Group items tagged

At the heart of Movenbank is a concept call CRED.

The difference today is our ability to capture data from across an array of digital services. With every trade we make, comment we leave, person we "friend", spammer we flag or badge we earn, we leave a trail of how well we can or can't be trusted.

An aggregated online reputation having a real-world value holds enormous potential

peer-to-peer marketplaces, where a high degree of trust is required between strangers; and where a traditional approach based on disjointed information sources is currently inefficient, such as recruiting.

opportunity to reinvent the way people found jobs through online reputation

"It's not about your credit, but your credibility," King says.

But this wealth of data raises an important question -- who owns our reputation? Shouldn't our hard-earned online status be portable? If you're a SuperHost on Airbnb, shouldn't you be able to use that reputation to, say, get a loan, or start selling on Etsy?

"People are currently underusing their networks and reputation," King says. "I want to help people to understand and build their influence and reputation, and think of it as capital they can put to good use."

Social scientists have long been trying to quantify the value of reputation.

Using functional magnetic resonance imaging, the researchers monitored brain activity

"The implication of our study is that different types of reward are coded by the same currency system." In other words, our brains neurologically compute personal reputation to be as valuable as money.

Personal reputation has been a means of making socioeconomic decisions for thousands of years. The difference today is that network technologies are digitally enabling the trust we used to experience face-to-face -- meaning that interactions and exchanges are taking place between total strangers.

Trust and reputation become acutely important in peer-to-peer marketplaces such as WhipCar and Airbnb, where members are taking a risk renting out their cars or their homes.

When you are trading peer-to-peer, you can't count on traditional credit scores. A different measurement is needed. Reputation fills this gap because it's the ultimate output of how much a community trusts you.

Welcome to the reputation economy, where your online history becomes more powerful than your credit history.

Presently, reputation data doesn't transfer between verticals.

A wave of startups, including Connect.Me, TrustCloud, TrustRank, Legit and WhyTrusted, are trying to solve this problem by designing systems that correlate reputation data. By building a system based on "reputation API" -- a combination of a user's activity, ratings and reviews across sites -- Legit is working to build a service that gives users a score from zero to 100. In trying to create a universal metric for a person's trustworthiness, they are trying to "become the credit system of the sharing economy", says Jeremy Barton, the 27-year-old San Francisco-based cofounder of Legit.

His company, and other reputation ventures, face some big challenges if they are to become, effectively, the PayPal of trust. The most obvious is coming up with algorithms that can't be easily gamed or polluted by trolls. And then there's the critical hurdle of convincing online marketplaces not just to open up their reputation vaults, but create a standardised format for how they frame and collect reputation data. "We think companies will share reputation data for the same reasons banks give credit data to credit bureaux," says Rob Boyle, Legit cofounder and CTO. "It is beneficial for one company to give up their slice of reputation data if in return they get access to the bigger picture: aggregated data from other companies."

PeerIndex, Kred and Klout,

are measuring social influence, not reputation. "Influence measures your ability to drag someone into action,"

"Reputation is an indicator of whether a person is good or bad and, ultimately, are they trustworthy?"

Early influence and reputation aggregators will undoubtedly learn by trial and error -- but they will also face the significant challenge of pioneering the use of reputation data in a responsible way. And there's a challenge beyond that: reputation is largely contextual, so it's tricky to transport it to other situations.

Many of the ventures starting to make strides in the reputation economy are measuring different dimensions of reputation.

reputation is a measure of knowledge

a measure of trust

a measure of propensity to pay

measure of influence

Reputation capital is not about combining a selection of different measures into a single number -- people are too nuanced and complex to be distilled into single digits or binary ratings.

It's the culmination of many layers of reputation you build in different places that genuinely reflect who you are as a person and figuring out exactly how that carries value in a variety of contexts.

