Dear LiberationTech, We are interested in developing software for a decentralized anonymous marketplace. There have been centralized non-anonymous marketplaces, such as eBay, and centralized anonymous marketplace attempts, such as SilkRoad.
There are some ideas around this concept: Goshakkk's [1], some reddit discussions [2][3] and bitcointalk discussions [4], as well as some ideas around the concept that involve some centralization by OpenTransactions [5]. There has also been some work on the notion of decentralized trust [6] and cloud markets [7]. Some of these are appropriate, while others are not, based on our goals stated below. Before I get into details about our thoughts, I wanted to ask the list: * Are there any similar attempts we can contribute to or borrow ideas from instead of implementing something on our own? * What is the list's opinion on such software? * Are there research papers that we can base our work on? Based on preliminary discussions, we have the following high-level goals: * Allow sellers to maintain online lists of products and transact with buyers. * Achieve anonymity for buyers and sellers on the network and between each other. * Allow users to maintain a pseudonymous identity that carries anonymous trust across transactions. * Enable trusted transactions between people based on a reputation, escrow, and deposit system to ensure the safety of all parties. * Achieve reasonable performance for transactions and market-related operations. * Do not depend on any centralized third trusted party for transactions; do not trust any funds on third parties. * Avoid single points of failure such as servers. The benefits for the creation of such a system are multiple: * It will allow people to transact anonymously, without having to report to corporations or governments about their whereabouts. Governments and corporations look into the transactions of individuals, thereby often violating their privacy. This can protect both sellers and buyers - a seller may sell goods that they want to avoid being known for, while a buyer may purchase goods they don't want to be known for. For example, a seller may want to sell books of questionable political content, and a buyer may want to purchase such books. A similar case exists for films. * It will enable journalists who are willing to make a profit out of their writings to remain anonymous while transacting with newspapers, especially when dealing with sensitive material. Recent developments have shown that journalists are often in danger when dealing with such matters. While it is noble for journalists to work publicly and fight for freedom of speech and freedom of the press, they should be given the option to remain anonymous if they so wish, while still making a profit and helping the world by publishing information. This can protect both sellers and buyers, especially as we move towards online journalism where newspapers can also remain anonymous. For example, a journalist may want to illustrate that they have a particular piece available for sale, and may want to get a fair price for it based on the market instead of going to a particular newspaper. * Individuals and businesses alike will be able to purchase goods from within countries that are limited in their transactions through law that intervenes with their personal freedom. For example, a person who is worried about their government eliminating their Internet connection in the future can purchase satellite or antenna equipment and use it for applications that have been mentioned in this list several times [8]. Or, on a lighter example, they may want to purchase porn or sex toys in a country that considers them illegal. * We believe research in this area will help enforce byzantine-style networks. There are strong use cases for proof of work schemes and truly decentralized networks. We believe proof-of-work is a fundamental building block for future cryptographic and security tools. Anonymizing such networks is also an engineering challenge and there are important cryptography-related challenges as well, from an academic point of view. We believe this research may open up possibilities for a better understanding of how these systems can work in the future and improve the world. Bitcoin was an important step towards this direction, as it allows payments that can be, in principle, anonymous, when combined with schemes such as zerocoin [16]. However, bitcoin assumes that the sellers and buyers are already known to each other and doesn't offer catalog features. This is the gap we are aiming to fill. A decentralized anonymous marketplace can be used for the purchase of digital goods (books, music, movies, newspaper articles, software, subscriptions) as well as physical goods (printed books, blu-ray movies, antennae). The delivery of physical goods is beyond the scope of this project, but we aim to allow buyers and sellers to exchange information that allows physical deliveries. Here are some ideas of how such a system