Bitcointalk Escrows - Trade Safely!

[kingaltcoins]

I think Bitpop is doing a great job nowadays and all his escrows are done securely on Bitrated.
So he can be included on Big 5.
Or you may add a pole to this thread to see who votes whom.

In general it will be nicer if every escrowers start escrowing through multi-signature bitcoin addresses.
That way no scams can be possible.

[mexxer-2]

I've updated the list with a 'BIG 3'.

Who would you choose as the other 2 escrows to make it the 'BIG 5' once again?

Just stating some stats to make it easier to choose

1) Highest online time:

• bitpop- 843 days, 17 hours and 45 minutes
• SebastianJu- 156 days, 16 hours and 25 minutes.
• PsychoticBoy- 111 days, 7 hours and 55 minutes.
• Blazr- 76 days, 10 hours and 36 minutes
• Anon136 - 72 days, 12 hours and 21 minutes
• Dabs- 59 days, 12 hours and 35 minutes
• TwinWinnerD- 70 days, 13 hours and 54 minutes.

2) Trust rating(Number of feedbacks from DT members):

• PsychoticBoy- 12
• SebastianJu- 11
• TwinWinnerD- 4
• Dabs- 4
• Blazr- 3
• lyth0s - 2
• Bitpop- 1

3) Time since they ran their service:

Not quite sure, feel free to fill this one but I believe Dabs was quite ahead there.

4) Last active(reference as to how active they are)(A random time as to make the list better):

• SebastianJu: Yesterday, 07:14:25 PM
• TwinWinner- Today, 12:57:44 AM
• bitpop- Today, 12:10:28 PM
• lyth0s- Today , 04:51:21 AM
• PsychoticBoy- January 27, 2016, 12:51:32 PM
• Blazr- November 03, 2015, 07:03:15 PM

[Blazed]

Also last time I spoke with TomatoCage (few days back) he said he was busy these days and not active here. So really we have the Big 2 currently.

[Mitchell]

I vote for SebastianJu and PsychoticBoy (started at 17 January 2014, 12:50:48).

[mexxer-2]

Also last time I spoke with TomatoCage (few days back) he said he was busy these days and not active here. So really we have the Big 2 currently.

That and his sig has been updated, seems he is temporarily closing his escrow service. Might wanna update the OP, marco.

[BitNow]

How exactly do you use the PGP key to prove that you are talking to the right person?

Could you post a Guide or a link to a Guide for proving identity from a PGP key?

I know you can sign Bitcoin addresses: could you sign a bitcoin address with a PGP, if so: how?

Thank You.


Best regards.

[bitpop]

How exactly do you use the PGP key to prove that you are talking to the right person?

Could you post a Guide or a link to a Guide for proving identity from a PGP key?

I know you can sign Bitcoin addresses: could you sign a bitcoin address with a PGP, if so: how?

Thank You.


Best regards.

Before you begin, understand that the pgp key must be aged. No one verifies it. Only time does. Anyone can make one that says bitpop today.

[-XXIII-]

How exactly do you use the PGP key to prove that you are talking to the right person?

Could you post a Guide or a link to a Guide for proving identity from a PGP key?

I know you can sign Bitcoin addresses: could you sign a bitcoin address with a PGP, if so: how?

Thank You.


Best regards.

For linux:

This will sign

Code:

$ echo "test" | gpg -u XXIII --clearsign

You need a passphrase to unlock the secret key for
user: "XXIII (crowedwg2kbyeyhs.onion) <support@keyscrow.com>"
4096-bit RSA key, ID 6281206B, created 2016-01-22

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

test
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWr+yNAAoJEI3wdmBigSBrnvMQAIuhoYHgv4QvSy4J1IIEv6Dh
eYeSNj6TBNs7SFiEMvkgpkeWXrXSl4oZodsxc22xvsT2S7Ynr+s8Md5uhrZ7rJ1b
gi6WIKyMpiEoPa8peNXYpaD6K7o/j3zBLCRbrFF0AxtcVrvERORxnaBxW0ELY9Hy
u1T+NYmwx49cSWMj26CFyi3S7Hg2cHoO+zOrG90qCcPj4hIPyXCYxzyId/ZzJJvx
E922c5bmuVOvhqpYz+M4ME8By0hYocvghwnHd/3i5XnkMnQ0TtVkir0kmiWsuz02
kdEIjM4sMCLV4OU+V/pBsvZftMCCKCkk+1IDeAp8dzoYPYYGN9+ZvmD4eidGn7SC
g0LCsk8NHUPBJpKI5EnnqOzQjIIBbaeCILHf6jntk20ZBYbs3YzfNxoZyAzDn/pB
b9qnMCsZctKCqI6xss3UnAykvqXdgCdStdF0+EECrTwCrMz/8mrVuNvqU4JRDbAu
3P0vR+Y9zA3H+087xgxxE89mgE9Kyoccut1LhTx4ex27ZgcYa2nM+gS+k+e7yVYg
gOJTfNmN1769iwmNl7JVPJo3wbVoZiE47CiLDAeETdDv4Tde39iRGEES06X7xC7Q
J8ZghDgZJ3dem79jlhaRgyuHBb/lL81ZIe8KkSDNi+jhoIWrDXY7VFHQmZK9LTO7
hLg4QOwDAquDOxOp2USj
=L5fS
-----END PGP SIGNATURE-----