The most basic level is verification of your true identity

reliability and helpfulness

do what we say we are going to do

respect another person's property

trusted to pay on time

we will be able to perform a Google- or Facebook-like search and see a picture of a person's behaviour in many different contexts, over a length of time. Slivers of data that have until now lived in secluded isolation online will be available in one place. Answers on Quora, reviews on TripAdvisor, comments on Amazon, feedback on Airbnb, videos posted on YouTube, social groups joined, or presentations on SlideShare; as well as a history and real-time stream of who has trusted you, when, where and why. The whole package will come together in your personal reputation dashboard, painting a comprehensive, definitive picture of your intentions, capabilities and values.

idea of global reputation

By the end of the decade, a good online reputation could be the most valuable currency in your possession.

cognitive perspective

continuous process integrated in the interaction with the environment

normative perspective

logic of decision making

and rationality

decision making is a reasoning or emotional process which can be rational or irrational, can be based on explicit assumptions or tacit assumptions.

Logical decision making

making informed decisions

recognition primed decision approach

without weighing alternatives

integrated uncertainty into the decision making process

A major part of decision making involves the analysis of a finite set of alternatives described in terms of some evaluative criteria.

multi-criteria decision analysis (MCDA) also known as multi-criteria decision making (MCDM).

differentiate between problem analysis and decision making

Problem analysis must be done first, then the information gathered in that process may be used towards decision making.[4]

decision making techniques people use in everyday life

Pros and Cons

Simple Prioritization:

Decision-Making Stages

Orientation stage

Conflict stage

Emergence stage

Reinforcement stage

Decision-Making Steps

Outline your goal and outcome

Gather data

Brainstorm to develop alternatives

List pros and cons of each alternative

Make the decision

take action

Learn from, and reflect on the decision making

Cognitive and personal biases

Selective search for evidence

Premature termination of search for evidence

Inertia

Selective perception

Wishful thinking or optimism bias

Choice-supportive bias

Recency

Repetition bias

Anchoring and adjustment

Group think – Peer pressure

Source credibility bias

Incremental decision making and escalating commitment

Attribution asymmetry

Role fulfillment

Underestimating uncertainty and the illusion of control

a person's decision making process depends to a significant degree on their cognitive style

thinking and feeling; extroversion and introversion; judgment and perception; and sensing and intuition.

someone who scored near the thinking, extroversion, sensing, and judgment

would tend to have a logical, analytical, objective, critical, and empirical decision making style.

national or cross-cultural differences

distinctive national style of decision making

human decision-making is limited by available information, available time, and the information-processing ability of the mind.

two cognitive styles: maximizers

satisficers

Many animals use visual observations to decide whether to work with others.

humans are more cooperative when they sense they're being watched.

The feeling of being watched enhances cooperation, and so does the ability to watch others. To try to know what others are doing is a fundamental part of being human

Shame serves as a warning to adhere to group standards or be prepared for peer punishment. Many individualistic societies, however, have migrated away from peer punishment toward a third-party penal system

Shame has become less relevant in societies where taking the law into one's own hands is viewed as a breach of civility.

Many problems, like most concerning the environment, are group problems. Perhaps to solve these problems we need a group emotion. Maybe we need shame.

Guilt prevails in many social dilemmas

It is perhaps unsurprising that a set of tools has emerged to assuage this guilt

Guilt abounds in many situations where conservation is an issue.

The problem is that environmental guilt, though it may well lead to conspicuous ecoproducts, does not seem to elicit conspicuous results.

The positive effect of idealistic consumers does exist, but it is masked by the rising demand and numbers of other consumers.

Guilt is a valuable emotion, but it is felt by individuals and therefore motivates only individuals. Another drawback is that guilt is triggered by an existing value within an individual. If the value does not exist, there is no guilt and hence no action

Getting rid of shaming seems like a pretty good thing, especially in regulating individual behavior that does no harm to others. In eschewing public shaming, society has begun to rely more heavily on individual feelings of guilt to enhance cooperation.

five thousand years ago, there arose another tool: writing

Judges in various states issue shaming punishments,

shaming by the state conflicts with the law's obligation to protect citizens from insults to their dignity.

What if government is not involved in the shaming?

