please delete

[Rassah]

Seller: Puts up Bitcoin for sale. Bitcoin is transfered to a multisig address. Seller has one priv key, P2Coin stores the other in a way that the seller has no access to (ex. encrypted, with a timer set to expire and release the key and the funds back to the seller after a day or two).

Buyer: Puts up USD for sale, selecting Dwolla. TraderBot verifies balance exists.

Sale is matched

Buyer TraderBot scans P2Coin for other Dwolla users and selects one at random. USD is transfered to the random Dwolla account, with owner info of the this account stored in the chain.

Seller TraderBot verifies that random Dwolla holder received the funds. If funds are received, it send its own private key to the buyer, and requests random user's TraderBot to send money from their Dwolla to the Seller's account.
Third party TraderBot sends USD to the Seller, notifying P2Coin.
P2Coin releases the second priv key to the buyer.
Seller receives USD from random third party, Buyer receives BTC priv keys from seller and from P2Coin to get access to the BTC.

Sale is not matched, or seller cancels sale

USD still sits in Dwolla
BTC is not accessible until P2Coin signs the BTC for sale with the second priv key either when it's asked, or when the sale expires.


Security considerations

From BTC side:
Seller has no access to BTC due to not having the second priv key, so can not choose to keep BTC without letting P2Coin know. If he cancels the sale, P2Coin will know the BTC is no longer available.

From USD side:
There is risk that the randomly picked Dwolla account will have a malicious TraderBot that accepts random cash inputs, but does not send the money out when asked. Risk is reduced by making the third party picked at random, and having their account stored in the P2Coin chain. Reported scam accounts can beblocked from the pool, and reported to Dwolla.

Hope this idea helps keep things moving.

Also, if P2Coin is its own block chain, I suggest it only go back a few days, like the P2Pool chain, deleting blocks older than a few weeks. This will keep the block chain size small, will help with privacy, and will still give a few days to track down thieves. Though I guess someone can just continuously monitor the chain and record all transactions into their own database

[1714032176]

1714032176

[1714032176]

1714032176

[1714032176]

1714032176

[1714032176]

1714032176

[btc_artist]

Seller: Enter Dwolla login information. (It will be stored using encryption.)
Trader Bot: Logs into your Dwolla account and retrieves all necessary information such as your account balance and displays it inside P2P Exchange.

Um, no.

[allten]

So, in real simple terms, what is the motive to create a P2P exchange?
The biggest bottlenecks right now are banks and payment processor. Recent events are good evidence of that (paxum, tradehill getting ripped off, banks freezing accounts without notice). If we rely on Dwolla, then there is still a central point of failure and it may reverse transactions (See there TOS).

I appreciate your work and your thoughts, but in my opinion, it appears to me you are trying to cut out the wrong man first (the exchange).
Figure out a way to do away with the banks and then you are talking seriously cool disruptive technology.

[Rassah]

I think the point is that Paxum and other banks won't deal with centralized exchanges, but their business is to move money between individuals, and if you use this system, they won't know if you're trading Bitcoin or just sending someone money. There won't be a single point of failure, that being the exchange's bank account, since many accounts will be involved individually.
Chargebacks will still be a problem with some systems, and I'm not sure how to get around that (force PayPal to send as gift? Use services that don't do chargebacks?)

As for using something like ripple, how do you get your money into ripple? And if it's a hassle, why bother instead of getting it into Bitcoin more directly?

[Clark]

Picture of the GUI got me hooked.

I've seen another thread about Dark Exchange (https://bitcointalk.org/index.php?topic=27055.0), but it would be good to get ideas going in both places.

[Mike3574]

Seller: Enter Dwolla login information. (It will be stored using encryption.)
Trader Bot: Logs into your Dwolla account and retrieves all necessary information such as your account balance and displays it inside P2P Exchange.

Um, no.

