Date post: | 13-Aug-2015 |
Category: |
Software |
Upload: | washington-sanchez |
View: | 754 times |
Download: | 0 times |
2
Overview1. What is identity on OpenBazaar?2. What are Ricardian Contracts?3. What is reputation on OpenBazaar?4. What is a valid rating?5. Where is the rating stored?6. What about privacy?
The above picture isn’t relevant to anything, the slides just felt awkward with all this white space.
3
Before we talk about ratings, reviews and reputation…
Let’s talk about identity
What is identity on OpenBazaar?
5
NETWORK
ECC key that generates a global unique identifier (GUID) that is your OpenBazaar ID
GUID IP Address Port
34e57db64ce7435ab0f759cca81386527c670bd1
215.1.22.125 45785
Distributed Hash Table
What is identity on OpenBazaar?
6
No one can spoof your GUID unless they compromise your private key
Can someone spoof my GUID?
What is identity on OpenBazaar?
Elliptic Curve Cryptography (ECC)
Private key(2128)
Public key
GUID
RIPEMD160(sha256[self_signed pubkey])
This is how babies are made
Some modifications are being made to the GUID to make it non-trivial to generate, in order to create a mild proof of work
7
Network communications on OpenBazaar
“Hi, my name is GUIDAlice and this is my public key!”
“Hi GUIDAlice , yep that checks out. I’m GUIDBob and this is my public key!”
“Yep that checks out!”
Step 1: Say Hello; verify GUIDs match the public key.
What is identity on OpenBazaar?
8
Network communications on OpenBazaar
“Want to buy some ‘My Little Pony’ DVDs?
“Yeah sure”
Step 2: Encrypt messages with a peer’s public key so only they can read it.
What is identity on OpenBazaar?
9
Network communications on OpenBazaar
{ “item”: “My Little Pony volume 1”…}
{ “shipping_address”: “1060 West Addison St, Chicago, IL”…}
These messages will also carry the terms and conditions of the Ricardian contracts
What is identity on OpenBazaar?
10
Network communications on OpenBazaarSome nuance
1. ECC key that generates GUID will be used for session authentication
2. Ephemeral ECC keys will be used for to encrypt messages between peers after authentication
(Forward secrecy)
What is identity on OpenBazaar?
13
BITCOIN
Bitcoin keys used for controlling the multisignature escrow address
This is your financial identity, indicating you have the contributing power to release funds according
to the terms and conditions of the contract
What is identity on OpenBazaar?
14
Bitcoin keys used for controlling the multisignature escrow address
BIP32 hierarchical deterministic keys to create 1 key per contract
GUID + Bitcoin keys are the only things you need to make a trade over OpenBazaar
What is identity on OpenBazaar?
15
Bitcoin keys are used to sign the Ricardian Contracts
The identity with financial power agrees to the terms and conditions of a trade with another identity.
What is identity on OpenBazaar?
17
A Passcard is a portable identity that can be used to:1. Register a storefront handle2. Cryptographically link:
• Multiple nodes on the network• Identities outside of OpenBazaar
PASSCARD
What is identity on OpenBazaar?
Passcard operates according to the Bitcoin Naming System protocol, designed by Onename
18
Passcard allows users to associate as much or as little personally identifiable information (PII) as they desire with a GUID
GUID: 34e57db64ce7435ab0f759cca81386527c670bd1
Passcard: +gillian_a_thompson
Cryptographically link identitiesRegister handle for the node
+ Certificate authority style ID verification+ Business address+ Phone number
Optional
What is identity on OpenBazaar?
19
A Passcard can be associated with multiple nodes that the user controls; registering a handle for each node
@gthompson_US@MyLittlePony_shoes
@BronyFeetGUID: 34e57db64ce7435ab0f759cca81386527c670bd1
What is identity on OpenBazaar?
@gthompson_China@ 我的小马驹
@Brony 脚
GUID: 287bf38cf4aa9dfa0c1fe409d7bd0563b3691c90
Passcard: +gillian_a_thompson
20
What is identity on OpenBazaar?Summary
• There are 3 types of identity:1. OpenBazaar identity (network GUID keys)
1. ECC keys2. One GUID per node on the network3. No one can spoof the GUID4. Messages between nodes are authenticated with the recipient’s public key5. Contracts are signed with the GUID keys (Vendor only)
2. Bitcoin identity1. Bitcoin multisignature escrow signing keys2. 1 keypair per contract, generated from BIP32 seed3. Ricardian contracts are signed with Bitcoin keys
3. Passcard identity1. Passcard is used to register a handle for the node (1 handle per node)2. Passcard is used to link multiple nodes the user may control3. Passcard can also associate a node with other identities (e.g. Facebook, Twitter)
22
Ricardian Contracts and the Trade Flow
A digital contract that defines the terms and conditions of an interaction, between two or more peers, that is
cryptographically signed and verified
Results in a tamper-proof contract that is formatted in XML or JSON to be both human and machine readable
What are Ricardian Contracts?
