With bitcoin's gossip protocol, could we take for granted that if I sent transaction, for example, at 1:00 PM on 1st January 2018 UTC then every node connected to network from 1:00 PM to let's say (for network latency) 1:05 PM 1st January 2018 would receive that transaction, because of how the gossip protocol works? And by everyone I mean completely every node that was connected at that time to the network? Or maybe my transaction could not reach some node(s) for some reason and why?
Given some time for network latency, do messages reach absolutely all connected peers and how long it takes for them to do that?

Well, with some modifications probably (security deposits etc.). So, I am not US citizen, but I think that auditing the balance account is the price many people would pay for smooth exchanging. One could also send just a tls notarized part of website which mentions only this particular transaction, not the whole transactions list. With even this modification, you could satisfy privacy concerns. I guess.

5) This will violate T&C of bank - this somehow doesn't stop tens of companies operating like that in credit-scoring business. Maybe T&C are not law itself?
6) Banks generally don't want to deal with crypto - that's the whole point. Bank can distinguish transfer from crypto-exchange and take action, but how it will distinguish a transfer from one private person from another, provided the transfer title is correct?
I am giving nice idea, there is money in it, but to appreciate it you need to examine things more carefully.

My replies:
1) Bank transfer are reversible - well, this applies to any system, any solution, any way we would deal crypto to fiat. But, surprisingly, it's not so easy as you would imagine. If it would, then everybody could pay for everything and once the item is received, he would reverse payment. That is so called "customer-fraud". But it's common with card payments not wires.
2) We would have to entrust third party our login credentials and it's crazy - just do good search on google how many companies do data scraping of bank websites. Basically, if I want to get a loan from private company, I have to give my login credentials to bank account and then they send it to third party company, which does the actual logging in and extracts data. Since this solution works for many years with no controversies, I don't understand why here it would be different.
3) BitConfirm could steal my money -well, for almost every bank in existence there is two-factor authentication for sending money. Login and password only allows to SEE the balance/history of incoming or outgoing transfers but NOT to do any transfer. So you're actually entrusting only information, nothing else. And besides, after the operation you can immediately change password.
4) I made a title to this post "... requiring very little trust." Very little, because once the BitConfirm does even one fraud, the victim could easily prove that in a way that obvious to everybody. So it could just did the fraud once, twice. Same is for all parties involved - if there would be a claim of victim which is unfounded, BitConfrim could easily disprove that, for example by keeping transfer history page notarized by TLSNotary, yes?

Why people still use mostly centralized exchanges and not decentralized? Because people, even with all those regulations, still trust more established companies with reputation. And BitConfirm do not keep funds at any moment, it just have reputation as it's only asset.

Well, I think there is no reason why BitConfirm would become regulated. There are plenty of companies that do "transaction confirmation" by logging in to bank account that do not have to follow any special regulation like advanced KYC or AML, just basically they have to follow the law. Because BitConfirm will NOT deal in fiat, it will not fall under the exchange umbrella. It just checks the balances. Not to mention that it could be incorporated in country which does not have any laws to regulate this kind of activity.
Obvious advantage from Bisq would be arbitrage. I don't trust Bisq, because in case there will dispute (which I guess happens often) I don't want the arbiter, who is the main factor allowing the Bisq to exist at all (otherwise everybody would cheat) to be some random, anonymous node with no knowledge of local banking websites, international banking (like time it takes to transfer from country A to B, intermediary banks closing SWIFT codes etc.), advanced techniques of fraud etc. That is the weak point of Bisq I think. I would prefer as an arbiter known company with reputation, specialists in data mining, banking and fraud prevention and customer care.
That being said, it's only idea that came to my mind as off-spring of working on something else, so I just shared.

The BitConfirm's main job is to login, at some time, to my account, check if it is already credited with proper amount from you, and then if it is, signing the transaction of bitcoin (I already signed this transaction myself, with the prerequisite of another signature from BitConfirm and sent it to you and BitConfirm with LockTimeN - time for our fiat currency transaction to take place).

No, you didn't understood the process. First we make a deal - let's say offline - that I am selling you 1 BTC for 10kUSD, valid for 4 days. Then we fill out, let's say, some electronic form with fields like:
-how much bitcoin is sold
-at what price in fiat
-to what account the money should be transferred
-until what deadline money should be credited
etc.
Then we both sign this form using private keys belonging to public keys which will be addresses used in that future transaction. Then this form along with our e-signatures we send to BitConfirm. Now I, as a seller, put on the blockchain this transaction of 1 BTC, but with necessity of two signatures - one is mine and one belongs to BitConfirm address. I put LockTimeN on transaction. Now you can send your fiat to my account.