Is this a fair use of shaming? Is it effective?

Shaming might work to change behavior in these cases, but in a world of urgent, large-scale problems, changing individual behavior is insignificant

vertical agitation

Guilt cannot work at the institutional level, since it is evoked by individual scruples, which vary widely

But shame is not evoked by scruples alone; since it's a public sentiment, it also affects reputation, which is important to an institution.

corporate brand reputation outranked financial performance as the most important measure of success

shame and reputation interact

in our early evolution we could gauge cooperation only firsthand

Shaming, as noted, is unwelcome in regulating personal conduct that doesn't harm others. But what about shaming conduct that does harm others?

why we learned to speak.1

Language

The need to accommodate the increasing number of social connections and monitor one another could be

allowed for gossip, a vector of social information.

in cooperation games that allowed players to gossip about one another's performance, positive gossip resulted in higher cooperation.

Of even greater interest, gossip affected the players' perceptions of others even when they had access to firsthand information.

Human society today is so big that its dimensions have outgrown our brains.

What tool could help us gossip in a group this size?

We can use computers to simulate some of the intimacy of tribal life, but we need humans to evoke the shame that leads to cooperation. The emergence of new tools— language, writing, the Internet—cannot completely replace the eyes. Face-to-face interactions, such as those outside Trader Joe's stores, are still the most impressive form of dissent.

what is stopping shame from catalyzing social change? I see three main drawbacks:

Today's world is rife with ephemeral, or "one-off," interactions.

Research shows, however, that if people know they will interact again, cooperation improves

Shame works better if the potential for future interaction is high

In a world of one-off interactions, we can try to compensate for anonymity with an image score,

which sends a signal to the group about an individual's or institution's degree of cooperation.

Today's world allows for amorphous identities

It's hard to keep track of who cooperates and who doesn't, especially if it's institutions you're monitoring

Shaming's biggest drawback is its insufficiency.

Some people have no shame

shame does not always encourage cooperation from players who are least cooperative

a certain fraction of a given population will always behave shamelessly

if the payoff is high enough

There was even speculation that publishing individual bankers' bonuses would lead to banker jealousy, not shame

shame is not enough to catalyze major social change

This is why punishment remains imperative.

Even if shaming were enough to bring the behavior of most people into line, governments need a system of punishment to protect the group from the least cooperative players.

Today we are faced with the additional challenge of balancing human interests and the interests of nonhuman life.

we are interested in the resilience that comes from building a rich ecosystem of interoperable currencies

What are the core elements of a modern cryptocurrency?

Digital

Holdings are electronic and only exist and operate by virtue of a community’s agreement about how to interpret digital bits according to rules about operation and accounting of the currency.

Trustless

don’t have to trust a 3rd party central authority

Decentralized

Specifically, access, issuance, transaction accounting, rules & policies, should be collectively visible, known, and held.

Cryptographic

This cryptographic structure is used to enable a variety of people to host the data without being able to alter it.

Identity

there must be a way to associate these bits with some kind of account, wallet, owner, or agent who can use them

Other things that many take for granted in blockchains may not be core but subject to decisions in design and implementation, so they can vary between implementations

It does not have to be stored in a synchronized global ledger

does not have to be money. It may be a reputation currency, or data used for identity, or naming, etc

Its units do not have to be cryptographic tokens or coins

It does not have to protect the anonymity of users, although it may

if you think currency is only money, and that money must be artificially scarce

Then you must tackle the problem of always tracking which coins exist, and which have been spent. That is one approach — the one blockchain takes.

You might optimize for anonymity if you think of cryptocurrency as a tool to escape governments, regulations, and taxes.

if you want to establish and manage membership in new kinds of commons, then identity and accountability for actions may turn out to be necessary ingredients instead of anonymity.

In the case of the MetaCurrency Project, we are trying to support many use cases by building tools to enable a rich ecosystem of communities and current-sees (many are non-monetary) to enhance collective intelligence at all scales.

