I am one of the devs working on OneMarket.
In order for OneMarket to work nicely an encrypted messaging system needs to be in place so customers can ask merchants questions in a secure, safe, and decentralized way. I have to think this out carefully and early while designing the system. So I've come to the community to double check some concepts I'm trying.
So while working on OneMarket and after reading the BitMessage Paper, I've come up with a bit of a hybrid for encrypted messaging. This is not official and work in progress but curious on everyones thoughts so far? I want to see if anyone can see any particular flaws.
Some ideas inspired from here (
https://bitmessage.org/bitmessage.pdf)
Utilizing TOR and PoSA Security Layer all messages will mask the originating IP Address while submitting listings.
Every OneMarket participant will have a public address (tied to a public key and private key). When you put up a listing it will generate a random public key and private key tied to the listing for you.
So every listing will generate a new public key/private key pair.The public key is visible for all to see. When someone wants to send the listee a message,
they use the listees public key to encrypt the message.
Only the listee can decrypt the message at that point
since he has the private key.
Even the sender can not read the message anymore.
Messages are stored in a separate message ledger from the main block chain in encrypted format
with no mention to whom sent it or who receives it and stored on all the participating nodes in the network. This is important so that no message can be tied to any particular public address.
To decrypt the message, the listee simply attempts to decrypt every message in the database until one of the decryptions works and they receive the message. This process can take seconds early on to maybe only a couple of minutes if the system gets widely used (say 100,000 messages in the ledger).
Like wise they can send a message back using the address of the person who contacted them using their public key to encrypt their message.
Finally to prevent spamming the network, a 3-4 day time limit on the messages is imposed before they get deleted and a small fee of cloak will be charged as well and go to the miners as an incentive to leave their computers on to store the messages.
This is a rough draft concept, any thoughts are appreciated!