23
Ricardian Contracts and the Trade Flow
Cryptographic keys to establish identity
Semantic data to establish the terms and conditions of an interaction (e.g. money exchanged for a good/service)
Digital signatures to create fraud-proof evidence that an identity agreed to these terms and conditions
Cryptographic hash of the contract to create a tamper-proof record of the contract
Major components
24
Ricardian Contracts and the Trade Flow
Application populates listing data into JSON
This data is saved locally and becomes the Ricardian Contract
There is a template attribute schema for physical goods, digital goods, and services
Peers will request the values corresponding to the attribute schema when downloading a contract
Ricardian Contracts in OpenBazaar
25
Ricardian Contracts and the Trade Flow
Contract schema divided into four stages, as per the trade flow
1. Stage 1: Vendor makes a listing2. Stage 2: Buyer places an order3. Stage 3: Vendor {ships the item; discloses link to digital content;
places an invoice for services rendered}4. Stage 4: Buyer releases funds and makes rating
Ricardian Contracts in OpenBazaar
Some areas are expanded in more detail later
28
Context is king(aggregation is the enemy)
Not a vouching system(web-of-trust is another layer, not an alternative)
What is reputation on OpenBazaar?
30
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
31
1. Overall Transaction Rating
What is reputation on OpenBazaar?
There are two approaches:1. Rate the transaction out of 5 stars (indirect)
2. Rate the transaction: positive, neutral or negative (direct)
I don’t mind very much which approach we take.
But when it comes to calculating the overall reputation of the vendor, the 5 star approach is typically reduced to positive, neutral or negative anyway…
so it may be easier to just go with that upfront
What was the overall transaction experience when purchasing this product from the vendor?
32
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
33
What was the quality of the item, content, or service from the vendor?
2. Item, Content, or Service Quality
Excellent:Good:Neutral:Poor:Terrible:
What is reputation on OpenBazaar?
34
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
35
How accurate was the listing description of the item, content or service?
3. Item, Content, or Service Description
Excellent:Good:Neutral:Poor:Terrible:
What is reputation on OpenBazaar?
36
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
37
How quickly was the item sent, content accessible, or service performed after ordering?
4. Item, Content, or Service Delivery
Excellent:Good:Neutral:Poor:Terrible:
What is reputation on OpenBazaar?
38
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
39
How do you rate the quality of the vendor’s communication?
5. Customer Service
Excellent:Good:Neutral:Poor:Terrible:
What is reputation on OpenBazaar?
40
Transaction Ratings6 Rating Parameters
What is reputation on OpenBazaar?
1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review
Tx RatingItem: XBuyer: Jim
41
Leave some written feedback on the item and the vendor for other buyers
6. Review
ReviewCharacter limited review text
What is reputation on OpenBazaar?
Not too long, maybe 280 characters (2 tweets length)?
42
Transaction RatingSummary
What is reputation on OpenBazaar?
1. Overall Transaction Rating Positive (+1)2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review “The item was
great…”
Tx RatingItem: XBuyer: Jim
44
Item ReputationThe sum of transaction ratings from a single item
Buyer ReputationThe sum of transaction ratings from all items
What is reputation on OpenBazaar?
Vendor ReputationThe sum of transaction ratings from all items
45
Tx RatingItem: XBuyer: Bob
Tx RatingItem: XBuyer: Jim
Item X Reputation
Item ReputationThe sum of transaction ratings from a single item
What is reputation on OpenBazaar?
1. Overall Transaction Rating Positive (+10, 98%)
2. Item Quality3. Item Description4. Item Delivery5. Customer Service
6. Review … see all …
46
Tx RatingItem: XBuyer: Bob
Tx RatingItem: XBuyer: Jim
Tx RatingItem: ZBuyer: Jim
Tx RatingItem: YBuyer: Tom
Vendor Reputation
Vendor ReputationThe sum of transaction ratings from all items
What is reputation on OpenBazaar?
1. Overall Transaction Rating Positive (+58, 94%)
2. Item Quality (60)
3. Item Description (56)
4. Item Delivery (58)
5. Customer Service (56)
6. Review … see all …
Hover over?
47
Tx RatingItem: XVendor: Jim
Buyer Reputation
Buyer ReputationThe sum of transaction ratings from all items
What is reputation on OpenBazaar?
Tx RatingItem: ZVendor: Eve
48
What about Moderator Reputation?
What is reputation on OpenBazaar?
Difficult problem to solve as there will always be one party that is happy with the result, and one that is unhappy
Transparency is the best approach
The claim and dispute decision should be publicly accessible for both Vendors and Buyers to assess:
1) Quality of the decision2) Feedback from the winning and losing parties3) Dispute resolution standards
49
Moderator Ratings
What is reputation on OpenBazaar?
Individual dispute summaries would include the claimee, the winner, rating and review from each side; also link to Ricardian Contract
50
Moderator Reputation
What is reputation on OpenBazaar?