Now:
1)you send money -> I send my login credentials to BitConfirm -> BitConfirm signs the transaction of 1 BTC (this missing signature)
2) you don't send money -> time of LockTimeN elapses, I can do with my Unspent Output what I want
3) I don't send login credentials to my account/sent invalid ones -> BitConfirm signs the transaction and publishes on blockchain -> BitConfirm can prove that I sent those incorrect credentials or none in case there is some accusation from my side. They also have form signed by my signature belonging to public key of my sending address.
4) BitConfirm did something wrong - I can easily prove that to public because they also signed this form and I have access to my account which I can show to others (for example I didn't received any money, and BitConfirm said I did and transferred my 1 BTC.)
Now you get the idea?

Hi,

I posted this in bitcoin trading section, but there is a lot of trashy posts, so I decided to post it here.
So there are those companies that do data mining, for other companies (for example for loan companies) extracting data from bank accounts (for example from accounts of prospective loaners, who gave login credentials to their accounts) to give info to their clients (loan companies), who need it (for example to determine if a given person is credit-worthy, after checking his account history).
Why there are no companies like this, that would allow almost-trustless crypto-to-fiat exchanges directly between individuals? I mean, if you want to buy 1 BTC for 10kUSD and I want to sell 1 BTC for 10kUSD, then I make a transaction to you with:
a) nLockTime
b) requirement of a asymmetrical signature from company which professionally checks bank accounts to confirm transaction (let's call it BitConfirm from now on) - so it is multsig transaction
c) BitConfirm's policy needs crypto-signed confirmation from seller and buyer of Bitcoin that they will sell and buy under the condition of such and such payment on such and such bank account in such and such time etc.

Now, we agreed that BitConfirm will do the verification and we both signed by keys that will be used to send and receive this 1 BTC, then one of us or both sent this crypto-agreement to BitConfirm and BitConfirm needs to sign this message to, before anyone will send any money. You send BitConfirm your login credentials. It works exactly like those companies I mentioned above, there are companies like that working and legal all around the world. BitConfirm checks and either confirms or not this transaction.

Of course there are other ways of formulating transaction, there are problems to be solved (deposits for transaction-spam preventions and BitConfirm's fees etc.), but basically if we trust BitConfirm (trust is their business), then we have following advantages:
-we can make transaction between ourselves, without needing any exchanged crippled by hyper-regulation and else
-we don't have to trust each other, as we trust BitConfirm
-we can prove BitConfirm's maliciousness - because BitConfirm had signed the message (check c above)) before anyone concluded bank transfer. So, we could present this signed agreement and, for example, our bank statement with digital signature from bank's side, and that would prove BitConfirm's maliciousness and put it out of business.

So, what are your thoughts?

Ok, now all is clear. Thank you so much.

Hi,
So there are those companies that do data mining, for other companies (for example loan companies) extracting data from bank accounts (for example accounts of prospective loaners, who gave login credentials to their accounts) to give info to their clients (loan companies), who need it (for example to determine if a given person is credit-worthy, after checking his account history).
Why there are no companies like this, that would allow almost-trustless crypto-to-fiat exchanges directly between individuals? I mean, if you want to buy 1 BTC for 10kUSD and I want to sell 1 BTC for 10kUSD, then I make a transaction to you with:
a) nLockTime
b) requirement of a asymmetrical signature from company which professionally checks bank accounts to confirm transaction (let's call it BitConfirm from now on) - so it is multsig transaction
c) BitConfirm's policy needs crypto-signed confirmation from seller and buyer of Bitcoin that they will sell and buy under the condition of such and such payment on such and such bank account in such and such time etc.

Now, we agreed that BitConfirm will do the verification and we both signed by keys that will be used to send and receive this 1 BTC, then one of us or both sent this crypto-agreement to BitConfirm and BitConfirm needs to sign this message to, before anyone will send any money. You send BitConfirm your login credentials. It works exactly like those companies I mentioned above, there are companies like that working and legal all around the world. BitConfirm checks and either confirms or not this transaction.