You can verify a signature like so;

Code:

$ echo "-----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> test
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> 
> iQIcBAEBAgAGBQJWr+yNAAoJEI3wdmBigSBrnvMQAIuhoYHgv4QvSy4J1IIEv6Dh
> eYeSNj6TBNs7SFiEMvkgpkeWXrXSl4oZodsxc22xvsT2S7Ynr+s8Md5uhrZ7rJ1b
> gi6WIKyMpiEoPa8peNXYpaD6K7o/j3zBLCRbrFF0AxtcVrvERORxnaBxW0ELY9Hy
> u1T+NYmwx49cSWMj26CFyi3S7Hg2cHoO+zOrG90qCcPj4hIPyXCYxzyId/ZzJJvx
> E922c5bmuVOvhqpYz+M4ME8By0hYocvghwnHd/3i5XnkMnQ0TtVkir0kmiWsuz02
> kdEIjM4sMCLV4OU+V/pBsvZftMCCKCkk+1IDeAp8dzoYPYYGN9+ZvmD4eidGn7SC
> g0LCsk8NHUPBJpKI5EnnqOzQjIIBbaeCILHf6jntk20ZBYbs3YzfNxoZyAzDn/pB
> b9qnMCsZctKCqI6xss3UnAykvqXdgCdStdF0+EECrTwCrMz/8mrVuNvqU4JRDbAu
> 3P0vR+Y9zA3H+087xgxxE89mgE9Kyoccut1LhTx4ex27ZgcYa2nM+gS+k+e7yVYg
> gOJTfNmN1769iwmNl7JVPJo3wbVoZiE47CiLDAeETdDv4Tde39iRGEES06X7xC7Q
> J8ZghDgZJ3dem79jlhaRgyuHBb/lL81ZIe8KkSDNi+jhoIWrDXY7VFHQmZK9LTO7
> hLg4QOwDAquDOxOp2USj
> =L5fS
> -----END PGP SIGNATURE-----
> " | gpg --verify
gpg: Signature made Mon 01 Feb 2016 07:38:53 PM AST using RSA key ID 6281206B
gpg: Good signature from "XXIII (crowedwg2kbyeyhs.onion) <support@keyscrow.com>"

For a more in depth guide, check out: https://www.gnupg.org/gph/en/manual/book1.html

[SebastianJu]

Hey, I have a question for the more reputable escrow providers:

What implications, if any, would arise from including one of you as a co-signer for keysCrow (see sig)? It would allow for 2-of-4 and 2-of-5 edit: 2-of-N is insecure, I realize now. But, the users could still choose their arbiter and use their public key in the multisig addresses, while still allowing minimal intervention from any of the co-signers. All we would need is your P2SH public key.

Let me know what you think, I'm strongly considering asking someone or two.

Grtthegreat was discussing such an escrow network on this thread: https://bitcointalk.org/index.php?topic=1308670

Including all the implications.

And someone was asking me if i would want to offer my escrow service on another platform.

The problem with other websites is that it is an additional layer you have to trust. And the escrow most probably takes the highest risk, since when the website scams it is not far fetched that the traders might try to get his coins back from the escrow.

What i mean, a secure communication is needed. But even when there is a way to communicate encrypted on that site only to establish a trade... how can an escrow really be sure that the encryption is safe? That it is impossible to change the content written or impersonate the escrow.

[SebastianJu]

Thanks for trusting me and suggesting me.

I think Bitpop is doing a great job nowadays and all his escrows are done securely on Bitrated.
So he can be included on Big 5.
Or you may add a pole to this thread to see who votes whom.

In general it will be nicer if every escrowers start escrowing through multi-signature bitcoin addresses.
That way no scams can be possible.

Though multi-sig needs a bit of knowledge for the trading partners too and most want to avoid that.

