Secure transfer of coins

As many of you know I have always tried to work with safety and security in mind when developing www.SuchList.com for you all. One of the things that got me started with SuchList was being scammed myself and seeing other being scammed online.

You see, one of the inherit problems with online based commerce is that anybody can claim to be anybody and it’s really hard for someone else to make educated decisions on whether to trust the supplied information or not.

For this reason I decided, early on, to build features to let users verify information about themselves. This includes things like Reddit accounts, Twitter accounts etc. It does in no way give you a complete picture, but instead serves to help you make your own educated decision. Someone with a, several year old, public Twitter profile that makes legit posts might be easier to trust.

But this relies on two things. Users willing to verify their information and other users actually making use of the available information in their decision making. Unfortunately it still happens that people spend large amounts of coins on some item offered by some user who has verified no additional information or only a brand new Reddit account without any history. Of course a user like this could be 100% legit, but it can be really hard to know or feel comfortable putting trust in a user like that.

How to add extra security?

The most crucial part of any online transaction is the transfer of funds from one party to the next. Here the ideal situation is to use some kind of extra layer in order to guarantee that the funds are not just blindly sent from one user to the next but instead have a platform that adds security and removes incentive for any party to try to be deceitful.

This is normally the domain of an escrow service. An escrow service works in the way that the seller requests a payment of x coins from the buyer. The buyer then transfers the coins. But instead of transferring them to the seller directly they are transferred to a third party that will hold on to the coins. The amount of coins received are displayed to the seller so the seller knows once the payment is done in full. The seller is then free to ship his goods to the buyer.

The nice part here is that both parties can verify that the payment is covered, but neither the seller nor the buyer can single handily withdraw the coins. Instead the buyer will release the coins once the goods have arrived.

This removes the incentive for a seller to try and scam a buyer, since the seller only get the coins once the buyer has actually received the goods. A seller not set on actually shipping any goods would thus never receive any coins.

It also removes the incentive for buyers trying to scam sellers into shipping goods and getting paid once it arrives, without actually planning to pay for the goods at all. Since the coins would be held in escrow and not easily reclaimed by the buyer.

Up until recently I recommended the escrow service mitm.io for this service. It was very easy to use and the times I tried it, worked flawlessly. The problem as of late has been the small annoying fact mitm.io has not been online for quite some time. The site was owned and operated by Moolah. and given all the drama around that it’s quite clear that it wont be comming back (and if it did I could not with a good conscience recommend it).

Solutions to mitm.io’s absence

During the time mitm.io was down but all the problems with Moolah still hadn’t been brought to light I opted in to act as a manual escrow for users of SuchList who needed the extra layer of security. This worked fine, but introduced a lot of extra work for me. More importantly it broke one of the main ideas of the site, that no user should have to rely on me for their payments to go through etc.

Ever since the start of SuchList I have had users asking me to include my own escrow service on the site. Several other sites do this in one for or another and I have not been blind to the use case for such a thing. But one thing I have always been against is the site storing coins in any way. A site, full of user accounts, full of coins, is a prime target for hackers. Even though a lot of safe guards are already in place I feel it would be dumb to add the extra risk.

You see, users loosing coins to hackers is one the worst things for the currency. A lot of, often unintentionally, insecure services have been breached and caused bad headlines. I did not want to add to that problem.

For this reason I declined the idea of implementing my own escrow service and stated my opinion and reason for this every time I got the question.

But the downfall of Moolah and the absence of mitm.io really annoyed me since I felt users were now left without a quick and (at the time) reliable escrow service. Asking people to go back to sending coins directly to each other without any security was not something that was good enough for me. But what could I do?

Introducing the fully integrated SuchList escrow service, with zero coins held by SuchList

I have always tried to think of a way to somehow creating  a very secure way of transferring the coins. After talking to various people I now think that I have found the solution that I have been looking for. It brings the best of both worlds. A fully integrated escrow service that works within SuchList itself. But at the same time SuchList will hold absolutely zero coins on the site. No, I don’t mean that I will export them to some cold storage and keep it secure like that. This would make users 100% dependent on me and when I had time and energy to transfer requested funds.

Instead, every escrow transaction will be kept secure by the one thing we trust the most (even if we don’t know it), the block chain.

Instead of trying to stash the coins held in escrow away somewhere  and hoping no one gets to them we hide them in plain sight. The way this works is through multi-signature transactions. That is, instead of you signing you transactions like you normally do on the Dogecoin network a transaction that requires more than one users signature is created.

How does it work on SuchList?

First, let me note that this feature is not released yet. But I still wanted you all to know what will soon be here in the light of the recent Moolah drama. Functionality is in testing but not much energy has been put into UI at the moment.

When you register a deal on SuchList everything looks like normal, except you have one additional new choice to make.

escrow1

Registering a Deal

Besides all the normal information you can now select to create a Multi signature escrow payment connected to your deal. Note that this is not forced and you have the option to select External Transaction. This means that the transaction is handled outside of SuchList.

