Bitcoin Step by Step

The Best Way to Get Started

RFC : Trust & Transactions

I recently posted a Request For Comment on the Bitcoin Talk web site.  I’m going to post it here as well along with a link to the original posting.

I’m not sure if there is an official or proper way to do this, but I thought I’d put this out there for conversation and feedback.It is clear that there has been much fraud and much written about the fraud in the Bitcoin space.  This is certainly not restricted to Bitcoin.  I’m proposing a conversation about how to decrease the likelihood of fraud and to inject a global mechanism that holds true to the decentralized nature of the Bitcoin infrastructure.There has been some real good work done in this space.  There are varying levels of intrusiveness into peoples personal information.  For instance:The Web of Trust used by the bitcoin-otc (http://bitcoin-otc.com/trust.php) is a great example of a non-intrusive manner of building trust.  If you have dealt with this network at all you know there a number of people who have a high enough rating (http://bitcoin-otc.com/viewratings.php) that you can trust them enough to send them your money or BTC first and that they will live up to their end of the bargain.  This demonstrates that there are a number of people that want to do legit business.

This system could be abused, and it doesn’t identify who a person is, just that they have established an account, GPG key and have shown to be trustworthy in the past.  Some people’s ratings are worth more than others.  If a user assigns trust without much concern then others will trust their assignment of trust less.  Whereas others tightly control who they assign trust to then their assignment of trust is held in higher esteem.

Another group that I found that is trying to build a level of trust is the folks over at BTC Jam (https://btcjam.com).  They have a multi-point system that includes the bitcoin-otc web of trust.
– allow you to import you WOT rating / handle
– have a mechanism to tie your handle from this site
– Link to your Face book and linked in accounts
– link to your phone (through SMS verification)

None of these really build identity but they are a start.

BTC Jam also allows a user to provide documentation of identity, credit rating and proof of residence. This will allow them to build a stronger identity relationship.  This means that a user has to be someone, which is important if they wish to remain in the community.  It also means that they cannot simply recreate a new identity if they scam people when using this one.  This identity could also be used should there ever be a collection agency established.

The problem with the BTC Jam method is it is only for BTC Jam.  I say that not trying to harm BTC Jam, I like and use their site and applaud them for moving trust in the community forward.  Although,  I would like to see some statement from them around privacy and where there stand with privacy.  I want to know that they will never share or sell any information they have about person’s identity.  That’s not to say that the fact that someone has been properly identified cannot be sold.

This leads me to what I’d like to discuss.  I think there is a market for a distributed method of trust.  If we take the best of both of these and expand on them I think a system of trust verification could be manufactured that allows a mechanism of trust to be established.  I open this to you because I suspect there are a number of other legit methods of building trust that should or could be considered.

The WOT is a start.  Adding in the Links to social media is good, if others can see them.  This way if I’m investigating someone and I see that their FB and linked in have no social links I can assume it is a fake.  The fact that they have a mobile phone is not very useful, unless it is later used by a collection service. (Another opportunity for discussion, but not here).   This is all easily distributed or built on top of the existing WOT or a new WOT created, once the details are worked out.

The ratings misuse or abuse should be more tightly controlled.  If there was an API that every site could tie into, then the transactions on various sites could be tied to the users WOT account.  As a result a better view of the persons overall trust level could be established.  Also, rather than allowing them to provide a -10 to +10 directly as a number, a question with set parameters should be used that forces people to consider the value they will assign.  This would allow people to build some commonality around their assignment.  This should be a set some generic conditions.  for instance if we were to use and example  form the PGP WOT a +10 would only be granted to someone I knew personally and also were willing to vouch for.  Whereas some are willing to give a +10 for a good trade.  2 or 3 trades should still only be awarded a +1 I my book.  That has to be clearly established.  That could potentially be built into the rating system.  Let the rating be either Good, neutral or Bad.  If a person does a lot of transactions with someone then their rating would go up over time.  Then the WOT real strength would grow.  If alice has a +8 trust level with bob, and bob has a +6 trust level with charlie, and alice and charlie do not know each other, they could assume that there is a level of trust based on the existing trust.

The method of identity verification adds some level of complexity.  It would have to rely on something akin to a certificate authority.  This would add a second level of trust.  The user’s identity verification would have to a factor of the trust of the authority that verifies them.  If this authority is found to hand out verification without much research, then they would be down rated and so would everyone they verified.  A user could also if they wanted to identify with more than one authority.  Users would be able to shop around and look for the one with the best privacy statement, best reputation and security record or plan.

This system should be open to anyone performing transactions with bitcoins, and could potentially be used by anyone for any untrusted relationship.  There should be an API so that interactions could be made from various vendor sites.

I’d like your feedback and input on this idea.  I do not want to own this idea.  I want it to be owned by the community and driven by it.  I think we can establish something that will close one of the gaps that exists not just with Bitcoins but in general on the web.

The original posting can be found here:  https://bitcointalk.org/index.php?topic=130101.0
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Information

This entry was posted on December 10, 2012 by in Anonymity, Trust and tagged , , , , .
%d bloggers like this: