I am talking about the big traders (>100€) and not about the p2p system itself. Of course, small traders might be lucky and not be a victim.
So, I just wanted to stress out, that these considerations are on a completely different level in comparison to considerations if p2p filesharing is legal or if bitcoin is legal. Because you are using the banking system to do money transfers from users whom you might not know. Therefore, if you want to have a usable system, then you have to deal with these issues.

No, I haven't said it is dumb to trade on localbitcoins. They have some mechanisms which prevent users to massively cash out hacked bank accounts. If you read my posts, you will see, that what I actually proposed is similar to the rating system on localbitcoins, but it would work in the p2p system.
Let me give you a counter question: Do you think, that localbitcoins would work without any rating system?
So my whole point is that the p2p system needs some mechanism to prevent hacked bank accounts wiring money. Actually, this is some minimal AML compliance, because if someone wants to cash out hacked bank accounts it is basically money laundering. This is not just important to comply with the law, but it is a fundamental part of the exchange to work.

I think you underestimate the implications if you are doing money transfers in the normal banking system without AML in place. This would be criminal activity and is not comparable to some kind of p2p downloading of copyrighted files or mining p2p-coins or whatever.
If you would setup the system without AML, then:
1) smart people will just not use it, because they are aware of the risks
2) dumb people will use it and will be victims. Sooner or later they will get letters from law enforcement that they were doing criminal buisness.
3) hackers will use it to cash out hacked bank accounts

I don't think that is what you want. Also think about the implications that would have on the bitcoin system itself. So better think about AML if you are trying to interface a p2p-trading system with the legacy banking system.

Thank you for the explanations.


The idea is the following:

1) A new user of the p2p-trading system would create his identity=[ generated_public_key, hash(bank-account-number) ]. Thereby you link your bank account to your trading idenity given by your generated private key.
2) Initially other users will give you just a minimum trust, because they cannot be 100% sure the bank-account is really yours. With this minimum trust other users will allow you to just buy 0.01 BTC for 1 EUR/USD for example, because this is just a very small amount.
...One month later...
3) The same user has now gained much more trust, because the old trading partner has not yet received any complains that the bank account was hacked. Therefore the user can now buy 0.1 BTC for 10 EUR/USD, because other p2p users can be more sure that the identity=[ generated_public_key, hash(bank-account-number) ] does not belong to some hacker who wants to cash out hacked bank accounts...
...One month later...
4) The user has gained much more trust, because his idenity is already two month old and so far none of his trading-partners received any complains.
This goes on and on until you have build a lot of trust and you can actually trade amounts like 10.000 EUR/USD

The nice part about this is that you need two access-keys to use your p2p-account: your bank login AND your generated private key for using the p2p-system.
If some criminal gains access to some bank-account he cannot immediately cash out much money. He could only cash out 1 EUR/USD. He would have to wait 1 or 2 months to really cash out a lot of money, but at that time the victim will already have regained access to his bank-account.

So you automatically gain trust just by waiting a few months. You wouldn't even need to trade for two months. Just by waiting you will upgrade your p2p-idenity to very much trust.

i have some concerns about using passport data for AML:

1) I would not like to share this data with anyone, where I cannot be sure if they will delete it. So is it maybe possible to just send this data to a server running on the amazon cloud, and knowing by the hash of the virtual machine that it will delete your data after checking the validity?

2) An attacker might have got your passport data just by wirelessly reading it out from your passport from in front of your house. So would it be enough as an identification?

A side question: Wouldn't it be nice if all countries would issue passports which would allow you to digitally sign documents? Similar to the German eID, which uses cryptography to allow active authentication to service providers.

I still think the idea of linking your p2p-exchange-identity to hash(bank-account-number) would be more usable for AML. The only downside would be that everyone who knows yours bank-account-number would be able to see your trading-history.

yes, you are right, I mixed it up with the German identity card, which has a PIN. Somehow I didn't thought about the passport having a different mechanism.

Sorry, if I was unclear about it. Of course I have an e-Password. But the German e-Passport does not allow me/individuals/citizens to download any personal information from the passports. The only direct access that a citizen can do is to change the PIN. You can use the electronic ID at home with card readers to digitally authenticate yourself to the government/police/banks/organisations, who previously have to apply at the government to have this ability.
Therefore, I said the German eID is not compatible with what you propose, because we cannot even download our own digital ID information from our own passports. We can only use it to authenticate to specific service providers, but not to random citizens.
And I assume that many other European countries have the same data privacy concerns and therefore restrict the access in a similar way.

Unfortunately, in many countries this approach just wouldn't work, because they don't offer a compatible electronic passport.
For example, I live in Germany, and have an eID. But the German eID system does not allow everyone to validate the passport of another person. As far as I know only service providers (like banks etc.) are allowed to apply at authorities to be able to run an eID-server to allow customers to authenticate.
So it seems that our eID does not allow the authentication of citizens to other citizens. It only allows authentication of citizens to some registered service providers.

