[Cryptography] Proposal of a fair contract signing protocol

Ángel González angel at crypto.16bits.net
Tue Jun 14 17:27:26 EDT 2016

On 2016-06-13 at 19:29 -0400, Allen wrote:
> > With block chains, we can effectively get the possible cheating to
> > 0.  For example, we can sign a contract and enter it's hash into
> > the block chain, and in the contract state that it is valid only if
> > recorded in the block chain with both party's signatures.  It is
> > like having a free escrow agent.
> > 
> > 
> > 
> > 
> I don't see how this solves the problem of one party signing and then
> the other party holding their signature until a time of their
> choosing.  That would however be easily solved by placing an
> expiration time in the contract and declaring that the contract is
> only valid if entered into the blockchain before then.  However,
> depending on the properties of the blockchain and the message
> containing the contract, a related problem might be how does the
> first party know that the contract is in the blockchain?  The second
> party could post the contract to the blockchain and not reveal it is
> there until they are ready to enforce it; meanwhile the first party
> has no way to enforce the contract if they cannot locate it in the
> blockchain.
As soon as there is a (trusted, maybe distributed) third party, you can
get away of this issue:
* Bob could send the signature of the contract to trusted third party,
which would both ensure it reaches Alice and record when was it
* The rules for storing into the blockchain would presumably allow to
locate any given contract that was potentially stored there.
* Another option would be for the government to force companies into
publishing daily the [hashes of] contracts they have agreed into. If
Alice fetches Bob's list of contracts, and her contract is there, she
nows (at most with a delay of 1 day) that Bob accepted the contract. If
the list was signed today and the contract is not there (supposing the
contract stated that today was the deadline for the offer), that counts
as a refusal (keep the signed list of agreed-upon contracts as proof).
If the published list is an old one, she can contact the regulator and
complain that Bob is at fault (yet, Bob could serve an updated version
to the regulator, but an old one to people with pending contracts,
requiring Alice to eg. use proxies in order to get the updated info).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160614/2ae237fc/attachment.html>

More information about the cryptography mailing list