First off, my original post detailing the p2p exchange was more speculative than a definitive method. I was asking people to put forth their constructive criticisms and helpful ideas. "Um, no." is neither a constructive criticism nor a helpful idea. Things have changed considerably since my original posting thanks to people who gave their helpful ideas. I will either substantially edit or remove completely, the original thread in the days to come and post the new details.

So, in real simple terms, what is the motive to create a P2P exchange?
The biggest bottlenecks right now are banks and payment processor. Recent events are good evidence of that (paxum, tradehill getting ripped off, banks freezing accounts without notice). If we rely on Dwolla, then there is still a central point of failure and it may reverse transactions (See there TOS).

I appreciate your work and your thoughts, but in my opinion, it appears to me you are trying to cut out the wrong man first (the exchange).
Figure out a way to do away with the banks and then you are talking seriously cool disruptive technology.

Regarding the motive to create a P2P Exchange; Bitcoin is a decentralized system. Bitcoin itself can never be destroyed. It would only die if everyone in the world decided to abandon it and stop mining. Other than that, it will last forever. But there are actually things that can weaken the strength of a decentralized system. I call them "external centralizations". Bitcoin is decentralized and you can't change that but you could create centralized aspects outside of Bitcoin such as exchanges or mining pools. At first they seem like good things but having too much power in one area is dangerous. If Bitcoin became outlawed one day and all the exchanges were forced to close down, it would take a serious chunk out of the Bitcoin economy. It probably wouldn't completely destroy Bitcoin but would probably just force it into the underground. It would then be much harder to buy Bitcoins. Mining Pools are probably the most potentially dangerous "external centralization" because it has to do with the actual infrastructure of Bitcoin. If one mining pool gathers too much power there is the possibility a 51% attack can be done. The owners of the pool might be honest but what if a hacker was able to gain unauthorized control of that pool? He can then attack the network. That's why we need decentralized mining as well and I'm happy to see that there are people working on that. I wish them the best!

Dwolla is only one payment gateway that can be used. There will be many others (Liberty Reserve, Paxum, PayPal, etc.). I only used Dwolla as an example in my description. Since this is an Open Source project, theoretically ANY payment gateway can be used if someone makes a module for it.

Since fiat currency is centralized, I doubt there would be any way to possibly cut out the banks, etc. It's just not possible in the electronic world. Cash on the other hand does allow for this but is restricted to local business dealings. I understand your concern about accounts being frozen etc. In the current system we have for P2P Exchange, there will be no way your account can be frozen as a result of Bitcoin trading. This is simply because you will merely be sending money to another person. There is no way for them to know why you are sending money to that person. Your guess is as good as mine as to why person A sent money to person B. There is no way they can associate the transaction with Bitcoin.

I think the point is that Paxum and other banks won't deal with centralized exchanges, but their business is to move money between individuals, and if you use this system, they won't know if you're trading Bitcoin or just sending someone money. There won't be a single point of failure, that being the exchange's bank account, since many accounts will be involved individually.
Chargebacks will still be a problem with some systems, and I'm not sure how to get around that (force PayPal to send as gift? Use services that don't do chargebacks?)

As for using something like ripple, how do you get your money into ripple? And if it's a hassle, why bother instead of getting it into Bitcoin more directly?

Thank you very much for your comment. I wonder if using PayPal's "send as gift" function would prevent chargebacks. I really don't know anything about this but will look into it. If anyone has anything to say about this I'd like to know. As for the ripple method, a bunch of people have told me about that and I will look into it. But if we are successful in our current design there will be no need for ripple or any other "trust" method. You will be able to get your money directly into Bitcoin.

There are some that doubt we can successfully create a scam-proof peer-to-peer trading system without any sort of "trust" method. I have reason to believe that it IS possible and I am very optimistic. I do realize that solving the "trust" problem in a peer-to-peer trading system is probably akin to Satoshi Nakamoto solving the double spending problem. That might sound daunting to some but I don't let it deter me in the least. I accept the challenge! I've been told that I should receive the Nobel Prize if I succeed in solving this. My response to them is "Thank you for your flattering remark but they can keep their stupid Nobel Prize!" lol

Rassah, thank you very much for the time you've put aside to write those suggestions you posted a few posts back. And thank you to everyone else that posted interesting suggestions. I will put some time aside to review them all.