Why did I do this? Since I have always said that if I ever include any way to handle payments on the site I will make it optional to use. Perhaps you know the person you are doing the deal with or you are meeting in person. You should not be forced into using a specific payment method then.

If you select to use the escrow system you will have to enter some more information.

escrow2

New escrow option

I have tried to keep everything 100% free, but users have told me that I must make sure the site survives and is financed. So in order to help with that a small fee was introduced. Do note though that you are not forced into using the escrow service.

The seller and buyer can agree on how to cover this fee. They can split it, the seller can pay it or the buyer can pay it. How much the buyer will have to deposit and the seller will get when he withdraws the payment is clearly visible for every given option.

Next you select how to secure you transaction. You can select one of two ways.

  • Protect it using your SuchList password (actually a lot of random characters encrypted by your password)
  • Protect it using a passphrase you set that is unique to this specific transaction

Exactly how this is used will not be discussed here, but it’s basically used to generate the keys used to sign your transactions. A user confirming a deal will choose how to secure his/her part of the transaction in the same way. In order for the seller to request a release or the buyer to release the coins they must know their respective secrets.

One thing I have always wanted to guard against as much as possible in the event of the site having any kind of service like this is how to avoid a complete breach from loosing a lot of user coins. Sure, it’s a bit paranoid and probably not the most common scenario to try and stay secure against. But with this solution we get quite close.

Since you password is encrypted on the site and a unique pass phrase you might choose is not saved at all on the site it would be very hard for anyone to gain access to this required information and release a payment in your place.

Since coins are not actually stored on the site a breach would not give a hacker access to all the users coins. Further more, coins released from escrow are sent to a wallet of the sellers choice. Not kept in some temporary wallet controlled by the site. This further reduces the likelihood of any hacker gaining access to any coins.

Also, one last thing here is that since these transactions requires multiple signatures a hacker who obtained your password or somehow got access to the site and managed to brute force your unique pass phrase would still not be able to withdraw any coins. Since it would require at least a secondary signature as well.

Release

I hope to have this ready for release very soon so you can all go back to making secure online commerce with escrow service if needed.

If all goes well the plan is to also add support for escrow transactions for people who are not active users of SuchList. But that will follow at a later date.

 Some development screens

Here are some additional screen shots. They are a work in progress and things have already changed a bit, but just to give you a quick glimpse.

Deals to confirm now show if they use the escrow system or not

Deals to confirm now show if they use the escrow system or not

Confirming a deal using the escrow system shows some additional information to the buyer

Confirming a deal using the escrow system shows some additional information to the buyer

escrow3

A quick overview of all your active escrow payments

escrow4

Payment details for a non fully funded payment

escrow5

Payment details for a fully funded payment.

Be Sociable, Share!

3 thoughts on “Secure transfer of coins

  1. BitBox Cat

    Rad feature, but how do you handle bad actors? Say you have a shady seller who takes the coins into escrow and never ships anything. What happens to the coins then? Same for a shady buyer, they get whatever the seller sent and then say it never came. There has to be a 3rd party that can send them back or push them on. I guess I just don’t get how escrow works without a trusted 3rd party.

    I really like suchlist, haven’t used it yet, but it’s on my… uh… list 😉

    Reply
    1. Daniel Liljeberg Post author

      The idea is to require two signatures to release the coins (buyer and seller) and that SuchList will also have a third signature that can use to handle disputes.
      That way the buyer and seller together can authorize the release of coins. or the buyer or seller along with me can do this. That can be used to release coins in the case of a dispute. But without giving me any kind of option to release/withdraw the coins at my own discretion. So two parties will always be needed to process the transaction.

      The rules regarding how disputes are handled is something that needs to be worked out and are probably the tricky part. I will of course not be able to know every single detail about a deal and know 100% of the time who’s lying. But I must still be able to make a decision in these cases. Without being personally burned for that decision. In time perhaps it could be partly crowd sourced decisions. Hopefully there will be a minimal set of these disputes. But if there’s a lot it could be something that requires additional work. For instance I’m thinking of tagging a users account every time they are a part of a dispute to help other users and to have the system detect “bad” users.

      Reply
      1. David Wilson

        Certainly a great addition and similar to an idea I pitched a couple of weeks back on the sub. It’s great to see you’re able to develop the blockchain technology into a useable escrow, something I unfortunately had no knowledge of how to do.

        As mentioned the main issue is seller disputes. My suggestion would be the use of an oracle which can sign the transactions off automatically based on community opinion. If, for example, a voting system was implemented as a feature of a faucet it would save you time and take any blame for wrongly handled disputes away from you. Possible a set percentage of the such list cut could be fed into a faucet which rewards users based on the completion of a dispute vote. To encourage users not to randomly choose seller or buyer maybe a higher payout if they side with the majority of users? Just an idea in an attempt to decentralise the system as much as possible.

        Reply

Leave a Reply

Your email address will not be published. Required fields are marked *