In all this time i was asked for this so seldom that it never came to the point that it was used. I take part in discussions about this but the reality simply is that demand seems so low that at the end no trading partner is interested.

[SebastianJu]

-snip-

Only two points for the stats... bitpops high count for online time reminds me on dogies time: https://bitcointalk.org/index.php?action=profile;u=87869;sa=statPanel

He once claimed that he is practically online 24 hours, but not really online but instead he uses a software to check his inbox or some other stats for him. So it looks like he is online all the time. Might be, since bitpop has an even higher online time, that he has a similar script running.

When i think about it, 800 days are 24 hour days. That would mean staying online for 2 years 365 days per year 24 hours per day. Surely a script is running.

And last active, sure, it's not possible to be on here all the time and it depends on the timezone the escrow is living in since a snapshot of these times might be nighttime for some escrows.

[-XXIII-]

Grtthegreat was discussing such an escrow network on this thread: https://bitcointalk.org/index.php?topic=1308670
Including all the implications.

Correct me if I'm wrong, but that read more like a guide to create 2-of-N multisig, while proposing trusted escrow providers coordinate future escrows? The thread has been inactive for a month, and keysCrow is nearing completion to allow third party dispute arbiters.  If a trusted escrow provider joins us, their public key would be used to create multisig addresses, and they would only be contact in the event of a dispute.

The problem with other websites is that it is an additional layer you have to trust. And the escrow most probably takes the highest risk, since when the website scams it is not far fetched that the traders might try to get his coins back from the escrow.

This is true, and hopefully we have provided everything needed to establish that trust, including redeemScript to verify. I was under the impression that multisig is an effective method of thwarting scams by the involved parties? Please remember that keysCrow will not automatically build nor sign rawtransactions.

What i mean, a secure communication is needed. But even when there is a way to communicate encrypted on that site only to establish a trade... how can an escrow really be sure that the encryption is safe? That it is impossible to change the content written or impersonate the escrow.

Users don't have to contact us to establish trade contracts, hence the anonymous boast. Multisig doesn't require the arbiter to sign and broadcast transactions, unless there is a dispute; as the definition of arbiter is synonymous with 'judge'. Secure communication is enabled by our users as long as they provide us their PGP key, all outgoing email from the server to them will be encrypted. We maintain this encryption for any manually written messages as well.

[SebastianJu]

Grtthegreat was discussing such an escrow network on this thread: https://bitcointalk.org/index.php?topic=1308670
Including all the implications.

Correct me if I'm wrong, but that read more like a guide to create 2-of-N multisig, while proposing trusted escrow providers coordinate future escrows? The thread has been inactive for a month, and keysCrow is nearing completion to allow third party dispute arbiters.  If a trusted escrow provider joins us, their public key would be used to create multisig addresses, and they would only be contact in the event of a dispute.

At the end it was decided that 2 of N would be too insecure.

Only contacted in case of dispute? I think that might not be sufficient. It happens alot that you have to give tips on how a trade can be secured so that in case of a dispute the escrow will be able at all to find out the truth. Traders would do errors often otherwise.

The problem with other websites is that it is an additional layer you have to trust. And the escrow most probably takes the highest risk, since when the website scams it is not far fetched that the traders might try to get his coins back from the escrow.

This is true, and hopefully we have provided everything needed to establish that trust, including redeemScript to verify. I was under the impression that multisig is an effective method of thwarting scams by the involved parties? Please remember that keysCrow will not automatically build nor sign rawtransactions.

I only know that traders don't really like to work much. For example, a newbie reads verify signature, don't know what it is, overreads it... the deal moves on anyway. So if the website would, i only point out potential risk, present a wrong signature containing a false bitcoin address then the escrow would only realize after everything is broken already. A site could even run normally but once the volume is high they might start to replace with their own addresses. It will be rare that a trader will check a signature.

What i mean, a secure communication is needed. But even when there is a way to communicate encrypted on that site only to establish a trade... how can an escrow really be sure that the encryption is safe? That it is impossible to change the content written or impersonate the escrow.

Users don't have to contact us to establish trade contracts, hence the anonymous boast. Multisig doesn't require the arbiter to sign and broadcast transactions, unless there is a dispute; as the definition of arbiter is synonymous with 'judge'. Secure communication is enabled by our users as long as they provide us their PGP key, all outgoing email from the server to them will be encrypted. We maintain this encryption for any manually written messages as well.

Ok, then the escrow would only get involved in case of dispute. Still i would be unsure if, for example, if my public key is used all the time.

[-XXIII-]

At the end it was decided that 2 of N would be too insecure.