Of course there are other ways of formulating transaction, there are problems to be solved (deposits for transaction-spam preventions and BitConfirm's fees etc.), but basically if we trust BitConfirm (trust is their business), then we have following advantages:
-we can make transaction between ourselves, without needing any exchanged crippled by hyper-regulation and else
-we don't have to trust each other, as we trust BitConfirm
-we can prove BitConfirm's maliciousness - because BitConfirm had signed the message (check c above)) before anyone concluded bank transfer. So, we could present this signed agreement and, for example, our bank statement with digital signature from bank's side, and that would prove BitConfirm's maliciousness and put it out of business.

So, what are your thoughts?

Thank you for the answer. But I am still unclear on your answer to question 2. You said any node can lie and it's true. But gossip protocol is based on psychological implication that at least some peers on the network WILL relay message (if everybody kept messages to themselves, gossip protocol wouldn't work, but it works). So, let's presume a message X needs to be asymmetrically signed by sender and I can verify that signature. Then if I will ask my peers did they received X, and:

a) they said (or most of them) they didn't - I couldn't deduct with 99.999% confidence that there was no X on network, because if there was X, at least some of peers would respond me in the positive (because of gossip psychology).
b) they said they did - I could deduct with 99.999% confidence that there was X on network, because I can check the signature of X.

In this scenario peers cannot lie about positive answer (because they would need to forge signature), but they can lie about negative (they received X, but said no, we didn't). But, if networks would act like that, gossip protocol would not work in bitcoin too - for example block propagation would be impossible if almost all peers would keep info about new blocks for themselves without relaying. So, in practice, I could deduct that if many nodes said they didn't received X, then almost certainly there was no X on network?

Many thanks.

Hello,

Basically I know how message propagation works in peer-to-peer bitcoin network. But I need a clarification on three points below:

QUESTION 1: In bitcoin network every node relays every message it received to it's peers. If node A received message X and relayed it to his peers, and those peers relayed it to theirs, can we take for granted that finally this message X will return to node A like a boomerang? Because if every node relays every message, it should finally.

QUESTION 2: I know there is no feature in bitcoin client for this, but let's suppose there was one. If node A would like to know if message X was ever relayed on the network, and there would be a feature that allowed to ask it's peers if they had ever received X, and once enough number of peers answered that they do indeed relayed such X, would it imply that all connected (at the time when X was relayed on network) nodes received X? Because if some originator node originates X, than one of his peers relays this X, and their peers also relay X (or at least most of them, which acts honestly), then eventually X should reach all connected nodes, right?

And reversing this, if node A would ask enough number of his peers if they received/relayed X and enough number of them answered that no, they haven't, could node A deduct that X was never relayed on the network, for the same reason as stated above?

QUESTION 4: If theoretically at a given time all nodes participating in the network were connected to network, then a message X send at that time should reach (after some time) all nodes, right?

Please somebody answer this.