Picture of the GUI got me hooked.

I've seen another thread about Dark Exchange (https://bitcointalk.org/index.php?topic=27055.0), but it would be good to get ideas going in both places.

Haha! Yea! I'm getting that from everyone. I'm glad you liked my design. I've recently just changed it a bit and added in a section for Trade History. I think it's looking even better now. I might post more pics down the line.

I admire the efforts of Dark Exchange. It's always good to see other ideas working. Then, at least if I don't succeed there is still hope in his idea. 

I am still looking for coders for this project so if you are a coder and interested in helping out please send me a Private Message. We currently have only one coder so any help to push this project along quicker would be much appreciated.

All Best,

Michael

[Koekiemonster]

Just a short message from me that I'm highly interested and would love to use this myself. You seem like to right person to do this!

[btc_artist]

Seller: Enter Dwolla login information. (It will be stored using encryption.)
Trader Bot: Logs into your Dwolla account and retrieves all necessary information such as your account balance and displays it inside P2P Exchange.

Um, no.

First off, my original post detailing the p2p exchange was more speculative than a definitive method. I was asking people to put forth their constructive criticisms and helpful ideas. "Um, no." is neither a constructive criticism nor a helpful idea. Things have changed considerably since my original posting thanks to people who gave their helpful ideas. I will either substantially edit or remove completely, the original thread in the days to come and post the new details.

Well, is there any solution to how to guarantee that both parties send what they need to send?  Because a bot logging into people's accounts and screenscraping is out of the question.

[Mike3574]

Seller: Enter Dwolla login information. (It will be stored using encryption.)
Trader Bot: Logs into your Dwolla account and retrieves all necessary information such as your account balance and displays it inside P2P Exchange.

Um, no.

First off, my original post detailing the p2p exchange was more speculative than a definitive method. I was asking people to put forth their constructive criticisms and helpful ideas. "Um, no." is neither a constructive criticism nor a helpful idea. Things have changed considerably since my original posting thanks to people who gave their helpful ideas. I will either substantially edit or remove completely, the original thread in the days to come and post the new details.

Well, is there any solution to how to guarantee that both parties send what they need to send?  Because a bot logging into people's accounts and screenscraping is out of the question.

The answer is yes and you will be hearing about it in the near future after it's been tested.

[1QaZxSw2]

I've said this many times but worth repeating: A p2p exchange (p2px) is the single most important thing needed for bitcoin to succeed. I'm glad you guys are pumped up about this, but do not create a solution just because its the first thing that comes to your mind.

Any exchange needs the following or its guaranteed to fail:

Quick transactions: If the end-to-end transaction takes more than 30s, I will probably continue to use centralized exchanges.

Simple: I should click buy and its bought. If I have to continue with 4 extra steps including contacting the other party, manually sending cash (using paypal or whatever) the burden of a transaction is too excessive. I'm personally not going to use a glamorized craigslist.

Secure: I agree with other posters here who indicated that inputing my dwolla info into the p2px is out of the question. A bot is going to do what? Someone else's random transaction takes place thru my main account?

I know this is hard, but lets plan this for success like our guru Satoshi did.

My opinion is that we need to anonymize the fiat and decouple the buyer and seller. That's what exchanges do. On placing an order, the fiat and BTC (or other cryptocurrency) goes into the network and is unavailable to the trader. Once a match is found, they are atomically exchanged. Cancelling a pending order will bring it back into the trader's account.

So far, we can already do this within cryptos. Basically, we need a way to mine fiat. A crypto pegged to a fiat currency (such as the originally proposed RealCoin) may be the solution here. RLC needs to be analyzed by independent minds before this it can be adopted for p2px. Unfortunately, we would end up depending on Realcoin to continue to exist, not be target of government shutdown, 51% attack and various other risks.

