they don't want to use GPG and would only join if it they could use their "Google" or "Facebook" accounts to login).

(a bit hard to teach someone that doesn't want to even learn)

Cheesy

Well that is true, but they will figure it out that it will be more and more important as there bitcoin career goes on.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Also If they are giving up that means they are probably frustrated and sometimes it is the teacher that can cause that.

Sure - although they never even got as far as asking for help (basically just complained that they don't want to use GPG and would only join if it they could use their "Google" or "Facebook" accounts to login).

(a bit hard to teach someone that doesn't want to even learn)

Cheesy
legendary
Activity: 1498
Merit: 1000
I have yet to see that, really.

And I have already had several people simply *give up* on joining CIYAM Open due to GPG - really!

(perhaps I should refer any future such people to you to get them somehow magically converted?)

It isn't magic, I just know how to teach GPG, which includes pointing them to software that will make it easy, what they will need to know in the command line. I really don't understand how they gave up GPG isn't a hard thing to learn to just use.

I actually taught a person IRC and GPG for bitcoin-otc and they gave up trying on their own, after I explain and held there hand showing them and explain exactly what they need to know, how to use it and what references will be a great deal of wealth to them.

Also If they are giving up that means they are probably frustrated and sometimes it is the teacher that can cause that.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I have yet to see that, really.

And I have already had several people simply *give up* on joining CIYAM Open due to GPG - really!

(perhaps I should refer any future such people to you to get them somehow magically converted?)
legendary
Activity: 1498
Merit: 1000
I don't think that the GPG software is particularly hard to use myself (compared to say configuring Email apps years ago) - but people just "don't want to bother with it" is the *real* problem (especially non-geeks).

I have yet to see that, really. I think a lot of people don't want to learn the "magic" behind it so they can understand what is exactly happening. But as gpg and bitcoin address signing and verifying are becoming more popular for contracts and GPG keys I am pretty sure if you sign it, are legal contracts so yeah, they aren't going anywhere. People better learn or be left in the dust.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I don't think that the GPG software is particularly hard to use myself (compared to say configuring Email apps years ago) - but people just "don't want to bother with it" is the *real* problem (especially non-geeks).
legendary
Activity: 1498
Merit: 1000
...I want to meet these people that can't use GPG keys I have taught maybe ~10 to ~15 that have that are not geeks by any means and they caught on quickly so may it was the way you were teaching them. IRC is just as easy as AOL IM today. ...
Sorry, gweedo, but you lost me with that remark. You might as well say that Linux is as easy for a customer to learn as Windows or Android.

LMAO considering that Android is linux based I would say it is easy, also have you ever installed Ubuntu it is insanely easy. IRC isn't just for the geeky of the geeks, actually most IRC are really user friendly. GPG keys the concept maybe tough, but the software again makes it very easy to use. I really don't see how these things are hard for people now of days.
full member
Activity: 198
Merit: 100
...I want to meet these people that can't use GPG keys I have taught maybe ~10 to ~15 that have that are not geeks by any means and they caught on quickly so may it was the way you were teaching them. IRC is just as easy as AOL IM today. ...
Sorry, gweedo, but you lost me with that remark. You might as well say that Linux is as easy for a nontechnical customer (like my grandmother) to learn as Windows or Android.
newbie
Activity: 44
Merit: 0
I updated the website with v0.02 of the pitch. Based on CIYAM Open's and dscotese's feedback, the system now requires fewer transactions for scoring, reduces potential fees, and eliminates the need for the one-off "scorecard" address described in v0.01. I also added some initial FAQs (not comprehensive, but it's a start) based on a lot of gweedo's questions and comments.

Thanks for your help so far. I'm hoping to keep improving. I think next I'll write down my thoughts on the specifics of how the outputs might be structured. (Specifically, I'm thinking about what numbers to use to indicate the opening transaction so AudenX knows which of the two score numbers represents the scoring scale and which represents the final score.)
newbie
Activity: 44
Merit: 0
This system is so fail, now your making it so hard for people to get trust unless they trade to addresses you deemed trustworthy [...]

Just to be clear, "addresses you deemed trustworthy" means addresses the user deems trustworthy — not addresses that any centralized entity decided are trustworthy. Deciding how to interpret the data generated using the AudenX pattern is a choice each user gets to make for herself.

And, as I mentioned above, there is always this chicken-and-the-egg problem when you're first starting out, regardless of the network. When you're starting a business, you have to attract that first client somehow, then leverage that client's experience into referrals. When you start your career, you have to land that first job, then use that work history to land future jobs. Any trading network that's worth joining — that has trustworthy trading partners in it — should require some effort on the part of the new user who wants to participate.

so you described two different systems can you choose one.

The system I'm describing requires two parts, though, and each needs the other in order to be useful. 1.) Users need data about mutually-agreed-upon transactions that actually occurred, and 2.) users also need a way to interpret that data to help them decide whether to trade with someone. The "signaling" concept deals with 1, and the "trust algorithm" concept deals with 2.

write a clear specification and repost it.

Right, that's the goal. And this thread is for collecting feedback and ideas that will help make that specification clearer and better.
legendary
Activity: 1498
Merit: 1000
your not even attempting to stop scammers take a week build up rep with a few addresses.

It's up to you to decide if it's worth taking a risk on another user with a 1-week history, especially if that new users hasn't done any verified trades with anyone you trust. So while the signaling pattern itself doesn't stop fraud, your chosen trust algorithm can stop fraud, if that algorithm is chosen intelligently.

This is what I mean when I use the phrase "trust algorithm": it's the criteria you choose to interpret the scoring data on the blockchain. Choosing those criteria wisely — choosing a good trust algorithm — is what makes the system useful to any individual user. Designing intelligent algorithms can be done by users, or by third parties focused on studying the blockchain more methodically.

Also you keep saying trying to diminish scam as your history of a transaction grows, that doesn't work, we need a system, that blocks fraud users, from gain any rep and your systems habors that fraud which can't be rolled to any other address the scammer can use. I think you need to re-think this, otherwise it will fail.

Perhaps I'm not using a clear enough example. A scammer could spend a decade creating "fake" trust scores between thousands of "fake" identities so that the scammer might seem at first glance to have a lot of trustworthiness. But if I'm looking at that scammer's address through the lens of my trust algorithm and see that zero of that scammer's transactions have been with users that I know and trust, and no users that are 2nd- or 3rd-degree trading partners with people I know and trust, then that's enough information that I could easily choose not to do business with that person. I could even decide that I won't do business with another user unless 10%, 15%, 90% of their transactions have been with people I already trust. That's the power of the social graph.

This is why I don't propose even trying to lock scammers out of participating in the system. I'm describing an open system for rating satisfaction with transactions that anyone is free to use in whatever way they see fit. The power of the system is that each user can decide how to interpret the rating data for the purpose of guiding their own transaction decisions.

This system is so fail, now your making it so hard for people to get trust unless they trade to addresses you deemed trustworthy, so you described two different systems can you choose one, write a clear specification and repost it.
newbie
Activity: 44
Merit: 0
your not even attempting to stop scammers take a week build up rep with a few addresses.

It's up to you to decide if it's worth taking a risk on another user with a 1-week history, especially if that new users hasn't done any verified trades with anyone you trust. So while the signaling pattern itself doesn't stop fraud, your chosen trust algorithm can stop fraud, if that algorithm is chosen intelligently.

This is what I mean when I use the phrase "trust algorithm": it's the criteria you choose to interpret the scoring data on the blockchain. Choosing those criteria wisely — choosing a good trust algorithm — is what makes the system useful to any individual user. Designing intelligent algorithms can be done by users, or by third parties focused on studying the blockchain more methodically.

Also you keep saying trying to diminish scam as your history of a transaction grows, that doesn't work, we need a system, that blocks fraud users, from gain any rep and your systems habors that fraud which can't be rolled to any other address the scammer can use. I think you need to re-think this, otherwise it will fail.

Perhaps I'm not using a clear enough example. A scammer could spend a decade creating "fake" trust scores between thousands of "fake" identities so that the scammer might seem at first glance to have a lot of trustworthiness. But if I'm looking at that scammer's address through the lens of my trust algorithm and see that zero of that scammer's transactions have been with users that I know and trust, and no users that are 2nd- or 3rd-degree trading partners with people I know and trust, then that's enough information that I could easily choose not to do business with that person. I could even decide that I won't do business with another user unless 10%, 15%, 90% of their transactions have been with people I already trust. That's the power of the social graph.

This is why I don't propose even trying to lock scammers out of participating in the system. I'm describing an open system for rating satisfaction with transactions that anyone is free to use in whatever way they see fit. The power of the system is that each user can decide how to interpret the rating data for the purpose of guiding their own transaction decisions.
legendary
Activity: 1498
Merit: 1000

I'm not trying to create a system that's impossible to game

Right there you have already lost so many people cause we need a system you can't game. I think it is back to the drawing board.