Ok, then the escrow would only get involved in case of dispute. Still i would be unsure if, for example, if my public key is used all the time.

yes, 2-of-N is insecure, which is why we limit it to 2-of-4, with the fourth being the random server keys generated. I'm afraid I don't see the concern with reusing arbiter public keys, especially when no two multisig addresses we make are be the same.

Only contacted in case of dispute? I think that might not be sufficient. It happens alot that you have to give tips on how a trade can be secured so that in case of a dispute the escrow will be able at all to find out the truth. Traders would do errors often otherwise.

I only know that traders don't really like to work much. For example, a newbie reads verify signature, don't know what it is, overreads it... the deal moves on anyway.

You do kind of got me there, keysCrow isn't exactly built for newbies, but we who are running it aren't either. I can only imagine the people who need this kind of service already know how to sign and broadcast transactions, presumably merchants, so we've created a system to deliver the random private key to them, the bitcoin recipient, so they may sign their own transactions out of multisig. This is actioned by the btc sender. Having less functionality available may also allow arbiters to reap more donations from support tickets on general help issues.

So if the website would, i only point out potential risk, present a wrong signature containing a false bitcoin address then the escrow would only realize after everything is broken already. A site could even run normally but once the volume is high they might start to replace with their own addresses. It will be rare that a trader will check a signature.

Again, keysCrow does not sign nor broadcast transactions automatically, and the software creating multisig addresses is highly reputable and widely used. There's no doubting that this doesn't exempt it from any bugs, but we're always writing code (except weekends) and will respond to all concerns within a reasonable timeframe. Hopefully the 2-of-4 solves the ol-switcheroo trick of changing the deposit address, unless people stop checking redeemScripts.

[SebastianJu]

At the end it was decided that 2 of N would be too insecure.

Ok, then the escrow would only get involved in case of dispute. Still i would be unsure if, for example, if my public key is used all the time.

yes, 2-of-N is insecure, which is why we limit it to 2-of-4, with the fourth being the random server keys generated. This also solves the reusing arbiter public keys, as no two multisig addresses would be the same.

How can raising the second number increase security? I think it would decrease security because 2 of 4 means, i think, that 2 out of 4 users are needed to free the bitcoins. If you need 2 out of 40 then the chance of scam is very high. If you need 4 out of 4 then it would be very secure but it one of them dies then the coins are dead too.

Only contacted in case of dispute? I think that might not be sufficient. It happens alot that you have to give tips on how a trade can be secured so that in case of a dispute the escrow will be able at all to find out the truth. Traders would do errors often otherwise.

I only know that traders don't really like to work much. For example, a newbie reads verify signature, don't know what it is, overreads it... the deal moves on anyway.

You do kind of got me there, keysCrow isn't exactly built for newbies, but we who are running it aren't either. I can only imagine the people who need this kind of service already know how to sign and broadcast transactions, presumably merchants, so we've created a system to deliver the random private key to them, the bitcoin recipient, so they may sign their own transactions out of multisig. This is actioned by the btc sender. Having less functionality available may also allow arbiters to reap more donations from support tickets on general help issues.

Merchants might already have established enough trust to not having to care about escrow anymore. But if they do then an automated system looks faster.

So if the website would, i only point out potential risk, present a wrong signature containing a false bitcoin address then the escrow would only realize after everything is broken already. A site could even run normally but once the volume is high they might start to replace with their own addresses. It will be rare that a trader will check a signature.

Again, keysCrow does not sign nor broadcast transactions automatically, and the software creating multisig addresses is highly reputable and widely used. There's no doubting that this doesn't exempt it from any bugs, but we're always writing code (except weekends) and will respond to all concerns within a reasonable timeframe. Hopefully the 2-of-4 solves the ol-switcheroo trick of changing the deposit address, unless people stop checking redeemScripts.

Well if you handle experienced users then there might be no problem, or let's say there still can when they have to do it often and don't want to care about checking a signature out.

What i meant is no error or broadcasting but instead giving a wrong key to the buyer. The key will create a bitcoin address the site owner controls. So no error but manual change in code for purpose of scamming would be possible.

[-XXIII-]

How can raising the second number increase security?

The key will create a bitcoin address the site owner controls. So no error but manual change in code for purpose of scamming would be possible.

I think you misunderstood: not 'raises security', we understand 2-of-N's vulnerabilities and are limiting N to 4. We believe 2-of-4 provides added securites while limiting the risk involved. With 2-of-4, by your example, if someone dies then the coins wouldn't die, or if the site effs-off then there will still be 3 legit parties. If we only offered 2-of-3, people could reuse their keys, generating reused multisig addresses (as you know, three keys will always create the same multisig address). The fourth key is the random server private key.

