Silk Road forums

I also came up with an equivalent to vendor reviews. Since most vendor reviews are 5 or 1 in practice, we can reduce that to 1 or 0, or signed (endorsed) or not. Vendor reviews can be based on a web of trust of anonymous transaction signing. When transactions are successful, buyers can sign them, even though others don't have their keys. They can still see that many seller transactions were signed by many anonymous buyers. So, when the seller provides his identity key, you are exposed to the number of transactions, the prices involved (to protect against sellers making 100 purchases of $1), the number of resolution disputes (through a special mark on the transaction), and the number of endorsements (or anonymous key signings).

The key difference is that you can't prove what the products in any of the transactions were.

Perhaps the prices could be "fuzzed" within a range. ie, the seller puts up a product and says that it can sell for between 1.0 and 1.2 BTC. The buyer agrees to buy it and initiates the transaction (or gets an escrow agent to initiate it), and the system picks a uniformly random value between 1.0 and 1.2 BTC to create the transaction. With enough overlapping price ranges, you wouldn't know which transaction price links to which product.

Sellers who expect to get paid 1.0 BTC for their product could pick a range like 0.9 to 1.1 BTC, knowing they would get that, on average, over many transactions.

Ok, I see this going two ways now.

1. Revealing the price of the transaction could be optional, so it would only have to be revealed in cases where escrow services are used, although I imagine a large majority of transactions would involve escrow.

2. Prices of all transactions would be public. In this case, the entire market could be an extension of the bitcoin protocol, where the info about products, shipping address, the key signing stuff I mentioned above, become encrypted metadata associated with bitcoin transactions.

You might say, doesn't revealing the price of each transaction violate the privacy I'm trying to create with such a market? Not really. The bitcoin network already operates this way. All transactions are public, but you don't know what they are for. You can find transactions involving hundreds of thousands of dollars, and they could be money laundering, funding terrorism, large drug buys, etc. The extended protocol simply includes that (encrypted) metadata in the transaction to create a market. Well, it's not that simple, there would have to be an elaborate key signing / management mechanism to allow third parties (escrow agents) to view transactions when it's necessary, and do all the buyer/seller stats stuff.

Still, in case 2, it could be relatively easy to implement.

And of course, if it's decentralized, there's no central point of failure, no central server to seize or DOS. It would be as hard to shut down as the bitcoin network.

The more I think about it, the more I like this idea. Tell me where I'm horribly wrong?

Yeah, I'm starting to think that the only way this could work is if you got rid of the market admins altogether and used a decentralized database like the block chain. The "network" maintains it. As long as there is at least one node, the market continues to exist. Sellers submit listings which are encrypted but provide key words. Buyers discover listings by searching for key words. Transactions are p2p, so only the buyer and seller know that a particular transaction involves them (although anyone who downloads the database knows that a transaction exists, just like bitcoin transactions today).

You lose escrow and resolution, but that could be provided by third party services for a fee. In fact, that's what the role of "market admin" in today's markets could evolve into. Before engaging in a transaction, buyer and seller could agree to use a third party escrow/resolution service. They inform the service, which initiates the transaction, but the service doesn't know the content of the transaction (the product and price) until a dispute happens and it is revealed to them. In order to complete the transaction, both parties must sign it, or something along those lines. So a dispute happens when at least one party refuses to sign. At that point, the transaction details are revealed to the escrow/resolution service, which decides on a result. Another way of putting it is, a third party initiates a special type of transaction, whose contents are not revealed to the third party as long as the first two parties (buyer and seller) sign it within some amount of time.

In this system, some transaction details would be revealed to outsiders, but all the transactions that conclude successfully remain private between buyer and seller. That's better than the current situation, where one entity knows about all transactions.

Edit: If this is your first time reading this thread, skip my stream of consciousness, and read this post first:

http://dkn255hz262ypmii.onion/index.php?topic=157711.msg1112047#msg1112047

=================

The principle design feature of Tor is distributed trust. It could also be described as division of information. No single entity can see the whole network, and no single entity can see your whole circuit. If the Tor Project ran every relay, you would not be anonymous. If the same person ran your entry and exit nodes, you would not be anonymous. Instead, a diverse group of volunteers from around the world add their relays to the network. Your entry node can see who you are (your IP address), but not what you are doing (the sites you are visiting). Your exit node can see what you are doing but not who are you. There are known attacks on this model, but your anonymity and safety are perserved if it holds.

Now consider a black market like SR. There are a few key pieces of information involved in every transaction. The buyer's identity, the seller's identity, the product, and the amount of currency exchanged. Under the current model, we trust the market admins with our currency and the product listings. The buyer can (and should) encrypt their address, so only the seller knows that. Nobody knows the seller's identity, although their city or rough geographical location become know to the buyer when the product is received. So, theoretically the market admins know the products and currency involved, but don't know the buyer and seller identities. The buyers and sellers know each other's identities (to some extent) and the product involved, but not the details of the currency exchange. The information is distributed to some extent, but I think it can be improved.

I'm interested in the concept of a blind market, where the market admins don't know what products are being sold. (This reduces their liability as well.) They only know that buyer1 sent 3 BTC to vendor2 for product <hash3>, or something along those lines. If the market were compromised, LE would only see a series of anonymous transactions for unknown products. The only ones they could deduce would be transactions that they were personally involved in as buyers or sellers.

I'm stuck on how this could be implemented. You can't just hash every product listing, because you wouldn't be able to reverse the hash to present it to buyers. And even if you could, you would be able to log in as a buyer to connect the hashes to the products.

So I'm wondering if there's any research on blind markets, or if anyone knows about this. Maybe the concepts behind blind mixes would be useful here. Any ideas?

It's technologically safe, ie TorBrowser isn't going to leak info to a clearnet browser on its own. However, the potential for human error increases. If you're accessing Google over Tor and type a search in but accidentally type it into the clearnet browser, you have leaked info. It could potentially deanonymize you.

As always, your behavior is half of your protection, and there's nothing TorBrowser can do for you if you behave in unsafe ways.