Ratings will be aggregated from the winners and losers of each disputed transaction
Negative or positive consensus on the quality of dispute resolution will inform Vendors and Buyers
Click for list of reviews Click for list of reviews
51
Ratings are assigned to a Vendor’s GUID
Reputation will be calculated by combining ratings from all cryptographically linked nodes
What is a valid rating?
53
We can never know if a trade and its rating is real or not
Without a gross invasion of privacy…
But we can set reasonable criteria to evaluate if a trade and its rating is real or not
What is a valid rating?
54
Criteria for a valid rating:
1. A trade receipt 2. Evidence of a multisignature transaction
What is a valid rating?
55
Criteria for a valid rating:
1. A trade receipt 2. Evidence of a multisignature transaction
What is a valid rating?
56
Trade Receipt
… is a completed Ricardian Contract with verifiable digital signatures
Rating data is included in the last stage of the trade flow where funds
are released to the Vendor
What is a valid rating?
58
Remember for later:
The Ricardian contract is filled-in, by each party, as the trade flow progresses
Vendors/Buyers will send data to populate the attribute-value pairs in the Ricardian contract template
What is a valid rating?
59
Criteria for a valid rating:
1. A trade receipt 2. Evidence of a multisignature transaction
What is a valid rating?
60
Multisignature Transaction
Ricardian Contract references a multisignature transaction and requires digital signatures from the vendor and buyer’s multisig keys
Bitcoin multisig transaction means that ratings aren’t free (or easy)
Signatures from the multisig signing keys means a user can’t claim a multisig tx that isn’t theirs
Not a perfect proof-of-work, but it creates a non-trivial cost to make a rating that should discourage Sybil attacks
What is a valid rating?
61
Recap:Rating data and evidence of the multisignature transaction is extracted from the trade receipt (completed Ricardian Contract)
Valid Rating Summary
What is a valid rating?
62
Where is the rating stored?
Where is the trade receipt sent and hosted?
Hosted by the Vendor and/or ModeratorOr even the buyer if they’re online all the time…
Where is the rating stored?
63
Why would a vendor or buyer host a negative rating?
Vendors have an incentive to host all ratings if third parties like moderators or other agents are also hosting them too
Any omission may reflect poorly on the user, and may be publicised or penalised by the market
Where is the rating stored?
64
There is some ongoing work regarding embedding the data within the OpenBazaar DHT
Where is the rating stored?
67
What about privacy?
What about privacy?
Two types of privacy:
Network Privacy Metadata Privacy
TORVPN
Embedding encrypted contracts into the DHT Proxy
Forward Secrecy (OTR-style)
peer connections
68
What about privacy?
What about privacy?
Two types of privacy:
Network Privacy Metadata Privacy
Data within the Ricardian Contract that can be used to determine the identity and behaviour of the buyer
69
What about privacy?
If the Ricardian Contract is necessary to make a listing and validate a rating…
… then buyer metadata is available to everyone
What about privacy?
70
By default, the application creates a pseudonymous identity in OpenBazaar
(covered earlier)
What about privacy?
These identities are nothing more than keypairs used for encrypting and digitally signing
71
The only way to protect the identity of the Buyer is to omit their network, PGP and any associated ID from the
Ricardian Contract
The Buyer’s identity in a trade is merely a bitcoin multisig signing key (one key per transaction; never reused)
What about privacy?
The Vendor knows the network ID where the orders are coming from, but this data isn’t recorded within the contract
Leaving a rating no longer poses a direct identity leak to the Buyer
72
What about the Shipping Address?
What about privacy?
To avoid PII metadata leaks from the Ricardian Contract, the shipping address needs to be encrypted
Step 1: XOR Shipping Address with Nonce
C = R Shipping Address⊕
R: Nonce; random number {0,1}128
Step 2: Encrypt the XOR’d Shipping Address with PGP pubkeys of the
Vendor and Moderator
Step 3: Embed encrypted XOR’d shipping address and sha256(nonce)
into the Ricardian Contract
Step 4: Send the encrypted nonce to the Vendor so they can decrypt the
shipping address
Step X: If there is a dispute RE the shipping address, the Vendor can reveal the nonce to the
Moderator, who is the only other person who can provably determine the shipping address
XOR’ing the shipping address with the nonce prevents the moderator from discovering the shipping address unless the nonce is revealed by either the buyer or vendor
73
Using bitcoin private keys to generate GUIDs
What about privacy?
A variation of this idea is to import a bitcoin private key to generate GUID (since they’re both ECC keys)
Interesting application of this is that it enables a user to communicate and trade ‘as’ or ‘to’ a bitcoin address
74
What about privacy?
Feedback welcome
With this many slides, I’m sure I made a couple of errors
Please join our Slack room to leave feedback, corrections, and suggestions:
https://openbazaar-slackin-drwasho.herokuapp.com/
^ Drop in your email and you’ll get an invite to join openbazaar.slack.com