Another alternative is to create temporary financial packets where currency is anonymized and stored is a sort of decentralized escrow while an order is unfilled. This will allow miners to allow small amounts into and out of accounts specifically designed to take p2px cash and keep a small fee for the service (analogous to transaction fee). This account is strictly a business account that would not hold any real cash.

So a transaction may work like this:
1) 1QaZ wants to buy $1,000 worth of BTC at $4
2) Money is extracted from 1QaZ's account (dwolla/paypal/whatever) and is sent to say, 100 escrows at $10+fee each.
3) Once money transfer is confirmed, BTC is transferred to 1QaZ's bitcoin address using the escrow method.
4) once BTC transfer is confirmed, the 100 escrows each send $10 to seller.

Of course, 100 escrows twice cost $50 on dwolla, making it infeasible. Dwolla also needs a bank account.

Perhaps paypal with a gift or other mode to avoid payment fees. Also setting up paypal account (without a linked bank account) is fairly easy.

Frankly, I prefer smart folks here figure out a way to mine fiat.

[Mike3574]

A bot is going to do what? Someone else's random transaction takes place thru my main account?

No. Other people's transactions will not be taking place through your account. Trader A is selling 1 Bitcoin at $4. Trader B want to buy them. Trader A accepts Dwolla. Trader B sends money from his Dwolla account to Trader A's Dwolla account. It's that simple. Your password will be encrypted and stored on your PC so that the bot can have access to your account so that the trading process can be automated. It will also show your Dwolla balance inside the program. The only thing that will be asked of you is to verify that you really want to buy those Bitcoins so you don't buy them by accident. Same goes for the person that puts the Bitcoins up for sale. They will be asked if they are sure they want to sell the amount of Bitcoins at the price they specified. Then the bots, working together with the Bitcoin blockchain (which is what we're currently working with for recording orders, etc.) handle the rest so that the trading process will be completely automated and indeed be completed in less than 30 seconds.

You propose some interesting ideas which will require some time to think about.

All Best,

Michael

[gusti]

A truly descentralized exchange cannot rely upon any existing company or centralized point, as Dwolla, Mtgox and the likes. So, how will you move fiat currency across different jurisdictions and players ?

Maybe implementing the electronic version of the well known Hawala system ?
Though it was made illegal in some juristictions after 9/11.

More thoughts on this implementation (in spanish) :
http://bitacora.lasindias.com/hawala-descripcion-y-funcionalidades/

[1QaZxSw2]

A bot is going to do what? Someone else's random transaction takes place thru my main account?

No. Other people's transactions will not be taking place through your account. Trader A is selling 1 Bitcoin at $4. Trader B want to buy them. Trader A accepts Dwolla. Trader B sends money from his Dwolla account to Trader A's Dwolla account. It's that simple. Your password will be encrypted and stored on your PC so that the bot can have access to your account so that the trading process can be automated. It will also show your Dwolla balance inside the program. The only thing that will be asked of you is to verify that you really want to buy those Bitcoins so you don't buy them by accident. Same goes for the person that puts the Bitcoins up for sale. They will be asked if they are sure they want to sell the amount of Bitcoins at the price they specified. Then the bots, working together with the Bitcoin blockchain (which is what we're currently working with for recording orders, etc.) handle the rest so that the trading process will be completely automated and indeed be completed in less than 30 seconds.

You propose some interesting ideas which will require some time to think about.

All Best,

Michael

Unfortunately, we have a trust problem. In the fiat world, exchanges require brokers to disallow trading unless traders are verified to posses the items they can place orders on. It also removes control of said funds until the order is filled or killed.

What if trader A does not actually have any bitcoins. What happens once the cash comes to his account? What if he has some bitcoins but puts in an order on two such p2p exchanges? How do you propose to remove them out of his control? This would need the multi-signature escrow and could introduce delays. Also, how do we know trader B has funds in dwolla and will not immediately remove them after order is entered into the system?

