Bitcoin Forum
December 12, 2024, 10:22:50 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12]  All
  Print  
Author Topic: tlsnotary - cryptographic proof of fiat transfer for p2p exchanges  (Read 42861 times)
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
October 29, 2014, 01:42:54 PM
 #221

This is jaw-dropping!

I successfully self-tested myself on a few websites and I'm especially amazed, because the whole process (or the part that I saw until now) was straight forward and without unexpected behavior or any other obstacles.

Good to hear.

As you can see, this thread hasn't been very active recently. You're welcome to post any thoughts/queries etc. here, or you can join us on IRC (freenode) at #tlsnotary-chat, or your can post an issue on github (https://github.com/tlsnotary/tlsnotary), or you can even take a look at the nascent discussion forum https://tlsnotary.org/smf (we're trying to put together a proper website, but it's not done). So I guess that's enough options. Now we just need a few more people like you to test it out Smiley

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
October 29, 2014, 01:53:30 PM
 #222

This is jaw-dropping!

I successfully self-tested myself on a few websites and I'm especially amazed, because the whole process (or the part that I saw until now) was straight forward and without unexpected behavior or any other obstacles.

Thanks a lot, still, worth it to remind again to log out before you send anything to a real human! Wink

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
dansmith (OP)
Full Member
***
Offline Offline

Activity: 202
Merit: 100


View Profile
February 19, 2015, 07:11:01 PM
 #223

We are happy to report that https://bitbargain.co.uk (a fiat<->btc marketplace) told us that they successfully used TLSNotary in an unusual case where bank lost the buyer's payment.

Even though https://bitbargain.co.uk processes ~300 trades per day, twice a year they'll have a situation where there is no way to resolve a disagreement between reputable parties.

Using TLSNotary the seller showed to the BitBargain staff their online bank's statement page (with a cryptographic proof) without revealing their bank's login/password. Good times.

https://tlsnotary.org
Transferable webpage content notarization.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
February 19, 2015, 08:32:46 PM
 #224

We are happy to report that https://bitbargain.co.uk (a fiat<->btc marketplace) told us that they successfully used TLSNotary in an unusual case where bank lost the buyer's payment.

Even though https://bitbargain.co.uk processes ~300 trades per day, twice a year they'll have a situation where there is no way to resolve a disagreement between reputable parties.

Using TLSNotary the seller showed to the BitBargain staff their online bank's statement page (with a cryptographic proof) without revealing their bank's login/password. Good times.

So the buyer proved they had actually made the bank transfer using TLSnotary also?

And seller was able to prove he hadn't received (yet) because bank had lost the payment.

Interesting that a bitcoin-centric system for removing trust has been used to prove legacy banking error ... good work.

oakpacific
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
February 19, 2015, 09:41:40 PM
 #225

We are happy to report that https://bitbargain.co.uk (a fiat<->btc marketplace) told us that they successfully used TLSNotary in an unusual case where bank lost the buyer's payment.

Even though https://bitbargain.co.uk processes ~300 trades per day, twice a year they'll have a situation where there is no way to resolve a disagreement between reputable parties.

Using TLSNotary the seller showed to the BitBargain staff their online bank's statement page (with a cryptographic proof) without revealing their bank's login/password. Good times.

So the buyer proved they had actually made the bank transfer using TLSnotary also?

And seller was able to prove he hadn't received (yet) because bank had lost the payment.

Interesting that a bitcoin-centric system for removing trust has been used to prove legacy banking error ... good work.

AFAIK, the seller provided a proof, then the buyer was advised to press his bank more, who is later found to be the party at fault.

https://tlsnotary.org/ Fraud proofing decentralized fiat-Bitcoin trading.
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
March 29, 2015, 12:21:30 PM
Last edit: March 29, 2015, 12:33:07 PM by waxwing
 #226

Feel free to read the latest blog post and try out the new version (only proof of concept, but functional):

https://tlsnotary.org/wp/?p=27

Simple explanation: audit a page and get a .audit file. You can give it an auditor later - where 'auditor' means anyone Smiley. It's transferrable (it's as if the server had signed the page with a digital signature).
You perform the audit with a remote 'notary server', which knows basically nothing: there is no login, no credentials, you don't give the notary server either your html or the encrypted version of your html. It sees nothing except the server pubkey. It just provides you with some preliminary random secrets and then signs that you received the completed version of the secrets after you committed to a hash of your encrypted data.

Well, a little more detail in the blog post above.

Note that although there isn't much going on at the main repo https://github.com/tlsnotary/tlsnotary at the moment, there is a lot of work being done in other places.

In a little while I might throw up a couple of .audit files so others can look at them (you can just run the auditor script locally to verify a .audit file's validity).




PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
March 30, 2015, 02:54:11 PM
 #227

You can try verifying an example audit, see the notes here: https://tlsnotary.org/audits.html

The example given is a file proving a PM I received on reddit from dansmith. You can verify it's authentic in about 10 seconds by running the `python tlsnotary-auditor.py <audit filename>` in the src/auditee directory of the repo https://github.com/AdamISZ/taas-poc-1-auditee.

Hopefully others will add a few similar .audit files there for experimentation.

A reminder, it needs openssl for the signatures; for Linux/MacOS it'll be there by default, but if you're on Windows you may not have that (this will change at some point, it's just for proof of concept).

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
April 27, 2015, 07:14:50 PM
 #228

https://www.tlsnotary.org/pagesigner.html

PageSigner is a drastic simplification of the user experience of TLSNotary. You can get a file which proves you visited a webpage with one click in Firefox. No need for Python, key management, or delays (it takes a few seconds). You can pass the file to an auditor at any later date and they can verify it. Watch the walkthrough video on the above page and let us know what you think.

There's a lot more to say, but feel free to give it a try and get back to us with any questions.

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
April 27, 2015, 10:02:00 PM
 #229

https://www.tlsnotary.org/pagesigner.html

PageSigner is a drastic simplification of the user experience of TLSNotary. You can get a file which proves you visited a webpage with one click in Firefox. No need for Python, key management, or delays (it takes a few seconds). You can pass the file to an auditor at any later date and they can verify it. Watch the walkthrough video on the above page and let us know what you think.

There's a lot more to say, but feel free to give it a try and get back to us with any questions.

Sounds like a major milestone. I'll test it out.

waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
May 08, 2015, 07:39:47 PM
 #230

Chrome is now supported (same link as before, short walkthrough for installation provided there; Firefox is a one (ish) click install, but Chrome requires pushing a few buttons in the correct sequence Smiley )

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
May 09, 2015, 02:22:51 PM
Last edit: July 05, 2015, 04:48:09 PM by waxwing
 #231

From a discussion about a particular use case on IRC (API access), I feel like it's worth laying out the tradeoffs between three technologies:
(Edit: this table was not well designed: a 'yes' means 'using this feature/technology'. So if there are two 'yes'es on one row, it means combining those technologies together).

tlsnotarywebsite's digital signature(amazon aws) oracleProvides...
noyesnoNon-repudiable data (the webserver signs the webpage). The webserver chooses what to sign. Rarely used, controlled by webserver.
nonoyesProof that the oracle ran the code that's claimed
yesnonoProof to *one* party that the webpage is genuine
yesnoyesNon-repudiable proof if the oracle signs the hash of the page (i.e. like digital signature)

Consider the application: API access. Oracle only looks like a good choice: write the oracle to retrieve the webpage (just ping it with a url, it sends back the result) - note that the oracle could then append its *own* digital signature, to provide the non-repudiability you're looking for. This does, however, require giving the oracle control of the API credentials (which conceivably *could* be OK, but at the very least it means passing it outside your machine). Using the last row of the table (which is what pagesigner uses) is more complex but has the advantage of putting a wall between the credentials needed for access and the oracle. Also having the oracle be the source IP address of https requests could have disadvantages.

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 253


View Profile
May 15, 2015, 04:36:09 PM
 #232

Browserless pagesigner: https://github.com/tlsnotary/pagesigner-browserless

This allows you to notarize a page from the command line, enabling automation. This version was created in response to someone who's creating an oracle for real world data; with this, they can use pagesigner to query an API (with their credentials) and generate a proof of data recorded by an authoritative website.

See the README for usage notes.


PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
May 16, 2015, 02:32:40 AM
 #233

Neat how this project is branching out naturally based on the original concept.

Muhammed Zakir
Hero Member
*****
Offline Offline

Activity: 560
Merit: 509


I prefer Zakir over Muhammed when mentioning me!


View Profile WWW
July 02, 2015, 01:56:30 PM
 #234

https://github.com/tlsnotary/pagesigner/issues/12

Sylz
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
October 12, 2015, 12:13:16 PM
 #235

Hi,

Could tlsnotary be applied to wallets and prove a payment was made? Saw implimantation to SSL, but I think for crypto payment it should be done differently.

Tnx
dansmith (OP)
Full Member
***
Offline Offline

Activity: 202
Merit: 100


View Profile
October 13, 2015, 06:48:32 PM
 #236

@Sylz, I'll need much more context for what you are asking, but the short answer is
you can use tlsnotary-based PageSigner to create a transferable proof of e.g. blockchain.info's webpage showing the payment/transaction.

https://tlsnotary.org
Transferable webpage content notarization.
HostFat
Staff
Legendary
*
Offline Offline

Activity: 4270
Merit: 1209


I support freedom of choice


View Profile WWW
December 01, 2016, 11:16:54 AM
 #237

It isn't working currently.
Is there anyone that can run an alternative?

NON DO ASSISTENZA PRIVATA - https://t.me/hostfatmind/
Pages: « 1 2 3 4 5 6 7 8 9 10 11 [12]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!