Merchants might already have established enough trust to not having to care about escrow anymore. But if they do then an automated system looks faster.

There are faster and more user friendly systems available, however keysCrow was built to give our users the control over their transactions they deserve. Not automatically doing things for users gives them piece of mind of knowing exactly where their Bitcoin is going. What if the site begins to create faulty rawtransactions or changing destination addresses? This prevents that scenario.

[bitpop]

I'm thinking of no longer doing manual escrows and only using bitrated. I don't have time for the all the communication. I only want to do something if there's a dispute. I'll have bitrated auto accept.

If you guys want me on the big 5, I'm willing to do bitrated only, flat fee of 0.002 and disputes are 1%. Actually I'm about to make this my policy anyway.

Ok new policy https://bitcointalk.org/index.php?topic=231416.0

Please update my listing to .002.

[SebastianJu]

How can raising the second number increase security?

The key will create a bitcoin address the site owner controls. So no error but manual change in code for purpose of scamming would be possible.

I think you misunderstood: not 'raises security', we understand 2-of-N's vulnerabilities and are limiting N to 4. We believe 2-of-4 provides added securites while limiting the risk involved. With 2-of-4, by your example, if someone dies then the coins wouldn't die, or if the site effs-off then there will still be 3 legit parties. If we only offered 2-of-3, people could reuse their keys, generating reused multisig addresses (as you know, three keys will always create the same multisig address). The fourth key is the random server private key.

I didn't know 2 of 3 would create always the same multisig address, though when i think about it it makes sense. I somehow awaited a random factor like with mnemonic phrases for wallets. Though makes sense.

But what i meant with lowering security is that the lower the first number and the higher the last number the higher the chance of a possible scam happening.

For example 2 of 4... it only needs a corrupt escrow who comes out as a trader and trades. Then one person has the power to release the coins. 3 of four would be more safe then since it will be harder and harder to impersonate more parties.

By the way, when will the server give his key? The one controlling the server might be one of the involved parties too.

And the higher the last number the higher the chance that 2 are the same person again.

Merchants might already have established enough trust to not having to care about escrow anymore. But if they do then an automated system looks faster.

There are faster and more user friendly systems available, however keysCrow was built to give our users the control over their transactions they deserve. Not automatically doing things for users gives them piece of mind of knowing exactly where their Bitcoin is going. What if the site begins to create faulty rawtransactions or changing destination addresses? This prevents that scenario.

Yeah, for some shops a buyer really would prefer protection. Though i think that the merchant needs to offer it first. I mean the merchant would agree that he only gets his payment after the buyer receives the goods. That surely is not for every merchant.

[-XXIII-]

For example 2 of 4... it only needs a corrupt escrow who comes out as a trader and trades. Then one person has the power to release the coins. 3 of four would be more safe then since it will be harder and harder to impersonate more parties.

By the way, when will the server give his key? The one controlling the server might be one of the involved parties too.

And the higher the last number the higher the chance that 2 are the same person again.

I knew 2-of-4 would be a focus point for security, and there's no denying the vulnerability involved with 2-of-4, a risk that is minute in comparison to that of trusting one person with 100% access to escrow funds.

I see most of the escrow service providers offer 1-of-1 escrow, which I don't have to explain the heightened risk involved here. We offer 2-of-3, and 2-of-4, more than what most multisig escrow providers can say. While fraud via collusion is possible, I want to point out how it's impossible for the site owner to 'run off' with everyones coins when they are in 2-of-3/4 multisig.

While 2-of-4 does have a small risk of theft, the benefits outweigh the risk in my opinion.

For example, if a dispute arises, and neither party can come to an agreement, the arbiter still has the power to finalize the transaction by involving keysCrow to help sign-off on the 50/50 split. With 2-of-3 and 3-of-4, this is impossible. Additionally, 3-of-4 would require manual intervention for every transaction to be finalized, more involvement from our arbiters than what we envisioned for keysCrow.

I'd like to stress the point: keysCrow is not full-service escrow: which means we don't "release funds on demand" (ie: sign/send rawtx). We create multisig addresses, and only get involved to provide support for transaction disputes.

[SebastianJu]

I'm thinking of no longer doing manual escrows and only using bitrated. I don't have time for the all the communication. I only want to do something if there's a dispute. I'll have bitrated auto accept.

You might think over that autoaccept. You surely did deny some trades on the forum manually. Or you would only have started an escrow when certain steps were done before in order to allow yourself to be able to handle a dispute.

So since you never know what traders come up with on bitrated then you might get into a not so nice situation.