could work, at a high level. All these ideas are under discussion and we would love to hear your criticism about them: The system consists of a piece of open-source software, a "node" which consists of a low-level library that communicates with the network (bitcoin-style) and a user interface. The user installs the program on their computer, runs it, and can subsequently have access to the marketplace. We'd like to MIT license this and collaborate on GitHub. We'd like to build the front-end of the application on a widely known programming language which is easily accessible to anyone who wants to collaborate, so that we can leverage the talent of programmers around the world. We think web languages such as HTML/CSS and Javascript are appropriate (think node-webkit). The technologies for the back-end may be different or similar. Each user maintains one (or more) private/public key pairs that constitute their identity. Their identity can have a friendly name through namecoin [9] which they own (Twister [10] successfully achieved such a scheme for a Twitter-like decentralized network). There are three types of users: Buyers, sellers, and escrows. Each of them maintains a key and has a reputation. Sellers maintain catalogs of goods that live on the network (freenet-style). Catalogs are lists of available items, with content associated with them. Content can include a title, a description, potentially with some markup, a picture, a price. Other metadata can be where it ships from and where it can ship to for physical goods, how much the delivery costs, and how long it would take. For digital goods, one can include the file size and hash. Catalogs are bound to their owners' key. This key can be used to update or delete catalogs in the future. This data is stored on a DHT and is available even when the seller is offline, ridding us of the server-client architecture of Tor hidden services that have been used for this purpose in the past. This helps avoid single points of failure. Which technology we will use for such storage remains yet unclear; there are distributed stores that have some anonymity; there's also the possibility to use a more traditional DHT over Tor. There are always issues about performance, anonymity, and denial of service interventions that must be guarded against, and all these must be balanced appropriately. Buyers can browse catalogs or search for goods based on categories. They can view goods or decide to purchase goods. Both a seller and a buyer must agree to perform a transaction (although the approval by the seller can be automated if they so wish). The reputation of each user is based on a net-of-trust: Alice can view the trust of Bob, but Charlie will see a different trust for Bob; trust is "projected". This projection is an important and challenging problem. The initial idea is for each user to directly give trust to certain people; then a model of trust transitivity can be employed, but in a way that each user cannot indirectly vouch for others for more trust that they have been given themselves directly or indirectly already. This ensures that a party is not able to build up an arbitrarily large amount of trust by creating a large graph in which they reinforce their own trust. I have some more precise mathematical results for this idea and I'm willing to discuss it further if there is interest. For this system, a preexisting model can be used, and would be preferred to inventing something separate, and we are open to suggestions. What are some systems we could use? One of the important issues with projected trust is that a new user in the network will need an invite by a friend to join it (otherwise they will not see any trust at all), a problem that ultimately undermined the success of Freenet, so it is a big question to ask. After the buyer and seller agree to perform a transaction, they can exchange GPG or OTR-encrypted and signed messages, ensuring their pseudonymity and legitimacy, which can be used to discuss the delivery of goods. Payments can be done through bitcoin scripting to allow temporary decentralized locking of funds before goods are delivered; finalization can follow the delivery of goods. This would be a two-out-of-two [19] signature scheme. A two-out-of-three digital signatures scheme can also be used, involving a third party escrow [11]. For this reason, a list of escrows, with their ratings, is maintained by the network. The escrow can be paid for their services, like The Market Place [12] does. However, the choice of escrow remains upon the buyer and seller in a free market sense, is not the responsibility of a centralized administrator, and does not impose fees that are paid to the system (although there can be fees paid to the escrows). This system provides a game-theoretic proof that there is no incentive, for a closed system and rational agents, for anyone to deviate from the rules. In addition to such an escrow system, each vendor could deposit a certain amount of money as "security" to illustrate their legitimacy. This money can be either destroyed as proof, or maintained in a way that the vendor cannot withdraw it for a predetermined, public period of time that they decide. In the first case, the destroyed money is sent through bitcoin to a provably unspendable address. The money is then associated with a particular vendor, and the money destroyed is published on the vendor's catalog as a way to ensure that the vendor is not completely ephemeral. In the latter case, agents that have been unsatisfied with their purchases can make claims on this deposit, a part of which can be released to them if the network considers it fair. How such a decision will be made remains unclear, and it is unknown if it is possible at all. A similar scheme for deposits can be made for buyers also. We understand this project is a huge proposal. For now, we want to implement a very small part of it, as proof of concept: Only the product catalog, while maintaining anonymity and basic performance, with fundamental CRUD operations available to sellers. This excludes the ability to perform transactions at all, and of course also excludes two-out-of-two or two-out-of-three finalized transactions, escrows, and the database of trust or deposits. But it will allow vendors to create, update, and delete catalogs, and buyers to view and search catalogs. The ways to technically realize such a system are various. Tor can be used as a layer to maintain anonymity. Various DHTs can be used to store data, or even bitstorage [13]. Bitmessage [14] can be used to relay messages or broadcasts. Namecoin [9] can be used for user-friendly names, under a dedicated namespace, overcoming Zooko's triangle [15]. And bitcoin or zerocoin [16], if desired, can be used for payments. Ethereum [17] could be used in almost anything's stead. All of these are under discussion. An important issue with such a project are its ethical implications. A truly decentralized anonymous market can't be shut down by any government, and cannot be censored. We want to distance ourselves from illegal applications, but they may be inevitable. Academic research and open source software implementations are concerned with the progress of mankind. We perform scientific research and study these concepts to ensure this knowledge is available to the public and can be used for good. We will do so even if some applications are illegitimate. While academics are not legally responsible for inappropriate use of their findings, we are ethically concerned about uses such as drugs, weapons, murder-for-hire, national security information, or illegal pornography. As engineers, we try to always ask the right ethical questions when it comes to uses of our software. We would like to inquire about the list's opinion on this matter. A principle of our design is to completely avoid designing any new technologies if possible and essentially only combine existing pieces to form what we want. This way, we can leverage from the network power of existing peer-to-peer networks with strong proof-of-work (such as bitcoin) as well as the security and anonymity of systems that have been tried extensively (such as tor). "Don't roll your own crypto." A few words about us are appropriate. My advisor is Aris Pagourtzis, a theoretical computer scientist with research interest in cryptography and byzantine networks [18]. I'm an engineering student at the National Technical University of Athens. In the past, I worked in the product security team of Twitter. We are also hoping to involve some additional undergraduate and graduate students eventually, or, really, anyone else interested. We'll start working on this project at the source code level after the 15th of April. This is a request for comments and an invitation for collaborators. Thank you for your time, Dionysis. [1] https://github.com/goshakkk/decentralized-anonymous-marketplace-concept [2] http://www.reddit.com/r/Bitcoin/comments/1nl58n/silkroad_domain_states_this_hidden_site_has_been/ccjlm32 [3] http://www.reddit.com/r/Bitcoin/comments/1nmshk/decentralized_marketplace_via_bitmessage_bitcoin/ [4] https://bitcointalk.org/index.php?topic=355530.0 [5] http://opentransactions.org/wiki/index.php?title=About [6] http://www.cs.rutgers.edu/~minsky/papers/marketplace.pdf [7] http://p2pconnects.us/2013/09/08/personal-clouds-disrupting-the-disruptors/ [8] https://mailman.stanford.edu/pipermail/liberationtech/2013-March/007841.html [9] http://namecoin.info/ [10] http://twister.net.co/ [11] https://en.bitcoin.it/wiki/Contracts#Example_2:_Escrow_and_dispute_mediation [12] http://www.reddit.com/r/themarketplace/ [13] https://bitcointalk.org/index.php?topic=348868.0 [14] https://bitmessage.org/ [15] https://en.wikipedia.org/wiki/Zooko%27s_triangle [16] http://zerocoin.org/ [17] https://www.ethereum.org/ [18] http://users.softlab.ece.ntua.gr/~pagour/ [19] https://en.bitcoin.it/wiki/Address#Multi-signature_addresses -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