Ideally, we shouldnt be using dwolla, which is tied to a bank account that can be monitored or frozen or anything else.

Any p2px needs to mathematically proven to be fool-proof. If there is a lot of money at stake, somebody will exploit it and confidence in the solution will collapse. One way around this is to ensure a lot of money is never at stake. Every transaction is packetized into small, random sized transaction of $5 or less (or around the value of 1BTC). That way the incentive to exploit a flaw is reduced since the network can quickly flag a rogue account at minimal damage.

We need something like paypal where we can fund using a visa gift card and is not tied to any bank account. Paypal may work for now but ideally, we need the community to run about hundreds of these paypal type services and have thousands of miners offer a micro escrow of each transaction. Hey, I pay 0.01BTC per transaction in a centralized exchange, so I'd gladly pay miners. Miners should be happy to offer micro-escrows since 0.01BTC accumulates pretty fast.

[Rassah]

On placing an order, the fiat and BTC (or other cryptocurrency) goes into the network and is unavailable to the trader.

If we could do that, we wouldn't need Bitcoin
As for mining fiat, the problem of getting USD into mined fiat is exactly the same as getting USD into Bitcin, and at that point you might as well just transfer it into Bitcoin from the start.

As for many small escrows, I'm not sure how that is different from the single randomly chosen Dwolla escrow I proposed.

[Rassah]

While replying to 1QaZxSw2, I thought that maybe the Bitcoin escrow is the only thing needed:

Trader A selling BTC
Trader B selling USD

Trader A puts BTC up for sale. The BTC is signed with two keys, one stored in Trader A's account, the other stored in he P2Coin chain where Trader A has no access to it (unless the trade expires, or the trade is canceled)

Trader B puts up USD for sale. It doesn't matter if the money is actually available or not.

Order is matched ->

Both traders have sufficient funds:

Trader B, either manually, or with the use of a more convenient TraderBot, transfers USD into Trader A's account.
This step automatically notifies P2Coin  (<----- This is the bottle-neck/security issue. Can someone come up with a slution?)
P2Coin releases the second private key to Trader B
Trader A releases the first private key to Trader B, giving them access to BTC.

Trader B does not have sufficient funds:

Trader B fails to send USD.
Trader A does not notify P2Coin of cash receipt
Transaction is canceled. After some time the second private key is released back to Trader A


Trader B does not transfer BTC:

Trader B transfers USD into Trader A's account
This step automatically notifies P2Coin
P2Coin releases the second private key to Trader B
Trader A fails to release the first private key to Trader B. Trader A received USD, but has lost BTC. Trader B lost USD and doesn't have BTC. Since Trader A already got paid, and lost his BTC, there is no reason for him to release the first private key, unless he wants to be a big jerk.


I can already see some major trust or technological implementation issues with this Maybe someone with more knowledge can expand on this? Without some sort of third party escrow for USD, this system won't be very secure, and, sadly, if yo start getting lots of money in and out of your account all of a sudden, you'll either end up having to pay high fees, or the bank will start having lots of questions (or both)

[DeathAndTaxes]

None of those work.

You are relying on the client to ensure trust.  Assume the client will be utterly hacked wide open and will do whatever the attacker wants.

Way back in first couple posts I mentioned this and it was glossed off as a minor issue.

Decentralized trust, verification, and enforcement are non-trivial solutions.   GUI and names of tabs are so minor to not even bother discussing at this point.

[Rassah]

None of those work.

You are relying on the client to ensure trust.  Assume the client will be utterly hacked wide open and will do whatever the attacker wants.

Way back in first couple posts I mentioned this and it was glossed off as a minor issue.

Decentralized trust, verification, and enforcement are non-trivial solutions.   GUI and names of tabs are so minor to not even bother discussing at this point.

