Using bitcoin and GnuPG to transfer assets

[grondilu]

In an other thread an asset exchange service was presented :  Loom  (https://loom.cc).

This is quite an interesting service, although it is private, it requires invitation, and is centralised.


I very much think it should be possible to do something similar using bitcoin and GnuPG.

Say I own an asset which is fully described by an ASCII text file "myasset".

In order to give it to Alice, whose GPG fingerprint is "Alice-FPT", I just sign the following document :

I hereby give the following asset to Alice, whose GPG fingerprint is <here I paste "Alice-FPT"> :

<here I paste "myasset">

In order to prevent double spending, or more precisely to prove that I have not already spent it, I timestamp the signature of this document into the bitcoin block chain.

Then, when Alice wants to give Bob this asset, she signs this :

I hereby give the following asset to Bob, whose GPG fingerprint is <here she pastes "Bob-FPT"> :

I hereby give the following asset to Alice, whose GPG fingerprint is <here I paste "Alice-FPT"> :

<here I paste "myasset">

And she also timestamp it in order to prevent double spending.


And so on, each owner has to imbricate transfer documents, sign it and timestamp it in order to give it to someone else.

[Anonymous]

The BlockChain of custody?

[grondilu]

The BlockChain of custody?

I guess you could call it so, indeed.


PS.  After more thinking, it appears to me this scheme is not sufficient to prevent double spending.

But it's probably not too far from what should be done.

PS#2.  One solution might be to code the PGP fingerprint into the amount.

Here is my GPG fingerprint for instance
3617 0FB4 863D 595A 6E47  0EB6 AB5E F7EF 50B8 0E68

I can easily convert it into 10 integers smaller than 16**4 = 65536.

Code:

for i in 3617 0FB4 863D 595A 6E47  0EB6 AB5E F7EF 50B8 0E68
do echo $((0x$i))
done

Which gives :

13847
4020
34365
22874
28231
3766
43870
63471
20664
3688


I can turn these numbers into amounts bigger than 0.01 BTC.  I have to do that otherwise the message could be corrupted by mining fees.

Code:

n=0
for i in 13847 4020 34365 22874 28231 3766 43870 63471 20664 3688
do echo 0.0$((10**6 + n++*16**4 + i))
done

0.01013847
0.01069556
0.01165437
0.01219482
0.01290375
0.01331446
0.01437086
0.01522223
0.01544952
0.01593512

I use the $n number in order to give a sequencial order to these number.  It is necessary since I doubt there is any sequential order for transactions inside a same block.

Then, all I have to do is to send these amounts to the bitcoin address made out of a signed declaration sayin that I've sold my asset to someone, without saying who exactly.

The advantage is that a receiver of the asset can then check that it has not been sold to someone else before.  In the previous scheme this was not possible if the former receiver doesn't claim the asset.

Such a transaction would cost between 0.1 BTC and 0.1 + 45*16**4 + 10*16**4 = 0.12949120 BTC

That might be a bit too expensive.

[caveden]

Why not using bitcoins addressees themselves, instead of separate keys?

Like, a 0,01µBTC could be the representation of an asset. Then all you have to do is transfer this particular coin fragment around, and whoever owns it, owns the asset. Ownership could be proven with a simple signature performed by the private key that owns the coin fragment.

It's a pity to "burn" coins like that for another purpose, but such a small amount shouldn't make any difference.

Now, this scheme would be really powerful if there could be a way to make conditional transfers. Like, owner of the asset says "I transfer my asset S to the owner of address A only if X bitoins are transferred to address B" and the buyer says "I transfer X bitcoins to address B only if asset S is transferred to address A". Then the system validates both transactions at the same time since they are co-dependent.

[grondilu]

Like, a 0,01µBTC could be the representation of an asset. Then all you have to do is transfer this particular coin fragment around, and whoever owns it, owns the asset. Ownership could be proven with a simple signature performed by the private key that owns the coin fragment.

This would be ideal, unfortunatly  0.01µBTC would eventually disappear due to mining fees.

Also, I'm not sure those ten nanocoins could not be used by the bitcoin software in order to realise other non-related paiements.

Moreover, what happens exactly when the address holds more than 0.01µBTC ? The owner could send to several addresses, and I don't know how one could know which destination was the "correct" one.

There is no such thing as an identified "coin" in the system.  There are only transactions.  Once a coin is spent, it is just like a water drop in the sea.