I developed a new protocol for expressing reputation between different wallet owners using the Bitcoin protocol. While researching Bitcoin I noticed a couple of patterns and a need for a different way of doing things.
This is a new protocol I’ve made that uses Bitcoin itself to encode reputation, networks of trust, instead of using outside systems. Outside systems tend to be centralized, susceptible to hacking and in that light seem less secure for encoding trust than just using the Bitcoin network itself. Central systems (like eBay’s system or Wells Fargo system) also have costs and are a liability, whereas this reputation protocol uses the Bitcoin network itself so there are no liabilities as long as the Bitcoin network remains strong. The assumption that this protocol rests atop is that there are market dynamics that incentivize a strong and growing decentralized network because of Bitcoin mining and the increasing value of Bitcoins.
The first thing you learn about Bitcoin is that it is like cash, if you lose it or it’s stolen then it is gone. It is anonymous and the network is so decentralized and strong that no one member of the peer-to-peer network can hack it. One theoretical type of attack is what is called the 51% attack. This is where one entity owns 51% (or a controlling interest) in the peer-to-peer network and can thus double-spend coins by bypassing the other 49% of the network. However, the Bitcoin network is strong because of several dynamics. The value of Bitcoins has risen dramatically in the past several years and this rewards miners, people that setup special computing equipment to run algorithms that unlock new coins. Miners compete and invest in more powerful computers (a race to the top) because there is a powerful incentive to get the new Bitcoin supply quicker because they are valuable.
Bitcoin is a form of money and has loans and lenders like any other form of money. I noticed in my research that people have developed reputation systems to make Bitcoin less anonymous and provide a kind of trust network. Like eBay or Amazon, these reputation systems let people vouch for other people, rate them up or down and in general imply that you should trust someone or not. The reputation system for e-commerce is centrally controlled by the system owner. For example, eBay controls its own marketplace on its own central servers.
The weird phenomenon about creating a centralized reputation system for Bitcoin and having it run on central servers, is that it ends up being less secure than Bitcoin itself. It also is also susceptible to a Sybil attack, where people create dozens of fake users and up-vote themselves.
This is why I developed my Spivey Bitcoin Reputation Protocol and implemented it in this CoinTrusted system that is a reputation protocol that runs through the Bitcoin network itself. In other words, as long as Bitcoin remains strong and people are competing against each other to get more valuable Bitcoins, then this new reputation system remains strong. Many businesses have central computer systems that are liabilities. This new reputation system is an asset and offloads all computation, hacker prevention and defense against Sybil attacks to the Bitcoin network itself.
The Spivey Bitcoin Reputation Protocol requires a port Bitcoin wallet (like this CoinTrusted wallet 14TEmBsr5HgQ34yt1RGac468tXCKyD7dzU). Then two people that want to express that they trust each other will send the exact same amount of Bitcoin to the port wallet within a given time window, 15 minutes in the case of CoinTrusted. The exact same token represents a token that two people have created and shared via email, phone or some other communication protocol. When two exact same amounts are sent in to the port wallet within the time window it is considered a handshake. Here is a list of Spivey Bitcoin Reputation Protocol handshakes so far. This expression of trust is easily visible on the list on the CoinTrusted website, but it is also visible and programmatically verifiable by looking at the port wallet using a block chain explorer. This trust cannot be hacked unless Bitcoin itself is hacked. Even the founder of the protocol cannot “help out friends” by just entering their names in the system. The Bitcoin transactions has to take place for it to be a handshake and that can be publicly inspected by anyone.
The part of the Spivey Bitcoin Reputation Protocol that requires a Bitcoin transaction take place with some amount of Bitcoin means that people have to pay (even if it is a very small amount) of money to participate and trust each other. This is productive though because it limits spam. Spammers would be losing money if they had to make thousands or tens of thousands of small transactions every day just in the hopes of randomly getting one person at the same time. The port Bitcoin wallet in this system does not offer any refunds. If you messed up, ended up not sending the two transactions that make a handshake within 15 minutes of each other, or goofed on typing the amount correctly and received a refund then you could re-attempt this all day long and eventually
The protocol also protects against Sybil attacks because the protocol requires encoding the expression in Bitcoin itself, which means money is spent. If someone created 10 different wallets and spends money to make one trusted a lot and then tries to get a loan with that faked reputation, then the loaner can programmatically or manually inspect the block chain and find that the network of trust is small and central to one node in the graph. The loaner might also sum the amount spent and say that they will not loan more than the total spent on reputation for the very first loan they make to the individual. In this way, who would spend more money to make fake reputation to get a loan for less than it cost to fake the reputation?
The Spivey Bitcoin Reputation Protocol also has interesting analytics inherent to it that is open data, available for anyone who looks at the Bitcoin block chain. First, it is open data on a peer-to-peer network with some of the strongest computers in the world supporting it. This aspect makes it durable, maintenance free (because others mining Bitcoins are maintaining the network and have an incentive to do so), and it is a reputation protocol that is as strong as the currency itself, unlike weaker systems that are hosted outside Bitcoin.
The protocol produces a graph of handshakes that can be publicly inspected manually and programmatically. You can make custom analytics, ratios, connection inferences and so on just by starting to browse the handshakes. Lots of associations and risk analysis can be inferred and remain proprietary. The data is open, but your derivative works and interpretations can remain proprietary.
If there are more than 2 transactions for the exact same amount within the same time window for the port wallet, then the two transactions closest together and first become the handshake. This is to prevent people from using the block chain explorer to see handshakes in real-time and then try to quickly send in the same token to forge a connection.
I will be publishing in the next few weeks the method for encoding that you no longer trust a Bitcoin wallet.