Maybe we have a philosophical difference here.

The way I see it, trusting someone inherently requires taking a risk, because even a perfect and complete representation of a party's behavior in previous transactions can never ensure that they will behave the same way in the future.

Even with your hypothetical trust-rating system that's impossible to game, a person who has always behaved honorably in the past can choose to forfeit their reputation by scamming someone. So even if such a system were possible to build, even if that system were perfect from an identity-verification standpoint, it could never eliminate all fraud.

All human interaction entails risk. If humans had waited for a 100% foolproof method to ensure that they'd never get hurt in their interactions with other humans, there would have been no human interaction to date. Instead, humans take the risk of interacting, and the smart humans decide which interactions are worth the risk using a number of indicators that help to predict another person's future behavior.

Therefore, it seems to me that an easy-to-use system that helps build trust, even if it's imperfect, will still be a useful tool for parties who want to conduct honest trade.

I reiterate my point here that my goal is to create a system where the incentive to scam diminishes as your history of honest transactions grows. It's like the hypothesis in Satoshi's white paper about what happens in the event that someone accumulates > 51% hashing power: at that point, the incentive to behave honorably and keep the market functioning would, for someone acting in their financial self-interest, be higher than the potential gain from defrauding the Bitcoin community and driving users away in fear.

Your talking about an extreme case and where those happen, they can't be weeded thru, but your not even attempting to stop scammers take a week build up rep with a few addresses. Then bam your getting scammed. So I am not talking about 100% fraud but 85%-95% fraud stopped. With your system that is like 0% -maybe if lucky 5%. That is horrible! See your trying to create a "easy-to-system" stop with that, create a system that stops fraud and is hard to game, then build an easy to use system on top that is what you should be trying to do. Also you keep saying trying to diminish scam as your history of a transaction grows, that doesn't work, we need a system, that blocks fraud users, from gain any rep and your systems habors that fraud which can't be rolled to any other address the scammer can use. I think you need to re-think this, otherwise it will fail.
newbie
Activity: 44
Merit: 0

I'm not trying to create a system that's impossible to game

Right there you have already lost so many people cause we need a system you can't game. I think it is back to the drawing board.


Maybe we have a philosophical difference here.

The way I see it, trusting someone inherently requires taking a risk, because even a perfect and complete representation of a party's behavior in previous transactions can never ensure that they will behave the same way in the future.

Even with your hypothetical trust-rating system that's impossible to game, a person who has always behaved honorably in the past can choose to forfeit their reputation by scamming someone. So even if such a system were possible to build, even if that system were perfect from an identity-verification standpoint, it could never eliminate all fraud.

All human interaction entails risk. If humans had waited for a 100% foolproof method to ensure that they'd never get hurt in their interactions with other humans, there would have been no human interaction to date. Instead, humans take the risk of interacting, and the smart humans decide which interactions are worth the risk using a number of indicators that help to predict another person's future behavior.

Therefore, it seems to me that an easy-to-use system that helps build trust, even if it's imperfect, will still be a useful tool for parties who want to conduct honest trade.

I reiterate my point here that my goal is to create a system where the incentive to scam diminishes as your history of honest transactions grows. It's like the hypothesis in Satoshi's white paper about what happens in the event that someone accumulates > 51% hashing power: at that point, the incentive to behave honorably and keep the market functioning would, for someone acting in their financial self-interest, be higher than the potential gain from defrauding the Bitcoin community and driving users away in fear.
legendary
Activity: 1498
Merit: 1000
Honestly tell me how hard is IRC and gpg keys?

I have already had at least half the people interested simply *give up* on signing up to CIYAM Open because it currently requires GPG (hint - it won't be a requirement soon because I actually do *want* people to join up rather than attack them for not knowing how to use GPG).

Add IRC to the mix and you have created a system that only *geeks* can use (seriously some Bitcointalk people ought to get out into the *real* world at least once a year or so).

As for scammers I think you'll find that pirateat40 had a *very* good OTC reputation. Cheesy

I think pirateat40 was an extreme case. I want to meet these people that can't use GPG keys I have taught maybe ~10 to ~15 that have that are not geeks by any means and they caught on quickly so may it was the way you were teaching them. IRC is just as easy as AOL IM today. You can run IRC client inside of chrome so yeah. I think your very wrong about calling it hard, maybe you can't explain it in simple terms.