I am not sure, but isn't the eID system in other European countries compatible to the German eID and wouldn't work either? (see http://en.wikipedia.org/wiki/Electronic_identity_card)
Would be nice, if someone with a good understanding of these eIDs could clarify.

Yeah, I know it's only a proof-of-concept implementation. And it's a very good idea to provide this as a tool to other p2p exchanges. I just wanted to raise the issue so that some people might start thinking about solutions esspecially to the AML problem. Because, if this problem is not solved, everybody who would use the system would have high risks to be involved in criminal activities. Still, I think, it is possible to solve it in a p2p way.


Thank you for the instructions! I will try it when I am back at home.

What I really like in this concept is that the gateway is only needed in the case of a dispute . In my view, that is a key point to be practically usable without too much complexity, because as you said a dispute will almost never happen.

Are you sure about this point? I always thought that a banking session consists of only one single SSL connection... And I thought some banking websites do not even allow SSL-renegotiation. Did you try this out on several websites?


Anyway, this system should be able to allow decentralized fiat/bitcoin exchange. But when I think about the big picture to use this for a p2p exchange I still think there are some challenges and I am wondering how you plan to tackle them:
1. Did you thought about the legal aspects as well? I am wondering if AML laws would forbid to use such a system, because you might not know the person from whom you would accept the fiat transfer. Therefore criminals could use this system to transfer money from hacked bank accounts into Bitcoin and disappear. Therefore it would involve high risks to use this system and accept these anonymous fiat transfers!
2. The system needs a decentralised orderbook with spam prevention
3. How do you make sure that the escrow is chosen randomly

Maybe you could solve all three problems together if you have a very simple semi-anonymous identity system where each identity is associated with a hash of the bank-account-number? This could solve all three issues together:
1. The AML problem would be mitigated, because you would only accept high volume fiat transfers from users having a history of trades. Thereby you can be much more sure that the account really belongs to that user. In this scenario new users would initially have to build trust by trading only a small amount like 1 USD or 1 EUR and thereby validate that they are really the owners of the bank accounts. This would be similar to how some centralised exchanges validate the bank-accounts of users due to AML laws.
2. You could prevent spam because massive orders using the same bank-account could be discarded by the p2p clients.
3. The p2p system could randomly choose escrow users from the public list of user-ids.

The system would still be quite anonymous, because it stores only the hash of the bank-account-number. Therefore only your direct trading parters would see your real identity because you anyway would have to reveal your bank account details to them. But they could use this decentralized hash store to check for your trading history to make sure that you are not a scammer.

That sounds great! Can't wait to see the proof-of-concept!

How did you finally ended up implementing it? Did you change anything from your initial proposals?

What functions of the escrow do you plan to implement on the Amazon Cloud? Seems like an excellent idea. Do you plan to have the proxy, which records the banking session, in the cloud? And then the fiat-sender can submit what pages would have to be decrypted as proof-of-payment?

Sorry for my ignorance, but I don't understand how you could use ripple to trade stocks... You say that the company could issue stock-IOUs. But I couldn't trade these through the ripple network, because none of my friends would accept IOUs denominated in these stocks.

1) Isn't everything you are holding in the ripple network based on IOUs with one of your trusted friends?
So if I want to use ripple to buy a stock of some company I cannot easily transfer that stock through the ripple network considering that I have no friend who would accept that stock as an IOU.

2) Furthermore in ripple the company couldn't easily distribute dividends. In contrast, in a blockchain the public addresses of the shareholders would be known in the blockchains and therefore it would be easy to distribute dividends.

3) The same problem is if the company wants that the shareholders should vote for some investment strategy. In a blockchain like system it would be very easy to implement this using proof-of-stake.

+1

Exactly. At this point, all legal arguments would be useless. It is as if Satoshi Nakamoto would have argued about the legality of bitcoin (e.g. is it allowed to mint a new currency). At that point (*EDIT* before it was released) the legality of bitcoin was absolutely unclear because nobody even knew how the system would work.
It's like arguing about the legality of file-sharing softwares before they were developed. Is it illegal? who knows? In the end it always depends on where and how you use it....
Would argue about the legality of building cars/rockets/whatever, before they were invented?

As long as it is not illegal to write an open-source software, then why argue about legality. In the end people will use it or not. Maybe it will be banned in some countries and not in others. And only if the technology is there, politicians will be able to decide about the legal framework.

There was a significant seizure in Germany at the owner of bitcoin24 just 4 months ago. Although the police suspected fraud, they have just seized Euros and have frozen the bank accounts. They didn't seize the bitcoins although they could have done it and it would have made sense. Many people were wondering why not. Maybe the police was just not smart enough...

thank you for sharing. and also for letting me know about bittorrent sync.