Managing consensus about a shared reality is a central challenge at the heart of all distributed computing solutions.

If we want to democratize money by having cryptocurrencies become a significant and viable means of transacting on a daily basis, I believe we need fundamentally more scalable approaches that don’t require expensive, dedicated hardware just to participate.

We should not need system wide consensus for two people to do a transaction in a cryptocurrency

Blockchain is about managing a consensus about what was “said.” Ceptr is about distributing a consensus about how to “speak.”

how nature gets the job done in massively scalable systems which require coordination and consistency

Replicate the same processes across all nodes

Empower every node with full agency

Hold this transformed state locally and reliably

Establish protocols for interaction

Each speaker of a language carries the processes to understand sentences they hear, and generate sentences they need

we certainly don’t carry some kind of global ledger of everything that’s ever been said, or require consensus about what has been said

Language IS a communication protocol we learn by emulating the processes of usage.

Dictionaries try to catch up when the usage

there is certainly no global ledger with consensus about the state of trillions of cells. Yet, from a single zygote’s copy of DNA, our cells coordinate in a highly decentralized manner, on scales of trillions, and without the latency or bottlenecks of central control.

Imagine something along the lines of a Java Virtual Machine connected to a distributed version of Github

Every time this JVM runs a program it confirms the hash of the code it is about to execute with the hash signed into the code repository by its developers

This allows each node that intends to be honest to be sure that they’re running the same processes as everyone else. So when two parties want to do a transaction, and each can have confidence their own code, and the results that your code produces

Then you treat it as authoritative and commit it to your local cryptographically self-validating data store

Allowing each node to treat itself as a full authority to process transactions (or interactions via shared protocols) is exactly how you empower each node with full agency. Each node runs its copy of the signed program/processes on its own virtual machine, taking the transaction request combined with the transaction chains of the parties to the transaction. Each node can confirm their counterparty’s integrity by replaying their transactions to produce their current state, while confirming signatures and integrity of the chain

If both nodes are in an appropriate state which allows the current transaction, then they countersign the transaction and append to their respective chains. When you encounter a corrupted or dishonest node (as evidenced by a breach of integrity of their chain — passing through an invalid state, broken signatures, or broken links), your node can reject the transaction you were starting to process. Countersigning allows consensus at the appropriate scale of the decision (two people transacting in this case) to lock data into a tamper-proof state so it can be stored in as many parallel chains as you need.

When your node appends a mutually validated and signed transaction to its chain, it has updated its local state and is able to represent the integrity of its data locally. As long as each transaction (link in the chain) has valid linkages and countersignatures, we can know that it hasn’t been tampered with.

If you can reliably embody the state of the node in the node itself using Intrinsic Data Integrity, then all nodes can interact in parallel, independent of other interactions to maximize scalability and simultaneous processing. Either the node has the credits or it doesn’t. I don’t have to refer to a global ledger to find out, the state of the node is in the countersigned, tamper-proof chain.

Just like any meaningful communication, a protocol needs to be established to make sure that a transaction carries all the information needed for each node to run the processes and produce a new signed and chained state. This could be debits or credits to an account which modify the balance, or recoding courses and grades to a transcript which modify a Grade Point Average, or ratings and feedback contributing to a reputation score, and so on.

By distributing process at the foundation, and leveraging Intrinsic Data Integrity, our approach results in massive improvements in throughput (from parallel simultaneous independent processing), speed, latency, efficiency, and cost of hardware.

You also don’t need to incent people to hold their own record — they already want it.

Another noteworthy observation about humans, cells, and atoms, is that each has a general “container” that gets configured to a specific use.

Likewise, the Receptors we’ve built are a general purpose framework which can load code for different distributed applications. These Receptors are a lightweight processing container for the Ceptr Virtual Machine Host

Ceptr enables a developer to focus on the rules and transactions for their use case instead of building a whole framework for distributed applications.

how units in a currency are issued

Most people think that money is just money, but there are literally hundreds of decisions you can make in designing a currency to target particular needs, niches, communities or patterns of flow.

Blockchain cryptocurrencies are fiat currencies. They create tokens or coins from nothing

These coins are just “spoken into being”

the challenging task of

ensure there is no counterfeiting or double-spending

Blockchain cryptocurrencies are fiat currencies

These coins are just “spoken into being”

the challenging task of tracking all the coins that exist to ensure there is no counterfeiting or double-spending

You wouldn’t need to manage consensus about whether a cryptocoin is spent, if your system created accounts which have normal balances based on summing their transactions.

In a mutual credit system, units of currency are issued when a participant extends credit to another user in a standard spending transaction

Alice pays Bob 20 credits for a haircut. Alice’s account now has -20, and Bob’s has +20.

Alice spent credits she didn’t have! True

Managing the currency supply in a mutual credit system is about managing credit limits — how far people can spend into a negative balance

Notice the net number units in the system remains zero

One elegant approach to managing mutual credit limits is to set them based on actual demand.

concerns about manufacturing fake accounts to game credit limits (Sybil Attacks)

keep in mind there can be different classes of accounts. Easy to create, anonymous accounts may get NO credit limit

What if I alter my code to give myself an unlimited credit limit, then spend as much as I want? As soon as you pass the credit limit encoded in the shared agreements, the next person you transact with will discover you’re in an invalid state and refuse the transaction.

If two people collude to commit an illegal transaction by both hacking their code to allow a normally invalid state, the same still pattern still holds. The next person they try to transact with using untampered code will detect the problem and decline to transact.

Most modern community currency systems have been implemented as mutual credit,

Hawala is a network of merchants and businessmen, which has been operating since the middle ages, performing money transfers on an honor system and typically settling balances through merchandise instead of transferring money

Let’s look at building a minimum viable cryptocurrency with the hawala network as our use case

To minimize key management infrastructure, each hawaladar’s public key is their address or identity on the network. To join the network you get a copy of the software from another hawaladar, generate your public and private keys, and complete your personal profile (name, location, contact info, etc.). You call, fax, or email at least 10 hawaladars who know you, and give them your IP address and ask them to vouch for you.

Once 10 other hawaladars have vouched for you, you can start doing other transactions because the protocol encoded in every node will reject a transaction chain that doesn’t start with at least 10 vouches

seeding your information with those other peers so you can be found by the rest of the network.

As described in the Mutual Credit section, at the time of transaction each party audits the counterparty’s transaction chain.

Our hawala crypto-clearinghouse protocol has two categories of transactions: some used for accounting and others for routing. Accounting transactions change balances. Routing transactions maintain network integrity by recording information about hawaladar

Accounting Transactions create signed data that changes account balances and contains these fields:

The final hash of all of the above fields is used as a unique transaction ID and is what each of party signs with their private keys. Signing indicates a party has agreed to the terms of the transaction. Only transactions signed by both parties are considered valid. Nodes can verify signatures by confirming that decryption of the signature using the public key yields a result which matches the transaction ID.

Routing Transactions sign data that changes the peers list and contain these fields:

As with accounting transactions, the hash of the above fields is used as the transaction’s unique key and the basis for the cryptographic signature of both counterparties.

Remember, instead of making changes to account balances, routing transactions change a node’s local list of peers for finding each other and processing.

a distributed network of mutual trust

operates across national boundaries

everyone already keeps and trusts their own separate records

Hawaladars are not anonymous

“double-spending”

It would be possible for someone to hack the code on their node to “forget” their most recent transaction (drop the head of their chain), and go back to their previous version of the chain before that transaction. Then they could append a new transaction, drop it, and append again.

After both parties have signed the agreed upon transaction, each party submits the transaction to separate notaries. Notaries are a special class of participant who validate transactions (auditing each chain, ensuring nobody passes through an invalid state), and then they sign an outer envelope which includes the signatures of the two parties. Notaries agree to run high-availability servers which collectively manage a Distributed Hash Table (DHT) servicing requests for transaction information. As their incentive for providing this infrastructure, notaries get a small transaction fee.

This approach introduces a few more steps and delays to the transaction process, but because it operates on independent parallel chains, it is still orders of magnitude more efficient and decentralized than reaching consensus on entries in a global ledger

millions of simultaneous transactions could be getting processed by other parties and notaries with no bottlenecks.

There are other solutions to prevent nodes from dropping the head of their transaction chain, but the approach of having notaries serve out a DHT solves a number of common objections to completely distributed accounting. Having access to reliable lookups in a DHT provides a similar big picture view that you get from a global ledger. For example, you may want a way to look up transactions even when the parties to that transaction are offline, or to be able to see the net system balance at a particular moment in time, or identify patterns of activity in the larger system without having to collect data from everyone individually.

By leveraging Intrinsic Data Integrity to run numerous parallel tamper-proof chains you can enable nodes to do various P2P transactions which don’t actually require group consensus. Mutual credit is a great way to implement cryptocurrencies to run in this peered manner. Basic PKI with a DHT is enough additional infrastructure to address main vulnerabilities. You can optimize your solution architecture by reserving reserve consensus work for tasks which need to guarantee uniqueness or actually involve large scale agreement by humans or automated contracts.

It is not only possible, but far more scalable to build cryptocurrencies without a global ledger consensus approach or cryptographic tokens.

A broad statement of the key idea of smart contracts, then, is to say that contracts should be embedded in the world.

And where the vending machine, like electronic mail, implements an asynchronous protocol between the vending company and the customer, some smart contracts entail multiple synchronous steps between two or more parties

POS (Point of Sale)

EDI (Electronic Data Interchange

SWIFT

allocation of public network bandwidth via automated auctions

Smart contracts reference that property in a dynamic, proactively enforced form, and provide much better observation and verification where proactive measures must fall short.

The mechanisms of the world should be structured in such a way as to make the contracts (a) robust against naive vandalism, and (b) robust against sophisticated, incentive compatible (rational) breach.

A third category, (c) sophisticated vandalism (where the vandals can and are willing to sacrifice substantial resources), for example a military attack by third parties, is of a special and difficult kind that doesn't often arise in typical contracting, so that we can place it in a separate category and ignore it here.

The threat of physical force is an obvious way to embed a contract in the world -- have a judicial system decide what physical steps are to be taken out by an enforcement agency (including arrest, confiscation of property, etc.) in response to a breach of contract

It is what I call a reactive form of security.

The need to invoke reactive security can be minimized, but not eliminated, by making contractual arrangements verifiable

Observation of a contract in progress, in order to detect the first sign of breach and minimize losses, also is a reactive form of security

A proactive form of security is a physical mechanism that makes breach expensive

From common law, economic theory, and contractual conditions often found in practice, we can distill four basic objectives of contract design

observability

The disciplines of auditing and investigation roughly correspond with verification of contract performance

verifiability

The field of accounting is, roughly speaking, primarily concerned with making contracts an organization is involved in more observable

privity

This is a generalization of the common law principle of contract privity, which states that third parties, other than the designated arbitrators and intermediaries, should have no say in the enforcement of a contract

The field of security (especially, for smart contracts, computer and network security), roughly corresponds to the goal of privity.

enforceability

Reputation, built-in incentives, "self-enforcing" protocols, and verifiability can all play a strong part in meeting the fourth objective

Smart contracts often involve trusted third parties, exemplified by an intermediary, who is involved in the performance, and an arbitrator, who is invoked to resolve disputes arising out of performance (or lack thereof)

In smart contract design we want to get the most out of intermediaries and arbitrators, while minimizing exposure to them

Legal barriers are the most severe cost of doing business across many jurisdictions. Smart contracts can cut through this Gordian knot of jurisdictions

Where smart contracts can increase privity, they can decrease vulnerability to capricious jurisdictions

Secret sharing

The field of Electronic Data Interchange (EDI), in which elements of traditional business transactions (invoices, receipts, etc.) are exchanged electronically, sometimes including encryption and digital signature capabilities, can be viewed as a primitive forerunner to smart contracts

One important task of smart contracts, that has been largely overlooked by traditional EDI, is critical to "the meeting of the minds" that is at the heart of a contract: communicating the semantics of the protocols to the parties involved

There is ample opportunity in smart contracts for "smart fine print": actions taken by the software hidden from a party to the transaction.

Thus, via hidden action of the software, the customer is giving away information they might consider valuable or confidential, but the contract has been drafted, and transaction has been designed, in such a way as to hide those important parts of that transaction from the customer.

To properly communicate transaction semantics, we need good visual metaphors for the elements of the contract. These would hide the details of the protocol without surrendering control over the knowledge and execution of contract terms

Protocols based on mathematics, called cryptographic protocols, tre the basic building blocks that implement the improved tradeoffs between observability, verifiability, privity, and enforceability in smart contracts

secret key cryptography,

Public key cryptography

digital signatures

blind signature

Where smart contracts can increase observability or verifiability, they can decrease dependence on these obscure local legal codes and enforcement traditions

zero-knowledge interactive proof

digital mix

Keys are not necessarily tied to identities, and the task of doing such binding turns out to be more difficult than at first glance.

All public key operation are are done inside an unreadable hardware board on a machine with a very narrow serial-line connection (ie, it carries only a simple single-use protocol with well-verified security) to a dedicated firewall. Such a board is available, for example, from Kryptor, and I believe Viacrypt may also have a PGP-compatable board. This is economical for central sites, but may be less practical for normal users. Besides better security, it has the added advantage that hardware speeds up the public key computations.

If Mallet's capability is to physically sieze the machine, a weaker form of key protection will suffice. The trick is to hold the keys in volatile memory.

The data is still vulnerable to a "rubber hose attack" where the owner is coerced into revealing the hidden keys. Protection against rubber hose attacks might require some form of Shamir secret sharing which splits the keys between diverse phgsical sites.

How does Alice know she has Bob's key? Who, indeed, can be the parties to a smart contract? Can they be defined just by their keys? Do we need biometrics (such as autographs, typed-in passwords, retina scans, etc.)?

The public key cryptography software package "Pretty Good Privacy" (PGP) uses a model called "the web of trust". Alice chooses introducers whom she trusts to properly identify the map between other people and their public keys. PGP takes it from there, automatically validating any other keys that have been signed by Alice's designated introducers.

1) Does the key actually belong to whom it appears to belong? In other words, has it been certified with a trusted signature?

2) Does it belong to an introducers, someone you can trust to certify other keys?

3) Does the key belong to someone you can trust to introduce other introducers? PGP confuses this with criterion (2). It is not clear that any single person has enough judgement to properly undertake task (3), nor has a reasonable institution been proposed that will do so. This is one of the unsolved problems in smart contracts.

PGP also can be given trust ratings and programmed to compute a weighted score of validity-- for example, two marginally trusted signatures might be considered as credible as one fully trusted signature

Notaries Public Two different acts are often called "notarization". The first is simply where one swears to the truth of some affidavit before a notary or some other officer entitled to take oaths. This does not require the notary to know who the affiant is. The second act is when someone "acknowledges" before a notary that he has executed a document as ``his own act and deed.'' This second act requires the notary to know the person making the acknowledgment.

"Identity" is hardly the only thing we might want map to a key. After all, physical keys we use for our house, car, etc. are not necessarily tied to our identity -- we can loan them to trusted friends and relatives, make copies of them, etc. Indeed, in cyberspace we might create "virtual personae" to reflect such multi-person relationships, or in contrast to reflect different parts of our personality that we do not want others to link. Here is a possible classification scheme for virtual personae, pedagogically presented:

A nym is an identifier that links only a small amount of related information about a person, usually that information deemed by the nym holder to be relevant to a particular organization or community

A nym may gain reputation within its community.

With Chaumian credentials, a nym can take advantage of the positive credentials of the holder's other nyms, as provably linked by the is-a-person credential

A true name is an identifier that links many different kinds of information about an person, such as a full birth name or social security number

As in magick, knowing a true name can confer tremendous power to one's enemies

A persona is any perstient pattern of behavior, along with consistently grouped information such as key(s), name(s), network address(es), writing style, and services provided

A reputable name is a nym or true name that has a good reputation, usually because it carries many positive credentials, has a good credit rating, or is otherwise highly regarded

Reputable names can be difficult to transfer between parties, because reputation assumes persistence of behavior, but such transfer can sometimes occur (for example, the sale of brand names between companies).

Blind signatures can be used to construct digital bearer instruments, objects identified by a unique key, and issued, cleared, and redeemed by a clearing agent.

The clearing agent prevents multiple clearing of particular objects, but can be prevented from linking particular objects one or both of the clearing nyms who transferred that object

These instruments come in an "online" variety, cleared during every transfer, and thus both verifiable and observable, and an "offline" variety, which can be transfered without being cleared, but is only verifiable when finally cleared, by revealing any the clearing nym of any intermediate holder who transfered the object multiple times (a breach of contract).

To implement a full transaction of payment for services, we need more than just the digital cash protocol; we need a protocol that guarantees that service will be rendered if payment is made, and vice versa

A credential is a claim made by one party about another. A positive credential is one the second party would prefer to reveal, such as a degree from a prestigious school, while that party would prefer not to reveal a negative credential such as a bad credit rating.

A Chaumian credential is a cryptographic protocol for proving one possesses claims made about onself by other nyms, without revealing linkages between those nyms. It's based around the is-a-person credential the true name credential, used to prove the linkage of otherwise unlinkable nyms, and to prevent the transfer of nyms between parties.

Another form of credential is bearer credential, a digital bearer instrument where the object is a credential. Here the second party in the claim refers to any bearer -- the claim is tied only to the reputable name of issuing organization, not to the nym or true name of the party holding the credential.

Smart Property We can extend the concept of smart contracts to property. Smart property might be created by embedding smart contracts in physical objects. These embedded protocols would automatically give control of the keys for operating the property to the party who rightfully owns that property, based on the terms of the contract. For example, a car might be rendered inoperable unless the proper challenge-response protocol is completed with its rightful owner, preventing theft. If a loan was taken out to buy that car, and the owner failed to make payments, the smart contract could automatically invoke a lien, which returns control of the car keys to the bank. This "smart lien" might be much cheaper and more effective than a repo man. Also needed is a protocol to provably remove the lien when the loan has been paid off, as well as hardship and operational exceptions. For example, it would be rude to revoke operation of the car while it's doing 75 down the freeway.

Smart property is software or physical devices with the desired characteristics of ownership embedded into them; for example devices that can be rendered of far less value to parties who lack possesion of a key, as demonstrated via a zero knowledge interactive proof

One method of implementing smart property is thru operation necessary data (OND): data necessary to the operation of smart property.

A smart lien is the sharing of a smart property between parties, usually two parties called the owner and the lienholder.

Many parties, especially new entrants, may lack this reputation capital, and will thus need to be able to share their property with the bank via secure liens

What about extending the concept of contract to cover agreement to a prearranged set of tort laws? These tort laws would be defined by contracts between private arbitration and enforcement agencies, while customers would have a choice of jurisdictions in this system of free-market "governments".

If these privately practiced law organizations (PPLs for short) bear ultimate responsibility for the criminal activities of their customers, or need to insure lack of defection or future payments on the part of customers, they may in turn ask for liens against their customers, either in with contractual terms allowing arrest of customers under certain conditions

Other important areas of liability include consumer liability and property damage (including pollution). There need to mechanisms so that, for example, pollution damage to others' persons or property can be assessed, and liens should exist so that the polluter can be properly charged and the victims paid. Where pollution is quantifiable, as with SO2 emissions, markets can be set up to trade emission rights. The PPLs would have liens in place to monitor their customer's emissions and assess fees where emission rights have been exceeded.