I'm not trying to create a system that's impossible to game

Right there you have already lost so many people cause we need a system you can't game. I think it is back to the drawing board.


newbie
Activity: 44
Merit: 0
A couple things, I am paying you for trust. Why?

Fair question.

I'm not sure if your phrase "paying you for trust" means that "Alice is paying AudenX for trust" or "Alice is paying Bob for trust". Perhaps you mean both. Either way, the idea is not that people are paying "for trust", but rather to incorporate data into normal blockchain transactions that adds a layer of meaning that indicates trust/satisfaction. The amounts involved in this signaling can be trivially small — far smaller than what would constitute meaningful payment amounts — and you could even incorporate the signal into some part of the transaction that isn't an output value.

The idea is not to create a way for someone to "buy" credibility. Credible trust would have to be built up over the course of many transactions. You can't just pay 1,000 BTC to AudenX to get an awesome trust score.

What the difference in me making a thread on here saying "Alice and Bob had a smooth transaction".

The difference between using the blockchain and you making a forum thread that says "Alice and Bob had a smooth transaction" is that we can verify that transactions on the blockchain actually occurred between Alice and Bob's addresses, and (most likely, unless their wallets were compromised) that those transactions were voluntarily entered into by Alice and Bob.

You could of course watch the Blockchain for transactions that match the AudenX pattern and then report them on a forum thread, but the transactions would actually have to be created by Alice and Bob before you could report them on the thread.

I can't rate someone in the negative that isn't good, now I just had a transaction which I lost money and now I have to send you something to rate this person kinda like salt on the wounds.

No, this is incorrect. There are lots of ways we could choose to signal negative experiences. For example, if we standardized around a system where "scoring" values were 1 Satoshi at the low end and 20 Satoshis on the high end, a final rating of 1 from Alice to Bob could indicate that Alice is totally dissatisfied with the transaction.

However, the scale that I was suggesting in my original posting would allow participants to arbitrarily choose the number that means "satisfied". Alice could initiate a transaction with a baseline score of 13, and if she decided to award Bob a final score of 14, that would be like saying "satisfied + 7%" — basically meaning Bob went above and beyond the call of duty. Or she could award a score of 1 to Bob, which basically means he was awful.

I think I've read somewhere that you can have output amounts that are 0, so if that's actually possible I guess Alice could use 0 as a value to indicate that she was totally scammed.

In any event, regardless of the rating scale used, if you pick a standard way to interpret the numbers, then you can have a rating system that's as granular as you want, with both positive and negative ratings possible.

What about a scammer, how does he not make many profiles on your site to boost up his rating? I mean spending .01 to boost up ratings and sending 50btcs around to make your system think there is transactions happening?

There is nothing to stop a scammer from creating many Bitcoin addresses and using them to build up the appearance of trustworthiness. This is true on bitcoin-otc as well.

Also, just to be clear, you wouldn't be creating "profiles on my site". The "identity" of someone on AudenX is simply a Bitcoin address. You could generate that address however you like.

Similar to bitcoin-otc, you can see that the AudenX scoring system would allow you to create your own sort of personal "trust algorithm" based on your trading network, so that you value apparent trustworthiness in a stranger more highly if they've already received a trust score from someone you trust. The social graph matters. You could choose to ignore the apparent trustworthiness of someone unless they meet a high standard — like maybe they have to have 100 or more satisfactorily concluded transactions with people you already trust before you do business with them. In the future, users might not even want to build their own algorithms for calculating trustworthiness — they could just rely on third-party algorithms created by companies that study the blockchain.

There's of course the chicken-and-the-egg problem of how a new person in the network gets started building trust. Just as in real life, though, you trust someone with a little bit to begin with, and then more over time, rather than trusting a stranger with $1,000,000 of your money right off the bat. This could mean that new people get their first scores by trading with friends, or people whose real-life identities they already know.

I'm not trying to create a system that's impossible to game, and I'm not interested in trying to create a bulletproof identity-verification system. The goal is to create a system where the cumulative value of your trustworthiness is greater than the incentive to scam. Basically, if you spent a year building a history of trustworthiness, there would be a monetary incentive to continue your good behavior, because you have a bigger pool of trading partners interested in trading with you. It's the same reason people strive to keep a high credit score.