Hello,
For some time I am thinking about an idea for a distributed ledger working in peer-to-peer network that would provide solutions in fields such as scalability, privacy, functionality etc. This idea is only a thought-experiment and I need answers for a few questions to know if it might have any sense to pursue this idea or not. Also, I don't speak/write in English well, so please excuse me if I'll make some mistakes.
I) Peer-to-peer network with private messages
Let's presume that in a peer-to-peer network we want to send private message. So, a sending node:
1) signs his message (to authenticate source)
2) then encrypts it using symmetric cryptography
3) then encrypts the symmetric key (which will be used to decrypt the message) using public key of the recipient
4) and then on top of that he signs using his key both the message encrypted and symmetric key
So, finally, we have 2 things:
1) Message -> Signed by his private key -> Encrypted using symmetric cryptography -> Finally signed again (so the nodes on the network will know from which node it is coming from)
2) Symmetric key that will be used to decrypt message -> encrypted using asymmetric cryptography by intended recipient's public key -> and finally signed by sender's key, so the nodes will know the source of message.
The benefits of this is that we can send information over the network, no node relaying this info will know the content of it, and still every node will be able to confirm the identity of the sender and intended recipient will be able to finally decrypt message and also confirm the source of this message (as it is signed) even in decrypted form.  There is no blockchain in this system, only messages sent/received/relayed.
QUESTION 1: Are there any technical reasons why something like this wouldn't work? Could such a way of privately send messages be used on a big network, where every node "pools" messages received and sends to his peers? How theoretically could it scale, putting aside message spamming (I have solution for that)?
QUESTION 2: Suppose that in this imaginary network every node relays every message it received to it's peers. If node A received message X and relayed it to his peers, and those peers relayed it to theirs, can we take for granted that finally this message X will return to node A like a boomerang? Because if every node relays every message, it should finally.
QUESTION 3: If node A would like to know if message X was ever relayed on the network, could it ask it's peers if they had ever received X and if enough number of peers answered that they do indeed relayed such X, would it imply that all connected (at the time when X was relayed on network) nodes received X? Because if some originator node originates X, than one of his peers relays this X, and their peers also relay X (or at least most of them, which acts honestly), then eventually X should reach all connected nodes, right? Or, if not all, statistically like almost all?
And reversing this, if node A would ask enough number of his peers if they received/relayed X and enough number of them answered that no, they haven't, could node A deduct that X was never relayed on the network, for the same reason as stated above?
QUESTION 4: If at a given time all nodes participating in the network were connected to network, then in my imaginary system a message X send at that time should reach (after some time) all nodes, right?
II) Timestamps (as used in bitcoin for example)
Miners in bitcoin put a timestamp on mined block as they broadcast it to the network.
QUESTION: As I understand it, the incentive for miner to put the correct timestamp is the punitive fact that if he fails to do so, his block will not be broadcasted by his peers, which will check the timestamp independently and so will not reach the network. This incentive is the main factor securing the correctness of block's timestamp, right?
IV) Digital signatures
It might seem a strange and unrelated question, but it isn't. As I am completely, utterly green in this, maybe somebody will help. So, basically, there are digital signature which makes https possible. If I would like to prove to somebody that a given server, which utilizes secure signature, signed a given data (which means a website that was sent by the server to me), could I just:
a) take data I received in https session (like data from my bank)
b) somehow (I really don't know if it works like that) extract from https session signature of server (my bank), which signs the data sent to me (e.g. my money transfer history I downloaded)
c) present the data signed (website) and signature of that data (signature of bank) to third party and does it prove in this way that this particular website (data basically) was signed by this particular server (bank), provided that third party trusts the digital signature that signed data was originated by this and this institution (bank)? When https session is being done, does the server signs every website separately, so that the data signed by server is the actual website sent by server, which means, if the website changes than the signature changes? You can extract such signatures from https session?

It might seem as a senseless heap of questions, but it isn't, there is an idea behind it but I just need clarification on those points, which I am not sure about. Many thanks to all who contribute to clarifying.

Hello,

I have an idea I am working on for some time, it would be using blockchain technology. However, although I know something about blockchain as it stands today, I am lacking a more deepened knowledge about cryptographic primitives. So, because I couldn't find a definitive answer anywhere, I thought I will try here. As I am completely new to this forum, please inform me if my questions should be posted in another category.

So here are the questions:

Let's presume that in a peer-to-peer network there is a big volume of information going from one node to the other, however most of this info is private. So, a node:
1) signs his message (to authenticate source)
2) then encrypts it using symmetric cryptography
3) then encrypts the symmetric key (which will be used to decrypt the message) using public key of the recipient
4) and then on top of that he signs using his key both the message encrypted and symmetric key

So, finally, we have 2 things:
1) Message -> Signed by his private key -> Encrypted using symmetric cryptography -> Finally signed again (so the nodes on the network will know from which node it is coming from)
2) Symmetric key that will be used to decrypt message -> encrypted using asymmetric cryptography by intended recipient's public key -> and finally signed by sender's key, so the nodes will know the source of message.

The benefits of this is that we can send information over the network, no node relaying this info will know the content of it, and still every node will be able to confirm the identity of the sender and intended recipient will be able to finally decrypt message and also confirm the source of this message (as it is signed) even in decrypted form.

1) Are there any technical reasons why something like this wouldn't work?
2) Could such a way of privately send messages be used on a big network (size of bitcoin for example), where every node "pools" messages and sends to his peers? The problems I see is size of messages (it grows bigger by signing and encrypting like that).
3) I am sure of that, but I want to ask anyway - could node compare two messages it received, even if they are different, and find every two or more messages that were signed by the same public key (from same source)?

Of course there is a problem that as nodes "pool" messages, they won't know if the message was delivered or not. But that is not part of this question.

If there some expert who have time to answer such basic questions on this forum, I am deeply thankful.