>* Allow users to maintain a pseudonymous identity that carries
anonymous trust across transactions.
i.e. anonymous as in it's difficult to establish a real world identity for sellers not anonymous as in no persistent identities at all.
Bootstrapping such a marketplace is obviously difficult, since it's never safe to buy from someone without reputation but everybody starts without reputation - it might be possible to demand some proof-of-work-money to establish a marketplace identity, but I'm not sure where the money would go.
But if the identity is not connected to a real world identity, there is no legal recourse if that identity cheats you. Most who advocate a pure free market still accept the need for a legal system (not necessarily a State-based one), such that for instance people who take your money without delivering the good may be sued.
An anonymous market means that there's no legal recourse if someone cheats you or steals from you.
> An anonymous market means that there's no legal recourse if someone cheats you or steals from you.
Which is why the protocol needs to financially discourage cheating.
Take the Bitcoin protocol, for example. It's not impossible to build a Bitcoin mining ASIC for $10M, get 30% of the network hashrate, and have a reasonable chance of reversing a 6-confirmation transaction. But unless you can find someone who is willing to accept a 6-confirmation $10M-equivalent Bitcoin transaction, it doesn't make financial sense for anyone to do so.
The same should apply for this hypothetical protocol. If you can see a merchant has spent 100 BTC to build up a reputation (eg. through proof-of-burn), he could try to scam you when you buy 0.5 BTC worth of goods from him, but he wouldn't profit from it financially.
In practice it is better to build p2p systems under the stronger assumption that actors need not be economically rational. Otherwise the market could be attacked (say by a nation state that wants to kill it) by repeatedly building up rep, then scamming on a large transaction (even if the accumulated rep is worth more) to destroy faith in the market itself.
Of course. But if this is not possible, we're much better off with a system where at least actors cannot profit from being dishonest.
I think Bitcoin is a great example of a system that is not cryptographically secure per se, but still holds up because actors need to spend money to - temporarily - prevent it from functioning properly.
Interesting. Would this prevent something like some of the Silk Road clones happening, wherein somebody spends months to years acquiring trust, and then makes off with the money for all incoming transactions, which is by then worth more than what they've spent on building the reputation?
Yes, I believe so. I mean, no one can prevent other people from engaging in a large transaction with a vendor that exceeds what the vendor has spent on building up his reputation, but I think we can make sure all the information is available for nodes to make an informed decision, and not make it profitable for the vendor to attempt to cheat.
Eg. in the user interface of the application talking this hypothetical decentralized anonymous marketplace protocol, a warning could pop up if you're trying to place an order with a vendor that has open orders for a value of, say, 50% of what he has burned in total.
If nodes who begin a transaction with a vendor simply publish their unsigned multisig transactions -- signed by the vendor in a way that doesn't make the transaction valid, but enables other nodes to cryptographically prove that the vendor has accepted this transaction and that it is open -- to the network (and I see no reason why they wouldn't want to), we can know the total number of outstanding orders for a vendor, and the their total value. Along with information on how much a vendor has burned in connection with other trades, we can figure out whether we would put the vendor in a position where he could profit financially from running off with the money, were we to place out order.
But remember, an escrow service is involved. The vendor would have to convince the escrow service to sign the unsigned multisig transaction (open order) so the vendor gets the money. Although the vendor can just promise a cutback to the escrow service. But if we make sure that the total value of all open orders doesn't exceed a tempting amount for the vendor, we can at least make the dishonest behavior of a vendor unprofitable.
> Bootstrapping such a marketplace is obviously difficult, since it's never safe to buy from someone without reputation but everybody starts without reputation - it might be possible to demand some proof-of-work-money to establish a marketplace identity, but I'm not sure where the money would go.
I think this is a sensible approach. The money (bitcoins) could simply be destroyed in a transaction associating an identity with the "burn". It would act as the equivalent of a fidelity bond, except the funds would not be recoverable. Perhaps it would make sense to only require this for new vendors, since the cost of a single "burn" for a vendor would be small compared to future revenue, but large for a potential customer, who might not know if they will ever use the service again.
>* Allow users to maintain a pseudonymous identity that carries anonymous trust across transactions.
i.e. anonymous as in it's difficult to establish a real world identity for sellers not anonymous as in no persistent identities at all.
Bootstrapping such a marketplace is obviously difficult, since it's never safe to buy from someone without reputation but everybody starts without reputation - it might be possible to demand some proof-of-work-money to establish a marketplace identity, but I'm not sure where the money would go.