I am sorry but if this the best trustworthy approach then I would stick with GPG keys and bitcoin-otc.

I don't see any problem with that. If you're comfortable with bitcoin-otc, you like using it, and you like your trading partners in it, then you're all set. But as CIYAM Open notes, and I think many people would agree, there are really a lot of potential users of Bitcoin for whom using IRC and GPG keys would be a major barrier to entry. Getting a bitcoin wallet and learning to use it is, for people unfamiliar with IRC and GPG keys, much more accessible. And a wallet is all you'd need to get started using AudenX.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Honestly tell me how hard is IRC and gpg keys?

I have already had at least half the people interested simply *give up* on signing up to CIYAM Open because it currently requires GPG (hint - it won't be a requirement soon because I actually do *want* people to join up rather than attack them for not knowing how to use GPG).

Add IRC to the mix and you have created a system that only *geeks* can use (seriously some Bitcointalk people ought to get out into the *real* world at least once a year or so).

As for scammers I think you'll find that pirateat40 had a *very* good OTC reputation. Cheesy
legendary
Activity: 1498
Merit: 1000
A couple things, I am paying you for trust. Why? What the difference in me making a thread on here saying "Alice and Bob had a smooth transaction". I can't rate someone in the negative that isn't good, now I just had a transaction which I lost money and now I have to send you something to rate this person kinda like salt on the wounds. What about a scammer, how does he not make many profiles on your site to boost up his rating? I mean spending .01 to boost up ratings and sending 50btcs around to make your system think there is transactions happening? I don't like that I am identify and my trustworthy is thru an address, this lets scammers reset every time they are detected. I am sorry but if this the best trustworthy approach then I would stick with GPG keys and bitcoin-otc.


It's good to see someone finally motivated enough to perhaps make this happen (it didn't before and yes the OTC stuff is just way too hard for most people).

Honestly tell me how hard is IRC and gpg keys? Is it that hard, that your willing to allow a system that basically allows scammers to reset every time detected. This argument that IRC and GPG keys are too hard for new people, is plainly invalid, there are millions of threads on here explaining in great detail how to do it. Also there is many sites explaining it. And if your still that new to not get it, there are youtube videos to follow along. I mean if you actually think this idea is the way to solve this, then you are very wrong, and really need to rethink how you view trust in the bitcoin world.
newbie
Activity: 44
Merit: 0
For this to work best I would recommend that it be documented in an open way so that hopefully down the track other rating sites will use the same implementation (rather than ending up with multiple incompatible ones).

Agreed!

[ ... ] the website's success will be in simply and hopefully powerfully being able to let you "view" a buyer/seller without having to understand the low-level stuff (although important for that to be available for other sites to display also so you can be assured that the website isn't misreporting).

Also agreed. A near-ish term aspiration for me would be to build something like blockchain.info for viewing trustworthiness of BTC addresses.

Being able to "filter" out buyers/sellers based upon their obscurity (for example) would be a nice feature for the website to contain.

Guess I'd better start tracking feature requests Smiley
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
It's good to see someone finally motivated enough to perhaps make this happen (it didn't before and yes the OTC stuff is just way too hard for most people).

For this to work best I would recommend that it be documented in an open way so that hopefully down the track other rating sites will use the same implementation (rather than ending up with multiple incompatible ones) and I see such rating tx's as having far more value than SD tx's do. Smiley

If the rating data is view just as being data (which I would recommend) then cram as much as you can into that (and as many different types of things such as id verification level) then the website's success will be in simply and hopefully powerfully being able to let you "view" a buyer/seller without having to understand the low-level stuff (although important for that to be available for other sites to display also so you can be assured that the website isn't misreporting).

Being able to "filter" out buyers/sellers based upon their obscurity (for example) would be a nice feature for the website to contain.
newbie
Activity: 44
Merit: 0
Some further ideas: https://bitcointalk.org/index.php?action=printpage;topic=87339.0

(a bit more complex but would provide a much more powerful system)


Looks like we're sharing a brain wave! Thanks for posting; it's encouraging to see that others are thinking along these lines.

