pseudonymous decentralized marketplace

Ray Dillinger bear at sonic.net
Wed Jul 11 16:37:09 EDT 2001 


I've been attempting to design a decentralized auction/
exchange system that permits pseudonymous participants.  

By 'decentralized', I mean that NO central server, or 
subset of individual servers, controls access to any 
resource the system cannot work without; that there 
is no single point of failure. 

A consequence of this is that every ability that exists 
in any node, must exist in every node.  So the whole 
problem of currency issue gets the slightly weird 
solution of "everybody has to be able to print their 
own money."  

The sticking point is that this basically means the 
system will be without any single universal "currency".
A lot of E-cash techniques are usable, but what you wind 
up trading is certificates that represent goods or 
services offered by individuals in the system -- Alice 
the Farmer might issue certificates for bushels of 
wheat, while Bob the Carpenter might issue a bunch of 
certificates that say "collect a thousand of these and 
I'll redeem them for a new 10x10 meter deck on your house" 
and Carol the moneychanger might promise to redeem hers 
for one US dollar each, just for the amusement value of 
"redeeming" something in a system where hard currencies 
are the norm with a fiat currency. So these would be  
effectively a sort of digital merchants scrip, reducing 
back down to barter.

Exchange rates between the currencies issued by different 
participants would fluctuate according to trust and 
commodity values, and I'm okay with that.  Given the 
nature of the trust/reputation thing, I'd expect only 
a very small percentage of the participants to *actually* 
issue their own currency, as they wouldn't get good 
acceptance/exchange values until widely known, but 
everybody would have the ability.

The problem I'm running into is that while all kinds of 
e-cash protocols exist that protect the anonymity of 
the buyer and a lot protect the anonymity of the seller, 
there are none that protect the anonymity of the currency 
issuer, which would be ideal in this circumstance.  With 
the techniques I know of, the issuer can have only "Nym" 
protection. 

The basic problem with anonymizing the issuers (beyond 
technique alone) would be how the scrip gets redeemed 
when you don't necessarily know whom the issuer is.

Can anybody recommend appropriate reading?



			Bear




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list