OpenBazaar - Ratings, reviews and reputation

1

OpenBazaar

Ratings, Reviews, and Reputation

Austin WilliamsDr Washington Sanchez (drwasho)

2

Overview1. What is identity on OpenBazaar?2. What are Ricardian Contracts?3. What is reputation on OpenBazaar?4. What is a valid rating?5. Where is the rating stored?6. What about privacy?

The above picture isn’t relevant to anything, the slides just felt awkward with all this white space.

3

Before we talk about ratings, reviews and reputation…

Let’s talk about identity

What is identity on OpenBazaar?

4



BITCOINNETWORK PASSCARD

5

NETWORK

ECC key that generates a global unique identifier (GUID) that is your OpenBazaar ID

GUID IP Address Port

34e57db64ce7435ab0f759cca81386527c670bd1

215.1.22.125 45785

Distributed Hash Table


6

No one can spoof your GUID unless they compromise your private key

Can someone spoof my GUID?


Elliptic Curve Cryptography (ECC)

Private key(2128)

Public key

GUID

RIPEMD160(sha256[self_signed pubkey])

This is how babies are made

Some modifications are being made to the GUID to make it non-trivial to generate, in order to create a mild proof of work

7

Network communications on OpenBazaar

“Hi, my name is GUIDAlice and this is my public key!”

“Hi GUIDAlice , yep that checks out. I’m GUIDBob and this is my public key!”

“Yep that checks out!”

Step 1: Say Hello; verify GUIDs match the public key.


8


“Want to buy some ‘My Little Pony’ DVDs?

“Yeah sure”

Step 2: Encrypt messages with a peer’s public key so only they can read it.


9


{ “item”: “My Little Pony volume 1”…}

{ “shipping_address”: “1060 West Addison St, Chicago, IL”…}

These messages will also carry the terms and conditions of the Ricardian contracts


10

Network communications on OpenBazaarSome nuance

1. ECC key that generates GUID will be used for session authentication

2. Ephemeral ECC keys will be used for to encrypt messages between peers after authentication

(Forward secrecy)


11

GUID keys are used to sign the Ricardian Contracts


12



BitcoinNetwork Passcard

13

BITCOIN

Bitcoin keys used for controlling the multisignature escrow address

This is your financial identity, indicating you have the contributing power to release funds according

to the terms and conditions of the contract


14

Bitcoin keys used for controlling the multisignature escrow address

BIP32 hierarchical deterministic keys to create 1 key per contract

GUID + Bitcoin keys are the only things you need to make a trade over OpenBazaar


15

Bitcoin keys are used to sign the Ricardian Contracts

The identity with financial power agrees to the terms and conditions of a trade with another identity.


16



BITCOINNETWORK PASSCARD

17

A Passcard is a portable identity that can be used to:1. Register a storefront handle2. Cryptographically link:

• Multiple nodes on the network• Identities outside of OpenBazaar

PASSCARD


Passcard operates according to the Bitcoin Naming System protocol, designed by Onename

18

Passcard allows users to associate as much or as little personally identifiable information (PII) as they desire with a GUID

GUID: 34e57db64ce7435ab0f759cca81386527c670bd1

Passcard: +gillian_a_thompson

Cryptographically link identitiesRegister handle for the node

+ Certificate authority style ID verification+ Business address+ Phone number

Optional


19

A Passcard can be associated with multiple nodes that the user controls; registering a handle for each node

@gthompson_US@MyLittlePony_shoes

@BronyFeetGUID: 34e57db64ce7435ab0f759cca81386527c670bd1


@gthompson_China@ 我的小马驹

@Brony 脚

GUID: 287bf38cf4aa9dfa0c1fe409d7bd0563b3691c90

Passcard: +gillian_a_thompson

20

What is identity on OpenBazaar?Summary

• There are 3 types of identity:1. OpenBazaar identity (network GUID keys)

1. ECC keys2. One GUID per node on the network3. No one can spoof the GUID4. Messages between nodes are authenticated with the recipient’s public key5. Contracts are signed with the GUID keys (Vendor only)

2. Bitcoin identity1. Bitcoin multisignature escrow signing keys2. 1 keypair per contract, generated from BIP32 seed3. Ricardian contracts are signed with Bitcoin keys

3. Passcard identity1. Passcard is used to register a handle for the node (1 handle per node)2. Passcard is used to link multiple nodes the user may control3. Passcard can also associate a node with other identities (e.g. Facebook, Twitter)

21

Ricardian Contracts & the Trade Flow

Ricardian Contracts and the Trade Flow

22


A digital contract that defines the terms and conditions of an interaction, between two or more peers, that is

cryptographically signed and verified

Results in a tamper-proof contract that is formatted in XML or JSON to be both human and machine readable

What are Ricardian Contracts?

23


Cryptographic keys to establish identity

Semantic data to establish the terms and conditions of an interaction (e.g. money exchanged for a good/service)

Digital signatures to create fraud-proof evidence that an identity agreed to these terms and conditions

Cryptographic hash of the contract to create a tamper-proof record of the contract

Major components

24


Application populates listing data into JSON

This data is saved locally and becomes the Ricardian Contract

There is a template attribute schema for physical goods, digital goods, and services

Peers will request the values corresponding to the attribute schema when downloading a contract

Ricardian Contracts in OpenBazaar

25


Contract schema divided into four stages, as per the trade flow

1. Stage 1: Vendor makes a listing2. Stage 2: Buyer places an order3. Stage 3: Vendor {ships the item; discloses link to digital content;

places an invoice for services rendered}4. Stage 4: Buyer releases funds and makes rating

Ricardian Contracts in OpenBazaar

Some areas are expanded in more detail later

26


27

What is reputation on OpenBazaar?


28

Context is king(aggregation is the enemy)

Not a vouching system(web-of-trust is another layer, not an alternative)


29


Reputation is comprised of individual transaction ratings

30

Transaction Ratings6 Rating Parameters


1. Overall Transaction Rating2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review

Tx RatingItem: XBuyer: Jim

31

1. Overall Transaction Rating


There are two approaches:1. Rate the transaction out of 5 stars (indirect)

2. Rate the transaction: positive, neutral or negative (direct)

I don’t mind very much which approach we take.

But when it comes to calculating the overall reputation of the vendor, the 5 star approach is typically reduced to positive, neutral or negative anyway…

so it may be easier to just go with that upfront

What was the overall transaction experience when purchasing this product from the vendor?

32





33

What was the quality of the item, content, or service from the vendor?

2. Item, Content, or Service Quality

Excellent:Good:Neutral:Poor:Terrible:


34





35

How accurate was the listing description of the item, content or service?

3. Item, Content, or Service Description



36





37

How quickly was the item sent, content accessible, or service performed after ordering?

4. Item, Content, or Service Delivery



38





39

How do you rate the quality of the vendor’s communication?

5. Customer Service



40





41

Leave some written feedback on the item and the vendor for other buyers

6. Review

ReviewCharacter limited review text


Not too long, maybe 280 characters (2 tweets length)?

42

Transaction RatingSummary


1. Overall Transaction Rating Positive (+1)2. Item, Content, or Service Quality3. Item, Content, or Service Description4. Item, Content, or Service Delivery5. Vendor Customer Service6. Review “The item was

great…”


43


Reputation is comprised of individual transaction ratings

44

Item ReputationThe sum of transaction ratings from a single item

Buyer ReputationThe sum of transaction ratings from all items


Vendor ReputationThe sum of transaction ratings from all items

45

Tx RatingItem: XBuyer: Bob


Item X Reputation

Item ReputationThe sum of transaction ratings from a single item


1. Overall Transaction Rating Positive (+10, 98%)

2. Item Quality3. Item Description4. Item Delivery5. Customer Service

6. Review … see all …

46

Tx RatingItem: XBuyer: Bob


Tx RatingItem: ZBuyer: Jim

Tx RatingItem: YBuyer: Tom

Vendor Reputation

Vendor ReputationThe sum of transaction ratings from all items


1. Overall Transaction Rating Positive (+58, 94%)

2. Item Quality (60)

3. Item Description (56)

4. Item Delivery (58)

5. Customer Service (56)

6. Review … see all …

Hover over?

47

Tx RatingItem: XVendor: Jim

Buyer Reputation

Buyer ReputationThe sum of transaction ratings from all items


Tx RatingItem: ZVendor: Eve

48

What about Moderator Reputation?


Difficult problem to solve as there will always be one party that is happy with the result, and one that is unhappy

Transparency is the best approach

The claim and dispute decision should be publicly accessible for both Vendors and Buyers to assess:

1) Quality of the decision2) Feedback from the winning and losing parties3) Dispute resolution standards

49

Moderator Ratings


Individual dispute summaries would include the claimee, the winner, rating and review from each side; also link to Ricardian Contract

50

Moderator Reputation


Ratings will be aggregated from the winners and losers of each disputed transaction

Negative or positive consensus on the quality of dispute resolution will inform Vendors and Buyers

Click for list of reviews Click for list of reviews

51

Ratings are assigned to a Vendor’s GUID

Reputation will be calculated by combining ratings from all cryptographically linked nodes

What is a valid rating?

52

What is a valid rating?How do we know a trade is real?

trade


53

We can never know if a trade and its rating is real or not

Without a gross invasion of privacy…

But we can set reasonable criteria to evaluate if a trade and its rating is real or not


54

Criteria for a valid rating:

1. A trade receipt 2. Evidence of a multisignature transaction


55




56

Trade Receipt

… is a completed Ricardian Contract with verifiable digital signatures

Rating data is included in the last stage of the trade flow where funds

are released to the Vendor


57

Remember, the trade flow…

Ricardian Contract (stage 4)


58

Remember for later:

The Ricardian contract is filled-in, by each party, as the trade flow progresses

Vendors/Buyers will send data to populate the attribute-value pairs in the Ricardian contract template


59




60

Multisignature Transaction

Ricardian Contract references a multisignature transaction and requires digital signatures from the vendor and buyer’s multisig keys

Bitcoin multisig transaction means that ratings aren’t free (or easy)

Signatures from the multisig signing keys means a user can’t claim a multisig tx that isn’t theirs

Not a perfect proof-of-work, but it creates a non-trivial cost to make a rating that should discourage Sybil attacks


61

Recap:Rating data and evidence of the multisignature transaction is extracted from the trade receipt (completed Ricardian Contract)

Valid Rating Summary


62

Where is the rating stored?

Where is the trade receipt sent and hosted?

Hosted by the Vendor and/or ModeratorOr even the buyer if they’re online all the time…


63

Why would a vendor or buyer host a negative rating?

Vendors have an incentive to host all ratings if third parties like moderators or other agents are also hosting them too

Any omission may reflect poorly on the user, and may be publicised or penalised by the market


64

There is some ongoing work regarding embedding the data within the OpenBazaar DHT


65

What about privacy?

What about privacy?

66

What about privacy?

Two types of privacy:

Network Privacy

What about privacy?

Metadata Privacy

67

What about privacy?

What about privacy?


Network Privacy Metadata Privacy

TORVPN

Embedding encrypted contracts into the DHT Proxy

Forward Secrecy (OTR-style)

peer connections

68

What about privacy?

What about privacy?


Network Privacy Metadata Privacy

Data within the Ricardian Contract that can be used to determine the identity and behaviour of the buyer

69

What about privacy?

If the Ricardian Contract is necessary to make a listing and validate a rating…

… then buyer metadata is available to everyone

What about privacy?

70

By default, the application creates a pseudonymous identity in OpenBazaar

(covered earlier)

What about privacy?

These identities are nothing more than keypairs used for encrypting and digitally signing

71

The only way to protect the identity of the Buyer is to omit their network, PGP and any associated ID from the

Ricardian Contract

The Buyer’s identity in a trade is merely a bitcoin multisig signing key (one key per transaction; never reused)

What about privacy?

The Vendor knows the network ID where the orders are coming from, but this data isn’t recorded within the contract

Leaving a rating no longer poses a direct identity leak to the Buyer

72

What about the Shipping Address?

What about privacy?

To avoid PII metadata leaks from the Ricardian Contract, the shipping address needs to be encrypted

Step 1: XOR Shipping Address with Nonce

C = R Shipping Address⊕

R: Nonce; random number {0,1}128

Step 2: Encrypt the XOR’d Shipping Address with PGP pubkeys of the

Vendor and Moderator

Step 3: Embed encrypted XOR’d shipping address and sha256(nonce)

into the Ricardian Contract

Step 4: Send the encrypted nonce to the Vendor so they can decrypt the

shipping address

Step X: If there is a dispute RE the shipping address, the Vendor can reveal the nonce to the

Moderator, who is the only other person who can provably determine the shipping address

XOR’ing the shipping address with the nonce prevents the moderator from discovering the shipping address unless the nonce is revealed by either the buyer or vendor

73

Using bitcoin private keys to generate GUIDs

What about privacy?

A variation of this idea is to import a bitcoin private key to generate GUID (since they’re both ECC keys)

Interesting application of this is that it enables a user to communicate and trade ‘as’ or ‘to’ a bitcoin address

74

What about privacy?

Feedback welcome

With this many slides, I’m sure I made a couple of errors

Please join our Slack room to leave feedback, corrections, and suggestions:

https://openbazaar-slackin-drwasho.herokuapp.com/

^ Drop in your email and you’ll get an invite to join openbazaar.slack.com




OpenBazaar - Ratings, reviews and reputation

Software

Transcript of OpenBazaar - Ratings, reviews and reputation