"Alice-to-Bob-Close" signal (piggybacked on Alice's payment to the grocery store):

INPUT: 1AliceAudenXIdentityAddress
OUTPUT1: 1GroceryStorePayment (0.75 BTC)
OUTPUT2: 1BobAudenXIdentityAddress (0.000115 BTC) <-- 115% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

"Bob-to-Alice-Close" signal (piggybacked on top of Bob's dinner date tab):

INPUT: 1BobAudenXIdentityAddress
OUTPUT1: 1DinnerAndAMovieDate (1.10 BTC)
OUTPUT2: 1AliceAudenXIdentityAddress (0.000090 BTC) <-- 90% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

What do you think?
[ ... ] I don't think you need the Open Transaction output that Bob put on his Wordpress payment. It's up to Alice, when she gets the socks, to register that Bob did a good job, and only if Bob lets her know that his address is registered at AudenX. [...] 

And of course, AudenX would tell people "If you're not satisfied with a vendor, you can register that publicly by adding two outputs to any transaction, one for 0.00000XXY (AudenX has 3-digit codes for all kinds of Customer Service ScrewUps) to 1AudenXAddressOfRecord, and the other for 0.00000YYY (The "IDENTIFIER" 3-digit code) to 1ThatVendorsAudenXAddress.

This comment makes me realize that I've been thinking about symbolizing "trustworthiness" in a slightly different way from bitcoin-otc web of trust.

Rather than allowing users to simply assign a trustworthiness score to other users whenever they please, I'm imagining a system where users' satisfaction scores are only counted when the parties have actually done business together.

The reason I think it's good to require a reciprocal "open" signal from Bob is that this lets AudenX know that Bob has agreed to whatever transaction Alice is trying to initiate. Alice can't just spam Bob with positive or negative scores if he hasn't agreed to do business with her.

My desire here is for AudenX "trustworthiness" to reflect a party's performance in actual, mutually-agreed-upon trades. If I'm truly interested in doing business with Bob, I think "reputation" that's based on unidirectional scores (e.g. iPhone app reviews, reddit upvotes) isn't as useful as knowing the satisfaction of another person who entered into a mutually-agreed-upon trade with Bob.

Requiring reciprocal scoring also helps extend the concept of trustworthiness beyond the seller: not only do sellers have to demonstrate that they're good to do business with, but buyers need to play nice, too. (E.g. If you're a seller, you might want to steer clear of that jerk buyer who always leaves 0% reviews, both to save yourself the headache and to protect your own trustworthiness score from trolls.) This creates an incentive for parties to work together to keep overall satisfaction high, rather than putting all the power in the hand of the buyer-reviewer.

Reciprocal "open" and "close" signals also seemed important to me, so that AudenX can calculate an identity's "completion rate" for trades, and so that users are motivated to finish their business and rate each other in a timely way.
sr. member
Activity: 444
Merit: 250
I prefer evolution to revolution.
"Alice-to-Bob-Close" signal (piggybacked on Alice's payment to the grocery store):

INPUT: 1AliceAudenXIdentityAddress
OUTPUT1: 1GroceryStorePayment (0.75 BTC)
OUTPUT2: 1BobAudenXIdentityAddress (0.000115 BTC) <-- 115% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

"Bob-to-Alice-Close" signal (piggybacked on top of Bob's dinner date tab):

INPUT: 1BobAudenXIdentityAddress
OUTPUT1: 1DinnerAndAMovieDate (1.10 BTC)
OUTPUT2: 1AliceAudenXIdentityAddress (0.000090 BTC) <-- 90% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

What do you think?
Yeah, that seems better.  Then the blockchain could be analyzed to see how long it takes an AudenX-registered address (Bob's) to receive the satisfaction transaction after collecting bitcoin from another AudenX-registered address (Alice's).  I don't think you need the Open Transaction output that Bob put on his Wordpress payment.  It's up to Alice, when she gets the socks, to register that Bob did a good job, and only if Bob lets her know that his address is registered at AudenX.  And when Alice sends the original bitcoin, does she really have to add those other outputs?  AudenX can recognize the bitcoin destination is Bob's AudenXIdentityAddress.

AudenX vendors would instruct their customers: "Once you've received your purchase, please add two outputs to your next transaction, one for 1OurAudenXIdentityAddress and one for 1AudenXAddressOfRecord, both for 0.00000100 bitcoin to help show everyone that we stick to our promises.  Thanks!"

And of course, AudenX would tell people "If you're not satisfied with a vendor, you can register that publicly by adding two outputs to any transaction, one for 0.00000XXY (AudenX has 3-digit codes for all kinds of Customer Service ScrewUps) to 1AudenXAddressOfRecord, and the other for 0.00000YYY (The "IDENTIFIER" 3-digit code) to 1ThatVendorsAudenXAddress.