Sadly, I think you're right :/

[1QaZxSw2]

Trader A puts BTC up for sale. The BTC is signed with two keys, one stored in Trader A's account, the other stored in he P2Coin chain where Trader A has no access to it (unless the trade expires, or the trade is canceled)

What exactly does "other stored in P2Coin chain" mean? Who has access to it? Can it be read by any person or any program? Who has access to source code of such programs? Can they modify it to steal it?

Trader B, either manually, or with the use of a more convenient TraderBot, transfers USD into Trader A's account.
This step automatically notifies P2Coin  (<----- This is the bottle-neck/security issue. Can someone come up with a slution?)
P2Coin releases the second private key to Trader B
Trader A releases the first private key to Trader B, giving them access to BTC.
<snip>
Trader A fails to release the first private key to Trader B. Trader A received USD, but has lost BTC. Trader B lost USD and doesn't have BTC. Since Trader A already got paid, and lost his BTC, there is no reason for him to release the first private key, unless he wants to be a big jerk.

As you noted, what if Trader A figures out how to send a fake notification?
And what ensures Trader A will ever release his private key to Trader B? Just look around this board, the world is full of jerks.

Trader B fails to send USD.
Trader A does not notify P2Coin of cash receipt
Transaction is canceled. After some time the second private key is released back to Trader A

How long before non-receipt is the transaction cancelled? What about a network delay? Can I exploit this arbitrary condition to get the cash but not send the cash receipt to keep my bitcoins and the cash?

Ideally, we should eliminate the risk but we may be able to get away with fragmenting it to tiny pieces and distributing it.

[DeathAndTaxes]

Sadly, I think you're right :/

Sorry I couldn't help but at least I can point out the client is always insecure and should be assume hacked wide open to do all kinds of nefarious things.

This is easily solved in a centralized system.

Online game.  The client is "dumb".  It can't do anything.  It sends REQUESTS (not commands) to the server who ensures the user can do that at this time, and sends the response back to the user.  Hacking the client is of limited value because you can't for example hack the client in WOW and make your character do 1 bazillion damage.  The server will simply ignore it.

So always, always, always assume the client is already hacked before you even release it.  The same logic applies to brokerage software, forex software, ATM machines, alarm systems, credit card vending machines, etc.

The user interface is "dumb".  There is little to hack there.

Now like I said with centralized networks it is easy.   Maybe that line of thinking will help you find a solution in a decentralized network.

I see one but it requires a "fiat coin" (crypto manifestation of $1 USD for example) and that will always be centralized.

[Rassah]

Trader A puts BTC up for sale. The BTC is signed with two keys, one stored in Trader A's account, the other stored in he P2Coin chain where Trader A has no access to it (unless the trade expires, or the trade is canceled)

What exactly does "other stored in P2Coin chain" mean? Who has access to it? Can it be read by any person or any program? Who has access to source code of such programs? Can they modify it to steal it?

I don't know if encrypting it in the chain somehow is a possibility. I'm not familiar enough with technology to know Now that I think about it, tough, I can't think of any way to lock a private key within a chain and only have it be decrypted by miners after a certain time has passed.

As you noted, what if Trader A figures out how to send a fake notification?
And what ensures Trader A will ever release his private key to Trader B? Just look around this board, the world is full of jerks.

You're right. This is why my previous idea was to have the money sent to a random third party escrow, and have that third party verify receipt. Though now that I think about it, the client can be hacked to send the transaction to a non-random third party that is your other account, and have it fake receipt... Yeah, just leaving it all to clients without a trusted centralized party doesn't seem possible.

Ideally, we should eliminate the risk but we may be able to get away with fragmenting it to tiny pieces and distributing it.

I think my just mentioned concern kills this idea, too. What's to stop you from creating 100 of your own escrows, distributing it to yourself, and announcing you got it without releasing any of it? Would we need to have trusted, centralized, and publicly known third party escrows that build up trust? And if they are publicly known, won't their accounts be shut down the same as now?