I also hope that this will soon be implemented. And hopefully the exchange will be incorporated into the P2P system. So that trustless trading of bitcoins against stocks is easily possible. That would be the ultimate breakthrough for large scale bitcoin adoption.

That's an interesting perspective especially regarding all the recent interest in P2P exchanges. If these are implemented in a blockchain-type-order-book, then you would basically have a round based market.
And with this perspective in mind, you could argue that the bandwidth of most real stock exchanges is not necessary for an efficient market. You could even argue that a round based P2P exchange would be much better for investors and businesses because they would find a "fair market value" without any spread.

I always saw it as a problem that some of these P2P exchange proposals want to match orders using a blockchain. But now I think this could even be an advantage, because the market will have time to find the "fair market value" of the underlying stock.

I am not sure if I understand your argument... I assume it depends on how you define "spread". I think in a round based system it makes only sense to define the spread at the end of the rounds and not in-between rounds, because trades are only executed at the end of the rounds.
Now per round there are two possibilities:
1) Some trades were matched: then per the definition of "spread", the spread is 0 (although there might be some unfilled trades left)
2) No orders could be matched: Then the spread would be exactly the same as in a market with HFT

Thereby, you see, that the spread will be either the same as with HFT, or smaller.
In this round based market, the orders of "real" investors are more likely to be matched to orders of other "real" investors, without any parasites that make money using some spread. So no drawbacks for "real" investors in comparison to a HFT market. The HFT market only serves some parasites that make money in between.

Of course in the situation of real world stock markets HFT reduces the spread between different exchanges by arbitrage trading and thereby reduces the costs for investors. BUT if you assume a round based market, then you can implement the market globally, such that every investor can participate directly in one global market and no party is favored by better bandwidth. Thereby you make HFT arbitrage trading obsolete.
So considering one single market (similar to one single P2P blockchain) there is no reason to believe that HFT will somehow reduce the costs for "real" investors. It would only increase the costs for real investors because they would have to pay the party in between.

Interesting discussion here. I completely agree with Edward. HFT just serves the brokers and trading houses. For real investors it is not important that their trade executes within seconds. They could wait for the end of a round (i.e. until a new blockchain block is found), which will match all trades. This will give all real investors an effective spread of 0. This will serve the businesses and investors and not some parasites in between.


This wouldn't be a spread. They just placed orders which nobody wants to fill.
If AAPL is worth 500 USD and I place an order at NYSE to buy AAPL for 450 USD, then the order is not filled. Would you then say that the spread is 50 USD, just because there is no counter party??


As said, the spread would be zero in a round based system. All this talk, about the benefits of HFT is just a baseless rumor that is spread by large banks, because it is a way for them to make money.
If you are talking about the efficiency of computer trading you should distinguish between computer algorithms that detect bubbles and predict prices (which is a good thing) and HFT (parasites).

I cannot follow your argument, why miners would merge mine with your given equation.
Let me illustrate it using a simple example:
We have four chains A,B,C,D with block-reward/difficulty:
A: 5.6 BTS
B: 5.2 BTS
C: 4.8 BTS
D: 4.4 BTS

A merge miner would have a merkle branch depth of 2 and therefore with your equation an average reward of 5 BTS. Therefore it is less profitable in comparison to mining on A, which will directly give you 5.6 BTS reward. Therefore all miners will switch to A and do single mining and nobody would do merge mining.

You might argue, that after time this will decrease the mining reward in A and B because people will switch to it, and increase it in chains C and D. So there might indeed be a fix-point at which all four chains have a reward of 5 BTS. BUT this fix point is not very stable, because as soon as you perturb the system, all miners will switch to the chain with the highest reward.
So the whole system of all your chains will only contain miners, who do not merge mine, and the system will get oscillatory behavior.
You might argue, that your adaptation of your block-reward is so fast, that it will dampen these oscillations. But, my original point still remains: It is insecure because an attacker can easily obtain 50% hashing power in one of your chains, because nobody will merge mine, because they will seek the maximum profit in the chain with the currently maximum reward.

If we look at the same example and you use my modified equation, where you give a reward of block-reward / merkel-branch-depth, then a merge miner will get an average reward of 10 BTS. Therefore you would give an incentive to do merge mining (and thereby also to run full nodes in many chains). This would be much more secure, while you still lower the reward.

@bytemaster
You still haven't replied, so I guess you overlooked my post?
Do you agree to my point? Or do you have a fundamentally different understanding of how a multi-chain system should be secured by mining? My point is, that merge mining does not only increase the reward of the miners, but it is actually very important for the security of all chains. Without merge-mining, all chains are insecure because chain-hopping of mining resources will make it easy for an attacker to gain 50% in individual chains.
Or do you think that my reasoning is flawed? Then why?