It recently occured to me that we can use the public nature of the block chain to create trusted identities, for a specific form of trust.
Lets suppose Alice has some bitcoins held at bitcoin address A. She wants to establish trust in the "identity" associated with the ECC keypair associated with A, for instance for the purpose of having other users trust her not to attempt to double spend. Since the trust she seeks is financial in nature, she can do this by valuing the identity associated with A, by delibrately throwing away resources. A simple way to do this would of course be to transfer coins to a null address, provably incurring a cost to her. A more socially responsible way would be for her to create a series of transactions that happen to have large, and equal, transaction fees. Bitcoin makes the assumption that no one entity controls more than 50% of the network, so if she makes n of these transactions consecutively, each spending m BTC to transaction fees, there is a high probability that she has given up at least n/2 * m BTC of value. This of course is all public knowledge, recorded in the block chain. It also increases the transaction fees for miners, which will be very important for the network in the future. Now Bob can easily examine the block chain, and upon verifying Alice's trust purchase, can decide to accept a zero-confirmation transaction at face value. If Alice breaks that promise, he simply publishes her signed transaction proving that Alice is a fraudster, and future Bob's will distrust Alice's trusted identity, thus destroying the value needed to create it. In effect, we now have a distributed green address system. Now Alice could try to mount a double-spend attack on a whole bunch of people at once, hoping to have them all accept the transaction. However as it is the "just trust them" model works pretty well already. A good usecase for this idea, beyond the obvious fast payments application, is a distributed anonymizer. Alice can now publish her request to anonymize coins, and other trusted identities can make their bids. If Alice accepts a bid from Bob, she will want Bob to send her the anonymized coins *prior* to her transaction going through, thus breaking the temporal connection between the transactions. Now Alice can give Bob the signed payment transaction, and Bob can submit his payment transaction to the network first, knowing that Alice isn't going to try to rip him off. Bob can also have a trusted identity which signed the contract for the anonymizer transaction, and similarly if he rips Alice off, she can publish it for the world to see. A more subtle effect, is this makes sybil attacks more difficult. To pretend to be a thousand identities is going to now require 1,000 * n coins, and attempting to pull this attack off inherently strengthens the bitcoin network. Obviously we can apply this principle to other things like tor nodes as well. -- http://petertodd.org 'peter'[:-1]@petertodd.org
Description: Digital signature
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Bitcoin-development mailing list Bitcoinemail@example.com https://lists.sourceforge.net/lists/listinfo/bitcoin-development