Man it's late for me.  I hope I'm not too stupid in this post.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
Some further ideas: https://bitcointalk.org/index.php?action=printpage;topic=87339.0

(a bit more complex but would provide a much more powerful system)
legendary
Activity: 1330
Merit: 1000
Bitcoin
Hi Audenx,

Love the idea you have here. Def. needs this in the community. I'll see if I can contribute some more thought to it!
newbie
Activity: 44
Merit: 0
Can you just post the idea here, cause your website is completely down, for me.

Edit 7-March-2013: Website now reflects most recent pitch. Version 0.01 pitch archived here.

===

Sure! The website currently contains simply my v0.01 marketing pitch for the idea. dscotese's feedback above has already got me revising for the v0.02 pitch Smiley

Here's the original pitch:

Show off your trustworthiness with AudenX.

AudenX watches the Bitcoin blockchain for a simple pattern of small Bitcoin transfers that signals two parties' satisfaction with a transaction. Cumulatively, AudenX trades can be used to gauge a party's trustworthiness.

How does it work?

Step 1

Well, Alice, first you must grab a partner. That guy Bob who wanted to sell you a pair of alpaca socks for 1 Bitcoin? Yeah, he'll do just fine.

Each of you will need your own Bitcoin address to serve as your AudenX identity for your transaction. Make sure to keep the private key for your AudenX identity secure, because you'll want to keep using this identity to build the public record of your trustworthiness.2

Step 2

Create a new "scorecard" for your transaction.

Your scorecard is a new Bitcoin address, meaning an address that's never appeared on the blockchain before. Use any Bitcoin address generator or wallet that you like to create this address. The only requirement is that you, Bob, or both of you together must be able to make payments from the scorecard address.

Step 3

Pick a number, any number. (Well, any non-zero, non-negative number.)

Say you picked the number 10. Now 10 will represent the score for a completely satisfactory transaction experience.

To initiate the transaction, you and Bob each send 10 Satoshis (or 10 microBitcoins, or any order of magnitude you like — just keep it relatively small) to your scorecard address.

Once both transfers are complete, send the total scorecard balance (20 Satoshis, in this case) to AudenX3. That's a signal to AudenX that Alice and Bob have just started a transaction, and as an added bonus the transfer helps fund future development of services for the AudenX community.

Step 4

Make your trade! Sling those socks, and pay that coin. You can conduct your trade however you want, and you don't need to use your AudenX identity addresses to send or receive payments related to the trade.

Step 5

Rate your trade. Were you satisfied 100%? Then send another 10 Satoshis to your scorecard. Was Bob satisfied? Then he sends another 10 Satoshis to the scorecard address. Once both transfers are complete, send the balance (20 Satoshis) to AudenX. That's a signal to us that Alice and Bob finished a transaction, and that transaction scored 20 out of 20. Way to go, you two!

And you're done!
 
legendary
Activity: 1498
Merit: 1000
Can you just post the idea here, cause your website is completely down, for me.
newbie
Activity: 44
Merit: 0
If and when miners start relying on transaction fees much more than block rewards, these transactions won't get confirmed as easily as they are now.  So I'm thinking of another idea that doesn't require them.

I was also worrying about confirmation fees, but you came up with a smarter idea to address that than I did. I had simply been imagining a future scenario where the value of building your trust record is worth paying the incremental miner fees to "register" each transaction using the AudenX pattern, but that might be too optimistic if confirmation fees become significant.

Instead of making two new transactions to reflect the beginning of and subsequent satisfaction with a transaction X, put that information into an input in the next transaction N from an address known to belong to the same user who paid BTC in transaction X.

That seems like a step in the right direction. Not sure if this is exactly what you are describing, but after reading your response I started thinking the signaling pattern could be modified as follows. In addition to reducing cumulative confirmation fees, it eliminates the need for a "scorecard" address:

Alice (1AliceAudenXIdentityAddress) agrees to pay 1 BTC to Bob (1BobAudenXIdentityAddress) for a pair of alpaca socks. Both parties want the transaction to be reflected on their AudenX (1AudenXAddressOfRecord) trust histories.

Alice kicks off the AudenX process by creating a Bitcoin transaction. Let's call this transaction the "Alice-to-Bob-Open" signal.

INPUT: 1AliceAudenXIdentityAddress
OUTPUT1: 1BobPaymentAddress (1 BTC)
OUTPUT2: 1BobAudenXIdentityAddress (0.0001 BTC)
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

Bob confirms that he's participating in this AudenX process by creating a Bitcoin transaction in response. Since he doesn't owe Alice any Bitcoin, he piggybacks his AudenX signal on top of a payment he owes to Wordpress. Let's call this transaction the "Bob-to-Alice-Open" signal.

INPUT: 1BobAudenXIdentityAddress
OUTPUT1: 1WordpressPaymentAddress (0.5 BTC)
OUTPUT2: 1AliceAudenXIdentityAddress (0.0001 BTC)
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

AudenX, having received two payments, examines the associated transactions and can recognize the signals Alice-to-Bob-Open and Bob-to-Alice-Open. AudenX ignores any transaction outputs that don't fit the signaling pattern. Now AudenX knows that Alice and Bob have started a transaction. (Until AudenX sees the closing signals from Alice and Bob, the AudenX pattern is incomplete. Incomplete patterns can reflect negatively on an AudenX identity's trustworthiness, because it indicates that two parties haven't resolved their transaction, which might indicate a dispute, or the inability of one or both parties to signal correctly.)

When Alice and Bob complete their alpaca-socks-for-Bitcoin trade, they can indicate their satisfaction with the trade as being equal to, less than, or greater than the baseline score (which they each set at 0.0001 BTC in this example). Say Alice is 110% satisfied with the socks she's received, but Bob's a bit annoyed that Alice took so long to respond to his email requesting her shipping address, so he's just 90% satisfied.

To save on confirmation fees, the parties wait to send their final AudenX satisfaction scores until their next Bitcoin transaction. Then they create transactions like these:

"Alice-to-Bob-Close" signal (piggybacked on Alice's payment to the grocery store):

INPUT: 1AliceAudenXIdentityAddress
OUTPUT1: 1GroceryStorePayment (0.75 BTC)
OUTPUT2: 1BobAudenXIdentityAddress (0.000115 BTC) <-- 115% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

"Bob-to-Alice-Close" signal (piggybacked on top of Bob's dinner date tab):

INPUT: 1BobAudenXIdentityAddress
OUTPUT1: 1DinnerAndAMovieDate (1.10 BTC)
OUTPUT2: 1AliceAudenXIdentityAddress (0.000090 BTC) <-- 90% satisfied
OUTPUT3: 1AudenXAddressOfRecord (0.00001 BTC)

What do you think?
sr. member
Activity: 444
Merit: 250
I prefer evolution to revolution.
I like the idea of using "dust" for information.  You've got two extra "transactions-that-look-like-spam" in the requirements for building this WOT in the blockchain.  If and when miners start relying on transaction fees much more than block rewards, these transactions won't get confirmed as easily as they are now.  So I'm thinking of another idea that doesn't require them.

TL;TD: Instead of making two new transactions to reflect the beginning of and subsequent satisfaction with a transaction X, put that information into an input in the next transaction N from an address known to belong to the same user who paid BTC in transaction X.

My idea would be easiest if a bitcoin client were created that automated it.  Most transactions involve some change, which means there are at least two outputs, one of which belongs to the payer.  If the client enabled the user to create a "Who I Trust" (WIT) address, then it could remind the user at some user-specified interval of time after a bitcoin payment to rate the transaction ("Did you get what you paid for?", say on a scale of 1 to 10).  The client stores this answer but doesn't use it until the user makes another payment (to anyone, anywhere).  This second payment includes an extra output to the WIT address that reflects the user's satisfaction with the previous transaction.

The user can register his or her WIT address at AudenX and then you can write software to analyze the BC (like you're planning to anyway, I assume) that would identify transactions in which that WIT address was an output.  The analysis your software does, based on a WIT address, identifies other addresses that (we assume) belong to the owner of the WIT address.  Transactions to and from those addresses may or may not belong to others who have registered a WIT address.  If they do, then AudenX's analysis can produce a report saying User X was satisfied that he got what he paid for from User Y.

As usual, I invite people to correct any shortcomings in my understanding of bitcoin.
newbie
Activity: 44
Merit: 0
Hi there.

I'm brainstorming the minimum viable product for an alternative to bitcoin-otc. My current idea is summed up here on my website. I'd love for you more experienced members of the Bitcoin community to tear apart the idea so I can make it better. Comments welcome.

Thanks!

===

Edits:

7-Mar-2013: Updated pitch. Archived v0.01 pitch, replaced with v0.02 pitch.
Jump to: